from fastapi import Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer from sqlmodel import Session from app.db.session import get_session from app.core.security import decode_token from app.models.models import User oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/auth/login") def get_db(): yield from get_session() def get_current_user(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)) -> User: try: payload = decode_token(token) user_id = int(payload.get("sub")) except Exception: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token") user = db.get(User, user_id) if not user: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="User not found") return user