9dfe000f2d
- Rename get_current_user to get_current_user_id in auth/deps.py to clarify intent - Remove legacy /me, /logout routes, and placeholder function from auth/__init__.py - Remove dependency_overrides from app/main.py - Update CustomContext to resolve and cache full User objects via db query
23 lines
674 B
Python
23 lines
674 B
Python
from fastapi import Request, HTTPException
|
|
import os
|
|
from dotenv import load_dotenv
|
|
|
|
from .tokens import decode_token
|
|
|
|
load_dotenv()
|
|
|
|
JWT_SECRET = os.getenv("JWT_SECRET")
|
|
JWT_ALGORITHM = os.getenv("JWT_ALGORITHM", "HS256")
|
|
|
|
def get_current_user_id(request: Request):
|
|
"""仅从 Cookie 中提取并解密出用户的 user_id (sub)"""
|
|
token = request.cookies.get("access_token")
|
|
|
|
if not token:
|
|
raise HTTPException(status_code=401, detail="Not authenticated")
|
|
|
|
try:
|
|
payload = decode_token(token, JWT_SECRET, algorithms=[JWT_ALGORITHM])
|
|
return payload["sub"]
|
|
except:
|
|
raise HTTPException(status_code=401, detail="Invalid token") |