Mireya Cueto Garrido
40 lines
1.1 KiB
Python
40 lines
1.1 KiB
Python
import secrets
|
|
from passlib.context import CryptContext
|
|
from fastapi import Depends, HTTPException, status
|
|
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
|
|
from api.database.mongodb import users_collection
|
|
from bson import ObjectId
|
|
|
|
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
|
|
|
|
|
def hash_password(password: str) -> str:
|
|
return pwd_context.hash(password)
|
|
|
|
|
|
def verify_password(plain_password: str, hashed_password: str) -> bool:
|
|
return pwd_context.verify(plain_password, hashed_password)
|
|
|
|
|
|
def generate_token() -> str:
|
|
return secrets.token_hex(32) # 64 caracteres seguros
|
|
|
|
|
|
security_scheme = HTTPBearer()
|
|
|
|
|
|
async def get_current_user(
|
|
credentials: HTTPAuthorizationCredentials = Depends(security_scheme),
|
|
):
|
|
token = credentials.credentials
|
|
|
|
user = await users_collection.find_one({"token": token})
|
|
if not user:
|
|
raise HTTPException(
|
|
status_code=status.HTTP_401_UNAUTHORIZED,
|
|
detail="Token inválido o usuario no autenticado",
|
|
)
|
|
|
|
# devolvemos el documento tal cual (dict)
|
|
user["id"] = str(user["_id"])
|
|
return user |