feat: update backend auth and dependencies to use Supabase

This commit is contained in:
Alan Alonso
2026-05-23 01:04:48 -06:00
parent 6d1845c09d
commit 47f4a7d2b1
3 changed files with 119 additions and 68 deletions

View File

@@ -7,19 +7,19 @@ from typing import Optional
from fastapi import APIRouter, HTTPException, WebSocket, WebSocketDisconnect, Depends
from pydantic import BaseModel
from app.data.repositories.ruta_repository import SQLiteRutaRepository
from app.data.repositories.ruta_repository import SupabaseRutaRepository
from app.services.simulador import obtener_simulador
from app.services.ws_manager import ws_manager
from app.core.cache import cached, cache_client, invalidate_route_cache
from app.core.dependencies import get_current_user
from app.db.database import get_connection
from app.db.database import get_db
router = APIRouter()
logger = logging.getLogger(__name__)
def _repo() -> SQLiteRutaRepository:
return SQLiteRutaRepository()
def _repo() -> SupabaseRutaRepository:
return SupabaseRutaRepository()
# ── GET /eta/{address_id} con caché ─────────────────────────────────────────
@@ -35,14 +35,15 @@ async def get_eta(
Cacheado por 30 segundos para evitar consultas repetidas.
"""
# Verificar que el domicilio pertenece al usuario (RBAC)
conn = get_connection()
addr = conn.execute(
"SELECT user_id FROM addresses WHERE id = ?", (address_id,)
).fetchone()
conn.close()
if not addr or addr["user_id"] != current_user["id"]:
raise HTTPException(status_code=403, detail="No autorizado")
db = get_db()
try:
result = db.table("addresses").select("user_id").eq("id", address_id).execute()
if not result.data or result.data[0]["user_id"] != current_user["id"]:
raise HTTPException(status_code=403, detail="No autorizado")
except HTTPException:
raise
except Exception as e:
raise HTTPException(status_code=500, detail=str(e))
resultado = _repo().calcular_eta(address_id)
if not resultado: