curo/kite - kite - Gitea: Git with a cup of tea

curo/kite

Fork 0

Commit Graph

Author	SHA1	Message	Date
curo1305	c4613b6b87	feat(02-01): implement deps/auth.py FastAPI dependency chain with tests - get_current_user: validates Bearer JWT via decode_access_token, loads User from DB raises HTTP 401 on invalid/expired token, missing user, or deactivated account - get_current_admin: wraps get_current_user, raises HTTP 403 on role != 'admin' (T-02-07) - Admin impersonation architecturally excluded (ADMIN-07, T-02-08) — no code path bypasses role check - tests/test_auth_deps.py: 7 tests covering happy path, tampered token, inactive user, 403 non-admin, 200 admin	2026-05-22 19:25:16 +02:00

Author

SHA1

Message

Date

curo1305

c4613b6b87

feat(02-01): implement deps/auth.py FastAPI dependency chain with tests

- get_current_user: validates Bearer JWT via decode_access_token, loads User from DB
  raises HTTP 401 on invalid/expired token, missing user, or deactivated account
- get_current_admin: wraps get_current_user, raises HTTP 403 on role != 'admin' (T-02-07)
- Admin impersonation architecturally excluded (ADMIN-07, T-02-08) — no code path bypasses role check
- tests/test_auth_deps.py: 7 tests covering happy path, tampered token, inactive user, 403 non-admin, 200 admin

2026-05-22 19:25:16 +02:00

1 Commits