o ,h@sddlmZmZddlmZddlmZmZddlmZm Z ddl m Z ddl m Z ddlmZmZedd Zed d ZGd d d e ZGd ddZeefdedefddZeefdedefddZdefddZdefddZdS))Depends HTTPException)OAuth2PasswordBearer)JWTErrorjwt)datetime timedelta)settings) BaseModel)LiteralOptionalz/FASTAPI/user/login)tokenUrlz/FASTAPI/student/loginc@sNeZdZUdZeeed<dZeeed<eded<eded<e ed<dS) JWTPayloadSchemaNuser_id student_id)studentadminuser user_type)rr superadmin user_roleexp) __name__ __module__ __qualname__rr int__annotations__rr rrr8/var/www/html/RetailAPI/app/dependency/authantication.pyrs    rc@s8eZdZededefddZededefddZdS) JWTManagerdatareturncCs:tttjd}||_|jdd}tj|tj tj dS)N)minutesT) exclude_none) algorithm) rutcnowrr ACCESS_TOKEN_EXPIRE_MINUTESrdictrencode SECRET_KEY ALGORITHM)r expirepayloadrrrcreate_access_tokens zJWTManager.create_access_tokentokenc Csz3tj|tjtjgd}hd}||stdddtt |dkr,tdddt d i|WSt y@tdd dt yV}z td d t |dd}~ww) N) algorithms>rrrizInvalid token structure status_codedetailrzToken has expiredzInvalid or tampered tokenizInternal error: r)rdecoder r)r*issubsetrrr%utcfromtimestamprr Exceptionstr)r.r, required_keyserrr verify_tokens     zJWTManager.verify_tokenN)rrr staticmethodrr8r-r;rrrrrs rr.r!cC t|SNrr;r.rrrget_current_user3 rAcCr=r>r?r@rrrget_current_student8rBrC allowed_rolescttfdtffdd }|S)N current_userc|jvr tddd|SNr3z#Access forbidden: insufficient roler0rr)rFrDrr role_checker>  z!allow_roles..role_checker)rrArrDrKrrJr allow_roles=rNcrE)Ncurrent_studentcrGrHrI)rPrJrrrKHrLz)allow_student_roles..role_checker)rrCrrMrrJrallow_student_rolesGrOrQN)fastapirrfastapi.securityrjoserrrr app.configr pydanticr typingr r user_oauth2_schemestudent_oauth2_schemerrr8rArCrNrQrrrrs