| from fastapi import Depends, HTTPException, status |
| from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer |
| from jose import JWTError, jwt |
|
|
| from app.core.config import get_settings |
|
|
|
|
| bearer = HTTPBearer(auto_error=False) |
|
|
|
|
| def require_auth(credentials: HTTPAuthorizationCredentials | None = Depends(bearer)) -> dict: |
| settings = get_settings() |
| if not settings.enable_auth: |
| return {"sub": "local-dev"} |
| if not credentials: |
| raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Missing bearer token") |
| try: |
| return jwt.decode( |
| credentials.credentials, |
| settings.jwt_secret_key, |
| algorithms=[settings.jwt_algorithm], |
| ) |
| except JWTError as exc: |
| raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token") from exc |
|
|
|
|