Working on API

2025-09-25 22:58:31 +02:00
parent 48f5b009ae
commit 1f7ef200e7
16 changed files with 618 additions and 63 deletions
--- a/src/file-processor/app/api/dependencies.py
+++ b/src/file-processor/app/api/dependencies.py
@@ -0,0 +1,100 @@
+import jwt
+from fastapi import Depends, HTTPException
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from jwt import InvalidTokenError
+from starlette import status
+
+from app.config import settings
+from app.database.connection import get_database
+from app.models.auth import UserRole
+from app.models.user import UserInDB
+from app.services.auth_service import AuthService
+from app.services.user_service import UserService
+
+security = HTTPBearer()
+
+
+def get_auth_service() -> AuthService:
+  """Dependency to get AuthService instance."""
+  return AuthService()
+
+
+def get_user_service() -> UserService:
+  """Dependency to get UserService instance."""
+  database = get_database()
+  return UserService(database)
+
+
+def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(security),
+    user_service: UserService = Depends(get_user_service)
+) -> UserInDB:
+  """
+  Dependency to get current authenticated user from JWT token.
+
+  Args:
+      credentials: HTTP Bearer credentials
+      user_service: Auth service instance
+
+  Returns:
+      User: Current authenticated user
+
+  Raises:
+      HTTPException: If token is invalid or user not found
+  """
+  try:
+    payload = jwt.decode(
+      credentials.credentials,
+      settings.get_jwt_secret_key(),
+      algorithms=[settings.get_jwt_algorithm()]
+    )
+    username: str = payload.get("sub")
+    if username is None:
+      raise HTTPException(
+        status_code=status.HTTP_401_UNAUTHORIZED,
+        detail="Could not validate credentials",
+        headers={"WWW-Authenticate": "Bearer"},
+      )
+  except InvalidTokenError:
+    raise HTTPException(
+      status_code=status.HTTP_401_UNAUTHORIZED,
+      detail="Could not validate credentials",
+      headers={"WWW-Authenticate": "Bearer"},
+    )
+  
+  user = user_service.get_user_by_username(username)
+  if user is None:
+    raise HTTPException(
+      status_code=status.HTTP_401_UNAUTHORIZED,
+      detail="Could not validate credentials",
+      headers={"WWW-Authenticate": "Bearer"},
+    )
+  
+  if not user.is_active:
+    raise HTTPException(
+      status_code=status.HTTP_400_BAD_REQUEST,
+      detail="Inactive user"
+    )
+  
+  return user
+
+
+def get_admin_user(current_user: UserInDB = Depends(get_current_user)) -> UserInDB:
+  """
+  Dependency to ensure current user has admin role.
+
+  Args:
+      current_user: Current authenticated user
+
+  Returns:
+      User: Current user if admin
+
+  Raises:
+      HTTPException: If user is not admin
+  """
+  if current_user.role != UserRole.ADMIN:
+    raise HTTPException(
+      status_code=status.HTTP_403_FORBIDDEN,
+      detail="Not enough permissions"
+    )
+  return current_user