Exception handling enhancement

2025-09-23 22:42:26 +02:00
parent b1a76cdb57
commit 98285aa8aa
35 changed files with 3283 additions and 1743 deletions
--- a/middleware/auth.py
+++ b/middleware/auth.py
@@ -18,6 +18,13 @@ from jose import jwt
 from passlib.context import CryptContext
 from sqlalchemy.orm import Session

+from app.exceptions import (
+    AdminRequiredException,
+    InvalidTokenException,
+    TokenExpiredException,
+    UserNotActiveException,
+    InvalidCredentialsException
+)
 from models.database.user import User

 logger = logging.getLogger(__name__)
@@ -46,7 +53,7 @@ class AuthManager:
        return pwd_context.verify(plain_password, hashed_password)

    def authenticate_user(
-        self, db: Session, username: str, password: str
+            self, db: Session, username: str, password: str
    ) -> Optional[User]:
        """Authenticate user and return user object if valid."""
        user = (
@@ -101,17 +108,15 @@ class AuthManager:
            # Check if token has expired
            exp = payload.get("exp")
            if exp is None:
-                raise HTTPException(status_code=401, detail="Token missing expiration")
+                raise InvalidTokenException("Token missing expiration")

            if datetime.utcnow() > datetime.fromtimestamp(exp):
-                raise HTTPException(status_code=401, detail="Token has expired")
+                raise TokenExpiredException()

            # Extract user data
            user_id = payload.get("sub")
            if user_id is None:
-                raise HTTPException(
-                    status_code=401, detail="Token missing user identifier"
-                )
+                raise InvalidTokenException("Token missing user identifier")

            return {
                "user_id": int(user_id),
@@ -121,28 +126,24 @@ class AuthManager:
            }

        except jwt.ExpiredSignatureError:
-            raise HTTPException(status_code=401, detail="Token has expired")
+            raise TokenExpiredException()
        except jwt.JWTError as e:
            logger.error(f"JWT decode error: {e}")
-            raise HTTPException(
-                status_code=401, detail="Could not validate credentials"
-            )
+            raise InvalidTokenException("Could not validate credentials")
        except Exception as e:
            logger.error(f"Token verification error: {e}")
-            raise HTTPException(status_code=401, detail="Authentication failed")
+            raise InvalidTokenException("Authentication failed")

-    def get_current_user(
-        self, db: Session, credentials: HTTPAuthorizationCredentials
-    ) -> User:
+    def get_current_user(self, db: Session, credentials: HTTPAuthorizationCredentials) -> User:
        """Get current authenticated user from database."""
        user_data = self.verify_token(credentials.credentials)

        user = db.query(User).filter(User.id == user_data["user_id"]).first()
        if not user:
-            raise HTTPException(status_code=401, detail="User not found")
+            raise InvalidCredentialsException("User not found")

        if not user.is_active:
-            raise HTTPException(status_code=401, detail="User account is inactive")
+            raise UserNotActiveException()

        return user

@@ -165,7 +166,7 @@ class AuthManager:
    def require_admin(self, current_user: User):
        """Require admin role."""
        if current_user.role != "admin":
-            raise HTTPException(status_code=403, detail="Admin privileges required")
+            raise AdminRequiredException()
        return current_user

    def create_default_admin_user(self, db: Session):