fix

2026-01-28 22:31:17 +01:00
parent 8ff0f22682
commit 7ca168c34c
14 changed files with 576 additions and 145 deletions
--- a/backend/utils/security.py
+++ b/backend/utils/security.py
@@ -2,7 +2,7 @@ from datetime import datetime, timedelta
 from typing import Optional
 from jose import JWTError, jwt
 from passlib.context import CryptContext
-from fastapi import Depends, HTTPException, status
+from fastapi import Depends, HTTPException, status, Request
 from fastapi.security import OAuth2PasswordBearer
 from sqlalchemy.orm import Session
 from config.settings import settings
@@ -11,7 +11,9 @@ from models.user import User
 from schemas.user import TokenData

 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
-oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login")
+
+# OAuth2 scheme avec auto_error=False pour pouvoir logger les erreurs
+oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/api/auth/login", auto_error=False)

 def verify_password(plain_password: str, hashed_password: str) -> bool:
    """Verify a plain password against a hashed password."""
@@ -45,17 +47,42 @@ def verify_token(token: str, credentials_exception) -> TokenData:
    except JWTError:
        raise credentials_exception

-async def get_current_user(token: str = Depends(oauth2_scheme), db: Session = Depends(get_db)) -> User:
+async def get_current_user(
+    token: Optional[str] = Depends(oauth2_scheme), 
+    db: Session = Depends(get_db)
+) -> User:
    """Get the current authenticated user."""
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
-    token_data = verify_token(token, credentials_exception)
+    
+    # Log si pas de token
+    if token is None:
+        print("❌ AUTH: No token provided in Authorization header")
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Not authenticated - no token provided",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    
+    # Log le token (premiers caractères seulement pour la sécurité)
+    print(f"🔐 AUTH: Token received, length={len(token)}, preview={token[:20]}...")
+    
+    try:
+        token_data = verify_token(token, credentials_exception)
+        print(f"✅ AUTH: Token valid for user_id={token_data.user_id}")
+    except HTTPException as e:
+        print(f"❌ AUTH: Token validation failed - {e.detail}")
+        raise
+    
    user = db.query(User).filter(User.id == token_data.user_id).first()
    if user is None:
+        print(f"❌ AUTH: User not found for id={token_data.user_id}")
        raise credentials_exception
+    
+    print(f"✅ AUTH: User authenticated: {user.username}")
    return user

 async def get_current_active_user(current_user: User = Depends(get_current_user)) -> User: