Devr.AI/backend/app/core/dependencies.py at cea55a8eba16059c9c2098b58c1f128e2da7436d · smokeyScraper/Devr.AI · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
from fastapi import Header, HTTPException, status, Request
from uuid import UUID
from app.database.supabase.client import get_supabase_client
import logging
from typing import TYPE_CHECKING

if TYPE_CHECKING:
    from main import DevRAIApplication

logger = logging.getLogger(__name__)


def get_app_instance(request: Request) -> "DevRAIApplication":
    """Get the application instance from FastAPI app state."""
    return request.app.state.app_instance


async def get_current_user(authorization: str = Header(None)) -> UUID:
    """
    Get the current authenticated user from the Supabase JWT token.

    Args:
        authorization: The Authorization header containing the Bearer token

    Returns:
        UUID: The user's ID

    Raises:
        HTTPException: If authentication fails
    """
    if not authorization:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Missing authorization header",
            headers={"WWW-Authenticate": "Bearer"},
        )

    if not authorization.startswith("Bearer "):
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid authorization header format. Expected 'Bearer <token>'",
            headers={"WWW-Authenticate": "Bearer"},
        )

    token = authorization.replace("Bearer ", "")

    try:
        supabase = get_supabase_client()
        # Verify the token and get user
        user_response = supabase.auth.get_user(token)

        if not user_response or not user_response.user:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail="Invalid or expired token",
                headers={"WWW-Authenticate": "Bearer"},
            )

        return UUID(user_response.user.id)

    except HTTPException:
        raise
    except Exception as e:
        logger.exception("Authentication error")
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Authentication failed",
            headers={"WWW-Authenticate": "Bearer"},
        ) from e