app/guards/jwt_guard.py

from fastapi import HTTPException, status, Depends
from fastapi.security import HTTPBearer
import logging
from app.core.security import decode_access_token

logger = logging.getLogger(__name__)

security = HTTPBearer()

async def get_current_user(credentials = Depends(security)) -> dict:
    """
    Dependency for protected routes
    Validates JWT token and returns user data
    """
    token = credentials.credentials
    
    payload = decode_access_token(token)
    
    if not payload:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid or expired token",
            headers={"WWW-Authenticate": "Bearer"},
        )
    
    return payload