from fastapi import Depends, HTTPException, status from jose import jwt from pydantic import ValidationError from sqlalchemy.orm import Session from app.core.auth import oauth2_scheme from app.core.config import settings from app.crud.crud_user import get_user_by_email from app.db.session import get_db from app.models.user import User from app.schemas.token import TokenPayload def get_current_user( db: Session = Depends(get_db), token: str = Depends(oauth2_scheme) ) -> User: """ Get current user from JWT token """ try: payload = jwt.decode( token, settings.SECRET_KEY, algorithms=[settings.ALGORITHM] ) token_data = TokenPayload(**payload) except (jwt.JWTError, ValidationError): raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Could not validate credentials", headers={"WWW-Authenticate": "Bearer"}, ) user = get_user_by_email(db, email=token_data.sub) if not user: raise HTTPException( status_code=status.HTTP_404_NOT_FOUND, detail="User not found" ) if not user.is_active: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Inactive user" ) return user