Hugging Face's logo

Spaces:
msfdfsd
/
evolution-todo-api
Runtime error

App Files Community
evolution-todo-api
File size: 1,557 Bytes
e3ce5e3
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
"""

JWT Authentication Middleware.



Task: 1.5

Spec: specs/features/authentication.md

"""
from fastapi import HTTPException, Depends, status
from fastapi.security import HTTPBearer
import jwt
import os

security = HTTPBearer()

# JWT Configuration
JWT_SECRET = os.getenv("JWT_SECRET", "your-secret-key-min-32-chars")
JWT_ALGORITHM = "HS256"


async def verify_token(credentials = Depends(security)) -> str:
    """

    Verify JWT token and extract user_id.



    Args:

        credentials: HTTP Bearer credentials from request header



    Returns:

        str: user_id extracted from token payload



    Raises:

        HTTPException: 401 if token is invalid or expired

    """
    token = credentials.credentials

    try:
        # Decode and verify JWT token
        payload = jwt.decode(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])

        # Extract user_id from payload
        user_id = payload.get("user_id")

        if not user_id:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail="Invalid token: user_id not found"
            )

        return user_id

    except jwt.ExpiredSignatureError:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Token expired. Please login again."
        )
    except jwt.InvalidTokenError:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid token. Please login again."
        )