feat: update backend auth and dependencies to use Supabase
This commit is contained in:
@@ -7,19 +7,19 @@ from typing import Optional
|
||||
from fastapi import APIRouter, HTTPException, WebSocket, WebSocketDisconnect, Depends
|
||||
from pydantic import BaseModel
|
||||
|
||||
from app.data.repositories.ruta_repository import SQLiteRutaRepository
|
||||
from app.data.repositories.ruta_repository import SupabaseRutaRepository
|
||||
from app.services.simulador import obtener_simulador
|
||||
from app.services.ws_manager import ws_manager
|
||||
from app.core.cache import cached, cache_client, invalidate_route_cache
|
||||
from app.core.dependencies import get_current_user
|
||||
from app.db.database import get_connection
|
||||
from app.db.database import get_db
|
||||
|
||||
router = APIRouter()
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def _repo() -> SQLiteRutaRepository:
|
||||
return SQLiteRutaRepository()
|
||||
def _repo() -> SupabaseRutaRepository:
|
||||
return SupabaseRutaRepository()
|
||||
|
||||
|
||||
# ── GET /eta/{address_id} con caché ─────────────────────────────────────────
|
||||
@@ -35,14 +35,15 @@ async def get_eta(
|
||||
Cacheado por 30 segundos para evitar consultas repetidas.
|
||||
"""
|
||||
# Verificar que el domicilio pertenece al usuario (RBAC)
|
||||
conn = get_connection()
|
||||
addr = conn.execute(
|
||||
"SELECT user_id FROM addresses WHERE id = ?", (address_id,)
|
||||
).fetchone()
|
||||
conn.close()
|
||||
|
||||
if not addr or addr["user_id"] != current_user["id"]:
|
||||
raise HTTPException(status_code=403, detail="No autorizado")
|
||||
db = get_db()
|
||||
try:
|
||||
result = db.table("addresses").select("user_id").eq("id", address_id).execute()
|
||||
if not result.data or result.data[0]["user_id"] != current_user["id"]:
|
||||
raise HTTPException(status_code=403, detail="No autorizado")
|
||||
except HTTPException:
|
||||
raise
|
||||
except Exception as e:
|
||||
raise HTTPException(status_code=500, detail=str(e))
|
||||
|
||||
resultado = _repo().calcular_eta(address_id)
|
||||
if not resultado:
|
||||
|
||||
Reference in New Issue
Block a user