Spaces:

RocketFarmStudios
/

CPS-API

Sleeping

App Files Files Community

Ali2206 commited on May 22, 2025

Commit

3907a66

verified ·

1 Parent(s): 2fbe40b

Update core/security.py

Browse files

Files changed (1) hide show

core/security.py +8 -7

core/security.py CHANGED Viewed

@@ -1,3 +1,4 @@
 from datetime import datetime, timedelta
 from passlib.context import CryptContext
 from jose import jwt, JWTError
@@ -36,13 +37,14 @@ def create_access_token(data: dict, expires_delta: timedelta = None):
     logger.debug(f"Created JWT for {data.get('sub')}, expires at {expire}")
     return encoded_jwt
-# core/security.py (ensure this is the active version)
 async def get_current_user(request: Request, token: str = Depends(oauth2_scheme)):
-    logger.debug(f"Processing token: {token[:10]}...")  # Log partial token for security
-    logger.debug(f"Request headers: {dict(request.headers)}")
     if not token:
-        logger.error("No token provided in Authorization header")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="No token provided",
@@ -62,7 +64,6 @@ async def get_current_user(request: Request, token: str = Depends(oauth2_scheme)
                 headers={"WWW-Authenticate": "Bearer"}
             )
-        # Check token expiration explicitly
         exp = payload.get("exp")
         if exp and datetime.utcnow().timestamp() > exp:
             logger.error(f"Token expired for {email}")
@@ -73,7 +74,7 @@ async def get_current_user(request: Request, token: str = Depends(oauth2_scheme)
             )
     except JWTError as e:
-        logger.error(f"JWT decode error: {str(e)}")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail=f"Could not validate token: {str(e)}",
@@ -88,5 +89,5 @@ async def get_current_user(request: Request, token: str = Depends(oauth2_scheme)
             detail="User not found"
         )
-    logger.info(f"Authenticated user: {user['email']}")
     return user

+# core/security.py
 from datetime import datetime, timedelta
 from passlib.context import CryptContext
 from jose import jwt, JWTError
     logger.debug(f"Created JWT for {data.get('sub')}, expires at {expire}")
     return encoded_jwt
+# Get the current user from the JWT token
 async def get_current_user(request: Request, token: str = Depends(oauth2_scheme)):
+    auth_header = request.headers.get("Authorization", "No Authorization header")
+    logger.debug(f"Raw Authorization header: {auth_header}")
+    logger.debug(f"Processed token: {token[:10]}... if present")
     if not token:
+        logger.error(f"No token provided. Full headers: {dict(request.headers)}")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="No token provided",
                 headers={"WWW-Authenticate": "Bearer"}
             )
         exp = payload.get("exp")
         if exp and datetime.utcnow().timestamp() > exp:
             logger.error(f"Token expired for {email}")
             )
     except JWTError as e:
+        logger.error(f"JWT decode error: {str(e)}. Token: {token[:10]}...")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail=f"Could not validate token: {str(e)}",
             detail="User not found"
         )
+    logger.info(f"Authenticated user: {user['email']}, role: {user.get('role')}")
     return user