init commit

src/presentation/decorators/auth.py

@@ -0,0 +1,36 @@
+from fastapi import Depends, Request
+from fastapi.security.utils import get_authorization_scheme_param
+from src.application.contracts import IJwtService
+from src.application.domain.exceptions import ApplicationException
+from src.application.domain.dto import AccessTokenPayload, AuthContext
+from src.presentation.dependencies import get_jwt_service
+
+
+def _extract_access_token(request: Request) -> str | None:
+    token = request.cookies.get('access_token')
+
+    if token:
+        return token
+
+    auth = request.headers.get('Authorization')
+    if auth:
+        scheme, param = get_authorization_scheme_param(auth)
+        if scheme.lower() == 'bearer' and param:
+            return param
+
+    return None
+
+
+async def require_access_token(
+    request: Request,
+    jwt_service: IJwtService = Depends(get_jwt_service),
+) -> AuthContext:
+    token = _extract_access_token(request)
+    if not token:
+        raise ApplicationException(status_code=401, message='Not authenticated')
+
+    payload: AccessTokenPayload = await jwt_service.decode_access_token(token)
+    if payload.type != 'access':
+        raise ApplicationException(status_code=401, message='Invalid token type')
+
+    return AuthContext(user_id=payload.sub, sid=payload.sid, token=payload)