shaapi 0.1.0__py3-none-any.whl

shaapi/template/backend/common/response/response_code.py

@@ -0,0 +1,158 @@
+import dataclasses
+
+from enum import Enum
+
+
+class CustomCodeBase(Enum):
+    """Custom base status code"""
+
+    @property
+    def code(self):
+        """
+        Get status code
+        """
+        return self.value[0]
+
+    @property
+    def msg(self):
+        """
+        Get status code message
+        """
+        return self.value[1]
+
+
+class CustomResponseCode(CustomCodeBase):
+    """Custom response status codes"""
+
+    HTTP_200 = (200, 'http_200')
+    HTTP_201 = (201, 'http_201')
+    HTTP_202 = (202, 'http_202')
+    HTTP_204 = (204, 'http_204')
+    HTTP_400 = (400, 'http_400')
+    HTTP_401 = (401, 'http_401')
+    HTTP_403 = (403, 'http_403')
+    HTTP_404 = (404, 'http_404')
+    HTTP_410 = (410, 'http_410')
+    HTTP_422 = (422, 'http_422')
+    HTTP_425 = (425, 'http_425')
+    HTTP_429 = (429, 'http_429')
+    HTTP_500 = (500, 'http_500')
+    HTTP_502 = (502, 'http_502')
+    HTTP_503 = (503, 'http_503')
+    HTTP_504 = (504, 'http_504')
+
+
+class CustomErrorCode(CustomCodeBase):
+    """Custom error codes"""
+
+    CAPTCHA_ERROR = (40001, 'Captcha error')
+
+
+@dataclasses.dataclass
+class CustomResponse:
+    """
+    Provides open response status codes instead of enums, useful when you want to customize response messages
+    """
+
+    code: int
+    msg: str
+
+
+class StandardResponseCode:
+    """Standard response status codes"""
+
+    """
+    HTTP codes
+    See HTTP Status Code Registry:
+    https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml
+
+    And RFC 2324 - https://tools.ietf.org/html/rfc2324
+    """
+    HTTP_100 = 100  # CONTINUE
+    HTTP_101 = 101  # SWITCHING_PROTOCOLS
+    HTTP_102 = 102  # PROCESSING
+    HTTP_103 = 103  # EARLY_HINTS
+    HTTP_200 = 200  # OK
+    HTTP_201 = 201  # CREATED
+    HTTP_202 = 202  # ACCEPTED
+    HTTP_203 = 203  # NON_AUTHORITATIVE_INFORMATION
+    HTTP_204 = 204  # NO_CONTENT
+    HTTP_205 = 205  # RESET_CONTENT
+    HTTP_206 = 206  # PARTIAL_CONTENT
+    HTTP_207 = 207  # MULTI_STATUS
+    HTTP_208 = 208  # ALREADY_REPORTED
+    HTTP_226 = 226  # IM_USED
+    HTTP_300 = 300  # MULTIPLE_CHOICES
+    HTTP_301 = 301  # MOVED_PERMANENTLY
+    HTTP_302 = 302  # FOUND
+    HTTP_303 = 303  # SEE_OTHER
+    HTTP_304 = 304  # NOT_MODIFIED
+    HTTP_305 = 305  # USE_PROXY
+    HTTP_307 = 307  # TEMPORARY_REDIRECT
+    HTTP_308 = 308  # PERMANENT_REDIRECT
+    HTTP_400 = 400  # BAD_REQUEST
