feat: implement refresh token functionality; update authentication and token models; add tests for refresh endpoint

2025-11-28 13:56:04 +05:00
parent a8bdf18e38
commit 6db1e865f6
7 changed files with 165 additions and 16 deletions
@@ -118,6 +118,9 @@ async def get_current_user(
        sub = payload.get("sub")
        if sub is None:
            raise credentials_exception
+        scope = payload.get("scope", "access")
+        if scope != "access":
+            raise credentials_exception
        user_id = int(sub)
    except (jwt.PyJWTError, TypeError, ValueError):
        raise credentials_exception from None