from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from jose import jwt, JWTError from .utils.db import tinydb_helper # Ensure correct import path from .utils.jwt_utils import SECRET_KEY, ALGORITHM # Ensure these are defined in your jwt_utils.py oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") def decode_access_token(token: str, credentials_exception) -> dict: try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) user_id: str = payload.get("sub") name: str = payload.get("name") role: str = payload.get("role") if user_id is None or name is None or role is None: raise credentials_exception return {"user_id": user_id, "name": name, "role": role} except jwt.PyJWTError: raise credentials_exception async def get_current_user(token: str = Depends(oauth2_scheme)) -> dict: credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) return decode_access_token(token, credentials_exception)