+    HTTP_401 = 401  # UNAUTHORIZED
+    HTTP_402 = 402  # PAYMENT_REQUIRED
+    HTTP_403 = 403  # FORBIDDEN
+    HTTP_404 = 404  # NOT_FOUND
+    HTTP_405 = 405  # METHOD_NOT_ALLOWED
+    HTTP_406 = 406  # NOT_ACCEPTABLE
+    HTTP_407 = 407  # PROXY_AUTHENTICATION_REQUIRED
+    HTTP_408 = 408  # REQUEST_TIMEOUT
+    HTTP_409 = 409  # CONFLICT
+    HTTP_410 = 410  # GONE
+    HTTP_411 = 411  # LENGTH_REQUIRED
+    HTTP_412 = 412  # PRECONDITION_FAILED
+    HTTP_413 = 413  # REQUEST_ENTITY_TOO_LARGE
+    HTTP_414 = 414  # REQUEST_URI_TOO_LONG
+    HTTP_415 = 415  # UNSUPPORTED_MEDIA_TYPE
+    HTTP_416 = 416  # REQUESTED_RANGE_NOT_SATISFIABLE
+    HTTP_417 = 417  # EXPECTATION_FAILED
+    HTTP_418 = 418  # UNUSED
+    HTTP_421 = 421  # MISDIRECTED_REQUEST
+    HTTP_422 = 422  # UNPROCESSABLE_CONTENT
+    HTTP_423 = 423  # LOCKED
+    HTTP_424 = 424  # FAILED_DEPENDENCY
+    HTTP_425 = 425  # TOO_EARLY
+    HTTP_426 = 426  # UPGRADE_REQUIRED
+    HTTP_427 = 427  # UNASSIGNED
+    HTTP_428 = 428  # PRECONDITION_REQUIRED
+    HTTP_429 = 429  # TOO_MANY_REQUESTS
+    HTTP_430 = 430  # UNASSIGNED
+    HTTP_431 = 431  # REQUEST_HEADER_FIELDS_TOO_LARGE
+    HTTP_451 = 451  # UNAVAILABLE_FOR_LEGAL_REASONS
+    HTTP_500 = 500  # INTERNAL_SERVER_ERROR
+    HTTP_501 = 501  # NOT_IMPLEMENTED
+    HTTP_502 = 502  # BAD_GATEWAY
+    HTTP_503 = 503  # SERVICE_UNAVAILABLE
+    HTTP_504 = 504  # GATEWAY_TIMEOUT
+    HTTP_505 = 505  # HTTP_VERSION_NOT_SUPPORTED
+    HTTP_506 = 506  # VARIANT_ALSO_NEGOTIATES
+    HTTP_507 = 507  # INSUFFICIENT_STORAGE
+    HTTP_508 = 508  # LOOP_DETECTED
+    HTTP_509 = 509  # UNASSIGNED
+    HTTP_510 = 510  # NOT_EXTENDED
+    HTTP_511 = 511  # NETWORK_AUTHENTICATION_REQUIRED
+
+    """
+    WebSocket codes
+    https://www.iana.org/assignments/websocket/websocket.xml#close-code-number
+    https://developer.mozilla.org/en-US/docs/Web/API/CloseEvent
+    """
+    WS_1000 = 1000  # NORMAL_CLOSURE
+    WS_1001 = 1001  # GOING_AWAY
+    WS_1002 = 1002  # PROTOCOL_ERROR
+    WS_1003 = 1003  # UNSUPPORTED_DATA
+    WS_1005 = 1005  # NO_STATUS_RCVD
+    WS_1006 = 1006  # ABNORMAL_CLOSURE
+    WS_1007 = 1007  # INVALID_FRAME_PAYLOAD_DATA
+    WS_1008 = 1008  # POLICY_VIOLATION
+    WS_1009 = 1009  # MESSAGE_TOO_BIG
+    WS_1010 = 1010  # MANDATORY_EXT
+    WS_1011 = 1011  # INTERNAL_ERROR
+    WS_1012 = 1012  # SERVICE_RESTART
+    WS_1013 = 1013  # TRY_AGAIN_LATER
+    WS_1014 = 1014  # BAD_GATEWAY
+    WS_1015 = 1015  # TLS_HANDSHAKE_ERROR
+    WS_3000 = 3000  # UNAUTHORIZED
+    WS_3003 = 3003  # FORBIDDEN

