feat: implement core backend API structure and frontend service layer for case management and authentication

This commit is contained in:
2026-05-12 15:41:57 +03:00
parent ee39a3d83b
commit bd73f18d5c
13 changed files with 718 additions and 63 deletions

32
backend/middleware.py Normal file
View File

@@ -0,0 +1,32 @@
import os
import jwt
from functools import wraps
from flask import request, jsonify
# Should ideally be set in .env
SECRET_KEY = os.getenv('JWT_SECRET', 'super-secret-jwt-key-automarket')
def token_required(f):
@wraps(f)
def decorated(*args, **kwargs):
token = None
auth_header = request.headers.get('Authorization')
if auth_header and auth_header.startswith('Bearer '):
token = auth_header.split(" ")[1]
# Fallback to query param for file downloads
if not token:
token = request.args.get('token')
if not token:
return jsonify({'message': 'Token is missing!'}), 401
try:
data = jwt.decode(token, SECRET_KEY, algorithms=["HS256"])
current_user_id = data['user_id']
except Exception as e:
return jsonify({'message': 'Token is invalid or expired!'}), 401
return f(current_user_id, *args, **kwargs)
return decorated