21 lines
758 B
Python
21 lines
758 B
Python
import jwt
|
|
from fastapi import Depends, HTTPException
|
|
from fastapi.security import OAuth2PasswordBearer
|
|
import os
|
|
|
|
# Secret key dari .env
|
|
SECRET_KEY = os.getenv("SECRET_KEY", "supersecretkey")
|
|
ALGORITHM = "HS256"
|
|
|
|
# Pakai Bearer Token saja, tanpa OAuth2PasswordBearer
|
|
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="auth/login")
|
|
|
|
def verify_token(token: str = Depends(oauth2_scheme)):
|
|
try:
|
|
payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
|
|
return payload # Jika token valid, kembalikan payload
|
|
except jwt.ExpiredSignatureError:
|
|
raise HTTPException(status_code=401, detail="Token expired")
|
|
except jwt.InvalidTokenError:
|
|
raise HTTPException(status_code=401, detail="Invalid token")
|