agoravaisedeusquiser

app/core/security.py

@@ -1,10 +1,12 @@
-from fastapi import Depends, HTTPException, status
-from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from fastapi import Request
 import jwt
 from pydantic import BaseModel
 from app.core.config import settings
+import textwrap
 
-security = HTTPBearer()
+class AuthException(Exception):
+    def __init__(self, message: str):
+        self.message = message
 
 class UserAuth(BaseModel):
     id: str
@@ -16,17 +18,25 @@ def format_public_key(key: str) -> str:
     footer = "-----END PUBLIC KEY-----"
     
     if header in key and footer in key:
-        # Extrai o miolo, remove todos os espaços e quebras de linha
         body = key.replace(header, "").replace(footer, "")
         body = "".join(body.split())
+        body = "\n".join(textwrap.wrap(body, width=64))
         return f"{header}\n{body}\n{footer}"
     return key
 
-def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(security)) -> UserAuth:
-    token = credentials.credentials
+def get_current_user(request: Request) -> UserAuth:
+    auth_header = request.headers.get("authorization")
+    
+    if not auth_header:
+        raise AuthException("Missing Authorization header")
+        
+    parts = auth_header.split(" ")
+    if len(parts) != 2 or parts[0].lower() != "bearer":
+        raise AuthException("Authorization must be Bearer token")
+        
+    token = parts[1]
     
     try:
-        # Garante que a chave terá o formato PEM válido, independentemente de como foi definida no .env
         public_key = format_public_key(settings.JWT_PUBLIC_KEY_PEM)
         
         payload = jwt.decode(
@@ -39,30 +49,10 @@ def get_current_user(credentials: HTTPAuthorizationCredentials = Depends(securit
         
         sub = payload.get("sub")
         if not sub or not str(sub).strip():
-            raise HTTPException(
-                status_code=status.HTTP_401_UNAUTHORIZED,
-                detail="Invalid token claims",
-                headers={"WWW-Authenticate": "Bearer"},
-            )
+            raise AuthException("Invalid token claims")
             
         return UserAuth(id=str(sub), token=token)
-    except jwt.ExpiredSignatureError:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Token expired",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
-    except jwt.InvalidTokenError:
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Invalid access token",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
     except Exception as e:
         import traceback
-        traceback.print_exc() # Imprime no log do docker para ajudar a debugar
-        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail=f"Could not validate credentials: {str(e)}",
-            headers={"WWW-Authenticate": "Bearer"},
-        )
+        traceback.print_exc()
+        raise AuthException("Invalid or expired access token")

app/main.py

@@ -1,6 +1,7 @@
-from fastapi import FastAPI, Depends
+from fastapi import FastAPI, Depends, Request
 from fastapi.middleware.cors import CORSMiddleware
-from app.core.security import get_current_user, UserAuth
+from fastapi.responses import JSONResponse
+from app.core.security import get_current_user, UserAuth, AuthException
 from app.core.config import settings
 from app.api.v1.api import api_router
 from app.db.database import Base, engine
@@ -23,6 +24,13 @@ app.add_middleware(
 
 app.include_router(api_router, prefix=settings.API_V1_STR)
 
+@app.exception_handler(AuthException)
+async def auth_exception_handler(request: Request, exc: AuthException):
+    return JSONResponse(
+        status_code=401,
+        content={"message": exc.message}
+    )
+
 @app.get("/")
 def root(current_user: UserAuth = Depends(get_current_user)):
     return {"message": "Bem-vindo ao Microsserviço de Catálogo do GameVerse"}