1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
from fastapi import APIRouter, Depends, HTTPException, Request
from sqlalchemy.ext.asyncio import AsyncSession
from app.auth.jwt import decode_token
from app.models.user import User
from app.utils.db import get_async_session
router = APIRouter(tags=["auth"])
async def get_current_user_from_cookie(
request: Request,
session: AsyncSession = Depends(get_async_session),
):
token = request.cookies.get("access_token")
if not token:
raise HTTPException(status_code=401, detail="Unauthorized")
payload = decode_token(token)
user_id = int(payload.get("sub"))
user = await User.get_user_by_id(user_id, session=session)
if not user:
raise HTTPException(status_code=404, detail="User not found")
if user.token_version != payload.get("token_version"):
raise HTTPException(status_code=401, detail="Token revoked")
return user
@router.get("/me")
async def read_current_user(user: User = Depends(get_current_user_from_cookie)):
return {
"id": user.id,
"username": user.username,
"email": user.email,
"premium": user.premium,
"is_banned": user.is_banned,
"is_moderator": user.is_moderator,
}
|
