from fastapi import Depends, HTTPException, status from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials from sqlalchemy.orm import Session from app.database import get_db from app.core.security import verify_token, get_user_id_from_token from app.models.user import User from app.schemas.user import TokenData security = HTTPBearer() def get_current_user( credentials: HTTPAuthorizationCredentials = Depends(security), db: Session = Depends(get_db) ) -> User: """Obtenir l'utilisateur actuel à partir du token JWT""" credentials_exception = HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Impossible de valider les identifiants", headers={"WWW-Authenticate": "Bearer"}, ) token = credentials.credentials payload = verify_token(token) if payload is None: raise credentials_exception user_id: int = payload.get("user_id") if user_id is None: raise credentials_exception user = db.query(User).filter(User.id == user_id).first() if user is None: raise credentials_exception return user def get_current_active_user(current_user: User = Depends(get_current_user)) -> User: """Obtenir l'utilisateur actuel actif""" if not current_user.is_active: raise HTTPException(status_code=400, detail="Utilisateur inactif") return current_user def get_current_admin_user(current_user: User = Depends(get_current_user)) -> User: """Obtenir l'utilisateur administrateur actuel""" if not current_user.is_admin: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Permissions insuffisantes" ) return current_user def get_optional_user( credentials: HTTPAuthorizationCredentials = Depends(security), db: Session = Depends(get_db) ) -> User: """Obtenir l'utilisateur optionnel (pour les endpoints publics)""" try: token = credentials.credentials payload = verify_token(token) if payload is None: return None user_id: int = payload.get("user_id") if user_id is None: return None user = db.query(User).filter(User.id == user_id).first() return user except: return None