21 lines
713 B
Python
21 lines
713 B
Python
from fastapi import Depends, status
|
|
from api.deps.auth_dependency import get_current_user
|
|
from response import errorRes
|
|
|
|
def require_role(required_role: str):
|
|
"""
|
|
Return a dependency function that ensures the current user has a specific role.
|
|
Example usage:
|
|
@router.get("/admin", dependencies=[Depends(require_role("admin"))])
|
|
"""
|
|
async def role_checker(user = Depends(get_current_user)):
|
|
if user.role != required_role:
|
|
raise errorRes(
|
|
status_code=status.HTTP_403_FORBIDDEN,
|
|
message="Access denied",
|
|
detail=f"Access denied: requires role '{required_role}'",
|
|
)
|
|
return user
|
|
|
|
return role_checker
|