Refactor authentication logic to utilize OAuth2PasswordBearer for token extraction and improve code readability

main.py

@@ -1,5 +1,5 @@
-from fastapi import FastAPI, HTTPException, Depends, status, APIRouter, Request
-from fastapi.security import OAuth2PasswordRequestForm
+from fastapi import FastAPI, HTTPException, Depends, status, APIRouter
+from fastapi.security import OAuth2PasswordRequestForm, OAuth2PasswordBearer
 from fastapi.middleware.cors import CORSMiddleware
 from datetime import datetime, timedelta, timezone
 from passlib.context import CryptContext
@@ -24,6 +24,9 @@ app = FastAPI()
 #     allow_headers=["*"],
 # )
 
+# Define the OAuth2 scheme for OpenAPI docs.
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/v1/auth/login")
+
 # Password hashing utilities
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
@@ -219,16 +222,8 @@ def create_access_token(data: dict, expires_delta: timedelta = None):
     encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
     return encoded_jwt
 
-async def get_current_user(request: Request):
-    auth_header = request.headers.get("Authorization")
-    if not auth_header:
-        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated")
-    
-    parts = auth_header.split()
-    if len(parts) != 2 or parts[0].lower() != "bearer":
-        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid authorization header format")
-    
-    token = parts[1]
+# Updated get_current_user now uses OAuth2PasswordBearer for token extraction.
+async def get_current_user(token: str = Depends(oauth2_scheme)):
     try:
         payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
         username: str = payload.get("sub")
@@ -313,9 +308,16 @@ def update_existing_user(user_id: int, user_update: UserUpdate, current_user: di
     new_username = user_update.username if user_update.username else None
     new_email = user_update.email if user_update.email else None
     new_password_hash = hash_password(user_update.password) if user_update.password else None
-    database.update_user(user_id, username=new_username, email=new_email, password_hash=new_password_hash,
-                         first_name=user_update.first_name, last_name=user_update.last_name,
-                         bio=user_update.bio, profile_picture=user_update.profile_picture)
+    database.update_user(
+        user_id,
+        username=new_username,
+        email=new_email,
+        password_hash=new_password_hash,
+        first_name=user_update.first_name,
+        last_name=user_update.last_name,
+        bio=user_update.bio,
+        profile_picture=user_update.profile_picture
+    )
     updated_user = database.get_user_by_id(user_id)
     return updated_user
 
@@ -336,7 +338,7 @@ def login(form_data: OAuth2PasswordRequestForm = Depends()):
     if not user:
         raise HTTPException(status_code=400, detail="Incorrect username or password")
     access_token = create_access_token(data={"sub": user["username"]})
-    # Instead of setting a cookie, return the token so clients can include it in the "Authorization" header.
+    # Return the token so clients can include it in the "Authorization" header.
     return {"access_token": access_token, "token_type": "bearer"}
 
 @auth_router.get("/me", response_model=UserOut)