fix token

2026-03-26 04:54:17 +03:00 · 2026-03-26 04:54:17 +03:00 · b1f02f46f3
commit b1f02f46f3
parent 41cfb91d4e
2 changed files with 10 additions and 10 deletions
--- a/common_lib/utils/auth.py
+++ b/common_lib/utils/auth.py
@ -9,7 +9,7 @@ from config import settings
 from .validators import validate_username as core_validate_username, validate_password as core_validate_password
 from common_lib.utils.http_client import client

-auth_scheme = HTTPBearer()
+auth_scheme = HTTPBearer(auto_error=False)


@dataclass
@ -175,8 +175,8 @@ async def get_current_user(
    
    if not token:
        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Authentication required: provide token in Authorization header or cookie"
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not authenticated"
        )

    return await _fetch_current_user(request, token, require_permissions=False, is_web=is_web)
@ -184,7 +184,7 @@ async def get_current_user(

 async def get_current_user_with_permissions(
    request: Request,
-    credentials: HTTPAuthorizationCredentials = Depends(auth_scheme)
+    credentials: Optional[HTTPAuthorizationCredentials] = Depends(auth_scheme)
 ) -> CurrentUser:
    token = None
    
@ -197,8 +197,8 @@ async def get_current_user_with_permissions(
    
    if not token:
        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Authentication required: provide token in Authorization header or cookie"
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not authenticated"
        )

    return await _fetch_current_user(request, token, require_permissions=True)
@ -207,7 +207,7 @@ async def get_current_user_with_permissions(
 async def get_current_user_or_bot(
    request: Request,
    is_bot: str | None = Header(default=None),
-    credentials: HTTPAuthorizationCredentials = Depends(auth_scheme)
+    credentials: Optional[HTTPAuthorizationCredentials] = Depends(auth_scheme)
 ) -> CurrentUser:
    token = None
    
@ -220,8 +220,8 @@ async def get_current_user_or_bot(
    
    if not token:
        raise HTTPException(
-            status_code=status.HTTP_401_UNAUTHORIZED,
-            detail="Authentication required: provide token in Authorization header or cookie"
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Not authenticated"
        )

    is_bot_flag = str(is_bot).lower() in ("true", "1", "yes") if is_bot else False
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [project]
 name = "common-lib"
-version = "0.0.46"
+version = "0.0.47"
 description = "Библиотека общих компонентов для микросервисов yobble"
 authors = [{ name = "cheykrym", email = "you@example.com" }]
 license = "MIT"