g_solution / app /core /auth.py
minhvtt's picture
Upload 23 files
5b977f1 verified
Raw
History Blame Contribute Delete
1.05 kB
from typing import Literal
from fastapi import Header, HTTPException
from pydantic import BaseModel
class AuthUser(BaseModel):
username: str
role: Literal["admin", "sensitive_admin"]
def issue_token(user: AuthUser) -> str:
return f"dev-token::{user.username}::{user.role}"
def parse_token(token: str) -> AuthUser | None:
parts = token.split("::")
if len(parts) != 3 or parts[0] != "dev-token":
return None
username = parts[1]
role = parts[2]
if role not in {"admin", "sensitive_admin"}:
return None
return AuthUser(username=username, role=role)
def get_current_web_user(authorization: str | None = Header(default=None)) -> AuthUser:
if not authorization or not authorization.lower().startswith("bearer "):
raise HTTPException(status_code=401, detail="Missing bearer token")
token = authorization[7:]
user = parse_token(token)
if user is None:
raise HTTPException(status_code=401, detail="Invalid token")
return user