Spaces:
Sleeping
Sleeping
File size: 1,515 Bytes
923cd30 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
from fastapi import Depends, HTTPException, status
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from firebase_admin import auth
from .firebase import db
security = HTTPBearer()
def get_user(credentials: HTTPAuthorizationCredentials = Depends(security)):
try:
token = credentials.credentials
decoded_token = auth.verify_id_token(token)
# Récupérer le rôle depuis Firestore
user_id = decoded_token['uid']
user_doc = db.collection('users').document(user_id).get()
if not user_doc.exists:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="User not found in Firestore"
)
# Ajouter le rôle aux informations du token
user_data = user_doc.to_dict()
decoded_token['role'] = user_data.get('role', 'user_extern')
return decoded_token
except Exception as e:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail=f"Invalid authentication credentials: {str(e)}"
)
def require_role(allowed_roles):
def role_checker(user_info=Depends(get_user)):
if user_info['role'] not in allowed_roles:
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Insufficient permissions"
)
return user_info
return role_checker |