first commit

app/core/dependencies.py

@@ -0,0 +1,25 @@
+from fastapi import Depends
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from app.core.database import get_db  # noqa: F401
+from app.core.security import decode_token
+from app.core.exceptions import UnauthorizedError
+from app.models import User
+
+security_scheme = HTTPBearer()
+
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(security_scheme),
+    db: AsyncSession = Depends(get_db),
+) -> User:
+    payload = decode_token(credentials.credentials)
+    if not payload or payload.get("type") != "access":
+        raise UnauthorizedError("Invalid or expired token")
+
+    user_id = payload.get("sub")
+    user = await db.get(User, user_id)
+    if not user or user.status != "active":
+        raise UnauthorizedError("User not found or disabled")
+    return user