diff options
| author | l3wdfut4pwr <l3wdfut4pwr@gmail.com> | 2026-04-02 08:39:42 +0300 |
|---|---|---|
| committer | l3wdfut4pwr <l3wdfut4pwr@gmail.com> | 2026-04-02 08:39:42 +0300 |
| commit | 69e67d049411ceb5c839386b020ce2c77ffc2847 (patch) | |
| tree | 9ec561545b64b57796ef2fd5f3fbd02239965cc1 /app/routes/me.py | |
| parent | 7e41576035cd9f0004255a7490e6691c6d989ff6 (diff) | |
minor improvements
Diffstat (limited to 'app/routes/me.py')
| -rw-r--r-- | app/routes/me.py | 54 |
1 files changed, 23 insertions, 31 deletions
diff --git a/app/routes/me.py b/app/routes/me.py index a09453c..03d0daa 100644 --- a/app/routes/me.py +++ b/app/routes/me.py @@ -1,48 +1,40 @@ -from fastapi import APIRouter, Depends, HTTPException -from fastapi.security import OAuth2PasswordBearer +from fastapi import APIRouter, Depends, HTTPException, Request from sqlalchemy.ext.asyncio import AsyncSession from app.auth.jwt import decode_token from app.models.user import User from app.utils.db import get_async_session -from app.utils.logger_cfg import logger -router = APIRouter() -oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login") +router = APIRouter(tags=["auth"]) -@router.get("/me") -async def read_current_user( - token: str = Depends(oauth2_scheme), +async def get_current_user_from_cookie( + request: Request, session: AsyncSession = Depends(get_async_session), ): - + token = request.cookies.get("access_token") if not token: - logger.warning("No token provided in /me request") raise HTTPException(status_code=401, detail="Unauthorized") - try: - payload = decode_token(token) - user_id = int(payload.get("sub")) - user = await User.get_user_by_id(user_id, session=session) + payload = decode_token(token) + user_id = int(payload.get("sub")) + user = await User.get_user_by_id(user_id, session=session) - if not user: - logger.warning("User not found in /me | id={}", user_id) - raise HTTPException(status_code=404, detail="User not found") + if not user: + raise HTTPException(status_code=404, detail="User not found") + if user.token_version != payload.get("token_version"): + raise HTTPException(status_code=401, detail="Token revoked") - logger.info("User accessed /me | id={} username={}", user.id, user.username) + return user - user_data = { - "id": user.id, - "username": user.username, - "email": user.email, - "premium": user.premium, - "is_banned": user.is_banned, - "is_moderator": user.is_moderator, - } - logger.debug("Returning /me data: {}", user_data) - return user_data - except ValueError as e: - logger.warning("Invalid token in /me request: {}", e) - raise HTTPException(status_code=401, detail="Invalid token") +@router.get("/me") +async def read_current_user(user: User = Depends(get_current_user_from_cookie)): + return { + "id": user.id, + "username": user.username, + "email": user.email, + "premium": user.premium, + "is_banned": user.is_banned, + "is_moderator": user.is_moderator, + } |