Marius Mutu
907b7be0fd
- FastAPI app with lifespan, CORS, health endpoint - SQLAlchemy 2.0 async with aiosqlite, Base/UUIDMixin/TenantMixin/TimestampMixin - Tenant and User models with multi-tenant isolation - Auth: register (creates tenant+user), login, /me endpoint - JWT HS256 tokens, bcrypt password hashing - Alembic async setup with initial migration - 6 passing tests (register, login, wrong password, me, no token, health) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
23 lines
714 B
Python
23 lines
714 B
Python
from fastapi import Depends, HTTPException, status
|
|
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
|
|
from jose import JWTError, jwt
|
|
|
|
from app.config import settings
|
|
|
|
bearer = HTTPBearer(auto_error=False)
|
|
|
|
|
|
async def get_current_user(
|
|
creds: HTTPAuthorizationCredentials | None = Depends(bearer),
|
|
) -> dict:
|
|
if creds is None:
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
|
|
try:
|
|
return jwt.decode(creds.credentials, settings.SECRET_KEY, algorithms=["HS256"])
|
|
except JWTError:
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
|
|
|
|
|
|
async def get_tenant_id(user: dict = Depends(get_current_user)) -> str:
|
|
return user["tenant_id"]
|