fix: switch manager auth from OAuth2PasswordBearer to HTTPBearer
OAuth2PasswordBearer caused Swagger UI to show a username/password/ client_id form instead of a simple token input, making the docs unusable for testing. HTTPBearer shows a plain 'Bearer token' field, consistent with how the local_backend handles auth. No runtime behaviour change — token extraction is identical. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -1,6 +1,6 @@
|
||||
from datetime import datetime, timedelta, timezone
|
||||
from fastapi import APIRouter, Depends, HTTPException, status
|
||||
from fastapi.security import OAuth2PasswordBearer
|
||||
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
|
||||
from jose import jwt, JWTError
|
||||
from passlib.context import CryptContext
|
||||
from sqlalchemy.orm import Session
|
||||
@@ -17,16 +17,16 @@ from schemas.manager import (
|
||||
|
||||
router = APIRouter()
|
||||
_pwd = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
_manager_oauth2 = OAuth2PasswordBearer(tokenUrl="/api/manager/login")
|
||||
_bearer = HTTPBearer()
|
||||
|
||||
ALGORITHM = "HS256"
|
||||
|
||||
|
||||
# ── Shared dependency: decode manager JWT ─────────────────────────────────────
|
||||
|
||||
def _get_current_manager(token: str = Depends(_manager_oauth2), db: Session = Depends(get_db)) -> ManagerAccount:
|
||||
def _get_current_manager(credentials: HTTPAuthorizationCredentials = Depends(_bearer), db: Session = Depends(get_db)) -> ManagerAccount:
|
||||
try:
|
||||
payload = jwt.decode(token, settings.MANAGER_JWT_SECRET, algorithms=[ALGORITHM])
|
||||
payload = jwt.decode(credentials.credentials, settings.MANAGER_JWT_SECRET, algorithms=[ALGORITHM])
|
||||
manager_id = int(payload.get("sub", 0))
|
||||
except (JWTError, ValueError):
|
||||
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token")
|
||||
|
||||
Reference in New Issue
Block a user