Hiddenden/DevDen
Archived
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
This repository has been archived on 2026-01-19. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
main
DevDen/backend/app/middleware/auth.py

46 lines
1.3 KiB
Python
Raw Permalink Blame History

import jwt
from fastapi import HTTPException, Request, status
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
from ..config import settings
security = HTTPBearer(auto_error=False)
def decode_jwt_token(token: str) -> dict:
"""Decode and validate JWT token"""
try:
payload = jwt.decode(
token, settings.JWT_SECRET, algorithms=[settings.JWT_ALGORITHM]
)
return payload
except jwt.ExpiredSignatureError:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED, detail="Token expired"
)
except jwt.InvalidTokenError:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token"
)
async def require_auth(request: Request):
"""Dependency to require authentication"""
auth_header = request.headers.get("Authorization")
if not auth_header:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated"
)
if not auth_header.startswith("Bearer "):
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Invalid authorization header",
)
token = auth_header[7:] # Remove "Bearer " prefix
user = decode_jwt_token(token)
request.state.user = user
return user
Reference in New Issue View Git Blame Copy Permalink