init

2026-03-22 14:26:45 +03:00
parent 33694d68db
commit 466a27907a
28 changed files with 1334 additions and 71 deletions
--- a/backend/app/dependencies.py
+++ b/backend/app/dependencies.py
@@ -21,7 +21,7 @@ async def get_current_admin(
    """Dependency that validates JWT and returns the current admin user."""
    token = credentials.credentials
    payload = decode_access_token(token)
-    if not payload:
+    if not payload or payload.get("type", "admin") != "admin":
        logger.warning("Invalid or expired token")
        raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Невалидный или просроченный токен")