This commit is contained in:
2026-05-12 16:00:12 +02:00
parent 138b87595c
commit 7e4bb9f726
9 changed files with 117 additions and 37 deletions
+15 -2
View File
@@ -12,9 +12,22 @@ def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(securit
with Session(engine) as session:
query = select(User).where(User.username == payload["username"]).limit(1)
user: User = session.exec(query).first()
if user == None:
if user is None:
raise HTTPException(
status_code = status.HTTP_401_UNAUTHORIZED,
detail="Credenciales invalidas"
)
return user
if user.password_version != payload["pwd_v"]:
raise HTTPException(
status_code = status.HTTP_401_UNAUTHORIZED,
detail = "Credenciales invalidas"
)
return user
def get_staff_user(user: User = Depends(get_current_user)) -> User:
if not user.is_staff:
raise HTTPException(
status_code = status.HTTP_403_FORBIDDEN,
detail = "This user needs to be an Staff to access this resource"
)
return user