from fastapi import Depends, HTTPException, status from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer from sqlmodel import Session, select from app.connection import get_session from app.models.user import User from app.auth.utils import decode_access_token security = HTTPBearer() def get_current_user( credentials: HTTPAuthorizationCredentials = Depends(security), session: Session = Depends(get_session), ) -> User: """Извлекает текущего пользователя из JWT-токена.""" payload = decode_access_token(credentials.credentials) if payload is None: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Невалидный токен", ) user_id: int | None = payload.get("sub") if user_id is None: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Невалидный токен", ) user = session.get(User, int(user_id)) if user is None: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Пользователь не найден", ) return user def get_current_organizer( current_user: User = Depends(get_current_user), ) -> User: """Проверяет, что текущий пользователь — организатор.""" if not current_user.is_organizer: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Доступно только организаторам", ) return current_user