nessi/NexaPantry
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
10a06791db9cbe10cd7fd8ac7b8b8599e5469626
NexaPantry/backend/app/api/deps.py
nessi 3792ca55e7
Some checks failed
CI / backend (push) Failing after 31s
Details
CI / frontend (push) Successful in 40s
Details
CI / docker (push) Has been skipped
Details
chore: initial project setup with backend, frontend, and infrastructure 
Add complete NexaPantry application structure including:
- Docker Compose configuration with PostgreSQL, Redis, FastAPI backend, worker, frontend and Caddy
- Environment configuration template with database, auth, and service settings
- GitHub Actions CI workflow for backend/frontend linting, testing, auditing and Docker builds
- AGPL-3.0 license and comprehensive README with setup, development, and security documentation
- Backend
2026-06-04 10:26:38 +02:00

54 lines
2.2 KiB
Python
Raw Blame History

from fastapi import Depends, HTTPException, Request, status
from sqlalchemy import select
from sqlalchemy.orm import Session
from app.core.security import decode_session_token
from app.db.session import get_db
from app.models.entities import HomeMembership, InstanceRole, User
def current_user(request: Request, db: Session = Depends(get_db)) -> User:
token = request.cookies.get("np_session")
user_id = decode_session_token(token) if token else None
if not user_id:
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated")
user = db.get(User, user_id)
if not user or not user.is_active:
raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated")
return user
def current_admin(user: User = Depends(current_user)) -> User:
if user.instance_role != InstanceRole.ADMIN:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Admin required")
return user
def require_home_member(home_id: str, db: Session, user: User) -> HomeMembership:
membership = db.scalar(
select(HomeMembership).where(
HomeMembership.home_id == home_id,
HomeMembership.user_id == user.id,
)
)
if not membership and user.instance_role != InstanceRole.ADMIN:
raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail="Home not found")
if not membership:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Home membership required")
return membership
def require_home_write(home_id: str, db: Session, user: User) -> HomeMembership:
membership = require_home_member(home_id, db, user)
if membership.role == "read_only" and user.instance_role != InstanceRole.ADMIN:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Read-only home")
return membership
def require_home_owner(home_id: str, db: Session, user: User) -> HomeMembership:
membership = require_home_member(home_id, db, user)
if membership.role != "home_owner" and user.instance_role != InstanceRole.ADMIN:
raise HTTPException(status_code=status.HTTP_403_FORBIDDEN, detail="Home owner required")
return membership
Reference in New Issue View Git Blame Copy Permalink