file_table_reader/api/deps/auth_dependency.py

from fastapi import Depends, Header
from sqlalchemy.ext.asyncio import AsyncSession
from sqlalchemy.future import select
from datetime import datetime
from response import errorRes

from database.connection import SessionLocal
from database.models import User

async def get_db():
    async with SessionLocal() as session:
        yield session


async def get_current_user(
    authorization: str = Header(None),
    db: AsyncSession = Depends(get_db)
):
    if not authorization or not authorization.startswith("Bearer "):
        raise errorRes(status_code=401, message="Missing or invalid token")

    token = authorization.split(" ")[1]
    result = await db.execute(select(User).where(User.active_token == token))
    user = result.scalar_one_or_none()

    # Case 1: Token not found → maybe replaced by new login
    if not user:
        raise errorRes(status_code=401, message="Token invalid or used by another login")

    # Case 2: Token expired
    if user.token_expired_at and user.token_expired_at < datetime.utcnow():
        raise errorRes(status_code=401, message="Token expired")

    return user
testing qgis server 2025-11-17 03:53:15 +00:00			`from fastapi import Depends, Header`
			`from sqlalchemy.ext.asyncio import AsyncSession`
			`from sqlalchemy.future import select`
			`from datetime import datetime`
			`from response import errorRes`

			`from database.connection import SessionLocal`
			`from database.models import User`

			`async def get_db():`
			`async with SessionLocal() as session:`
			`yield session`


			`async def get_current_user(`
			`authorization: str = Header(None),`
			`db: AsyncSession = Depends(get_db)`
			`):`
			`if not authorization or not authorization.startswith("Bearer "):`
			`raise errorRes(status_code=401, message="Missing or invalid token")`

			`token = authorization.split(" ")[1]`
			`result = await db.execute(select(User).where(User.active_token == token))`
			`user = result.scalar_one_or_none()`

			`# Case 1: Token not found → maybe replaced by new login`
			`if not user:`
			`raise errorRes(status_code=401, message="Token invalid or used by another login")`

			`# Case 2: Token expired`
			`if user.token_expired_at and user.token_expired_at < datetime.utcnow():`
			`raise errorRes(status_code=401, message="Token expired")`

			`return user`