Phase 1: scaffold local backend — models, schemas, routers, printer service, Docker

2026-04-20 11:22:55 +03:00
commit 4ffe27df95
44 changed files with 2729 additions and 0 deletions
--- a/local_backend/routers/deps.py
+++ b/local_backend/routers/deps.py
@@ -0,0 +1,32 @@
+from fastapi import Depends, HTTPException, status
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from sqlalchemy.orm import Session
+
+from database import get_db
+from models.user import User
+from routers.auth import decode_token
+
+bearer = HTTPBearer()
+
+
+def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(bearer),
+    db: Session = Depends(get_db),
+) -> User:
+    payload = decode_token(credentials.credentials)
+    user = db.query(User).filter(User.id == int(payload["sub"]), User.is_active == True).first()
+    if not user:
+        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="User not found")
+    return user
+
+
+def require_manager(user: User = Depends(get_current_user)) -> User:
+    if user.role not in ("manager", "sysadmin"):
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Manager access required")
+    return user
+
+
+def require_sysadmin(user: User = Depends(get_current_user)) -> User:
+    if user.role != "sysadmin":
+        raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Sysadmin access required")
+    return user