feat: add full project - backend, frontend, docker, specs and configs

2026-04-20 23:59:45 -03:00 · 2026-04-20 23:59:45 -03:00 · e6cb06255b
commit e6cb06255b
parent b77c7d5a01
24489 changed files with 61341 additions and 36 deletions
--- a/backend/app/utils/auth.py
+++ b/backend/app/utils/auth.py
@ -0,0 +1,67 @@
+from app.models.user import ClientUser
+
+
+def require_admin(f):
+    @wraps(f)
+    def decorated(*args, **kwargs):
+        auth_header = request.headers.get("Authorization", "")
+        if not auth_header.startswith("Bearer "):
+            return jsonify({"error": "Não autorizado."}), 401
+
+        token = auth_header[7:]
+        try:
+            payload = jwt.decode(
+                token,
+                current_app.config["JWT_SECRET_KEY"],
+                algorithms=["HS256"],
+            )
+            user_id = payload.get("sub")
+            if not user_id:
+                return jsonify({"error": "Não autorizado."}), 401
+
+            user = ClientUser.query.get(user_id)
+            if not user or user.role != "admin":
+                return jsonify({"error": "Acesso restrito a administradores."}), 403
+
+            g.current_user_id = user_id
+            g.current_user = user
+            return f(*args, **kwargs)
+        except jwt.ExpiredSignatureError:
+            return jsonify({"error": "Não autorizado."}), 401
+        except jwt.InvalidTokenError:
+            return jsonify({"error": "Não autorizado."}), 401
+
+    return decorated
+
+
+import jwt
+from functools import wraps
+from flask import request, g, current_app, jsonify
+
+
+def require_auth(f):
+    @wraps(f)
+    def decorated(*args, **kwargs):
+        auth_header = request.headers.get("Authorization", "")
+        if not auth_header.startswith("Bearer "):
+            return jsonify({"error": "Não autorizado."}), 401
+
+        token = auth_header[7:]
+        try:
+            payload = jwt.decode(
+                token,
+                current_app.config["JWT_SECRET_KEY"],
+                algorithms=["HS256"],
+            )
+            user_id = payload.get("sub")
+            if not user_id:
+                return jsonify({"error": "Não autorizado."}), 401
+
+            g.current_user_id = user_id
+            return f(*args, **kwargs)
+        except jwt.ExpiredSignatureError:
+            return jsonify({"error": "Não autorizado."}), 401
+        except jwt.InvalidTokenError:
+            return jsonify({"error": "Não autorizado."}), 401
+
+    return decorated