31 lines
1.1 KiB
Python
31 lines
1.1 KiB
Python
import os
|
|
from datetime import datetime, timezone
|
|
|
|
from fastapi import Depends, HTTPException, Request, status
|
|
from sqlalchemy.orm import Session as DBSession
|
|
|
|
from app.db.session import get_db
|
|
from app.db.models import Session, User
|
|
|
|
COOKIE_NAME = os.getenv("SESSION_COOKIE_NAME", "ai_chat_session")
|
|
|
|
def get_current_user(request: Request, db: DBSession = Depends(get_db)) -> User:
|
|
session_id = request.cookies.get(COOKIE_NAME)
|
|
if not session_id:
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated")
|
|
|
|
db_session = db.get(Session, session_id)
|
|
if not db_session:
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid session")
|
|
|
|
if db_session.expires_at < datetime.now(timezone.utc).replace(tzinfo=None):
|
|
db.delete(db_session)
|
|
db.commit()
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Session expired")
|
|
|
|
user = db_session.user
|
|
if not user or not user.is_active:
|
|
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="User inactive")
|
|
|
|
return user
|