shaapi/template/backend/common/response/response_schema.py

@@ -0,0 +1,110 @@
+from datetime import datetime
+from typing import Any, Optional
+
+from fastapi import Response, Request
+from pydantic import BaseModel, ConfigDict
+
+from backend.common.response.response_code import CustomResponse, CustomResponseCode
+from backend.core.conf import settings
+from backend.utils.serializers import MsgSpecJSONResponse
+from backend.utils.translator import Translator
+
+_ExcludeData = set[int | str] | dict[int | str, Any]
+
+__all__ = ['ResponseModel', 'response_base']
+
+
+class ResponseModel(BaseModel):
+    """
+    Unified response model
+
+    E.g. ::
+
+        @router.get('/test', response_model=ResponseModel)
+        def test():
+            return ResponseModel(data={'test': 'test'})
+
+        @router.get('/test')
+        def test() -> ResponseModel:
+            return ResponseModel(data={'test': 'test'})
+
+        @router.get('/test')
+        def test() -> ResponseModel:
+            res = CustomResponseCode.HTTP_200
+            return ResponseModel(code=res.code, msg=res.msg, data={'test': 'test'})
+    """
+
+    # TODO: json_encoders configuration not working: https://github.com/tiangolo/fastapi/discussions/10252
+    model_config = ConfigDict(json_encoders={datetime: lambda x: x.strftime(settings.DATETIME_FORMAT)})
+
+    code: int = CustomResponseCode.HTTP_200.code
+    msg: str = CustomResponseCode.HTTP_200.msg
+    data: Optional[Any] = None
+
+
+class ResponseBase:
+    """
+    Unified response method
+
+    .. tip::
+
+        The methods in this class will return the ResponseModel model, which serves as a coding style convention.
+
+    E.g. ::
+
+        @router.get('/test')
+        def test() -> ResponseModel:
+            return response_base.success(data={'test': 'test'})
+    """
+
+    @staticmethod
+    def __response(*, request: Request, res: CustomResponseCode | CustomResponse = None, data: Any | None = None) -> ResponseModel:
+        """
+        General method for successful request responses
+
+        :param res: Response information
+        :param data: Response data
+        :return: ResponseModel instance
+        """
+        translator = Translator(request.state.locale)
+        return ResponseModel(code=res.code, msg=translator.t(f'app.{res.msg}'), data=data)
+
+    def success(
+        self,
+        *,
+        request: Request,
+        res: CustomResponseCode | CustomResponse = CustomResponseCode.HTTP_200,
+        data: Any | None = None,
+    ) -> ResponseModel:
+        return self.__response(request=request, res=res, data=data)
+
+    def fail(
+        self,
+        *,
+        request: Request,
+        res: CustomResponseCode | CustomResponse = CustomResponseCode.HTTP_400,
+        data: Any = None,
+    ) -> ResponseModel:
+        return self.__response(request=request, res=res, data=data)
+
+    @staticmethod
+    def fast_success(
+        *,
+        res: CustomResponseCode | CustomResponse = CustomResponseCode.HTTP_200,
+        data: Any | None = None,
+    ) -> Response:
+        """
+        This method was created to improve response speed. If the return data doesn't require parsing and validation by Pydantic, it is recommended to use this. Otherwise, avoid it.
+
+        .. warning::
+
+            When using this return method, do not specify the response_model parameter in the route, and do not add a return type annotation to the function.
+
+        :param res: Response information
+        :param data: Response data
+        :return: FastAPI Response object
+        """
+        return MsgSpecJSONResponse({'code': res.code, 'msg': res.msg, 'data': data})
+
+
+response_base = ResponseBase()

shaapi/template/backend/common/schema.py

@@ -0,0 +1,144 @@
+from pydantic import BaseModel, ConfigDict, EmailStr, validate_email
+
+# Custom validation error messages without validation expected content (i.e., input content).
+# The supported expected content fields can be found at the link below:
+# https://github.com/pydantic/pydantic-core/blob/a5cb7382643415b716b1a7a5392914e50f726528/tests/test_errors.py#L266
+# To replace the expected content fields, refer to the link below:
+# https://github.com/pydantic/pydantic/blob/caa78016433ec9b16a973f92f187a7b6bfde6cb5/docs/errors/errors.md?plain=1#L232
+CUSTOM_VALIDATION_ERROR_MESSAGES = {
+    'arguments_type': 'Incorrect argument type input',
+    'assertion_error': 'Assertion execution error',
+    'bool_parsing': 'Boolean value parsing error',
+    'bool_type': 'Boolean type input error',
+    'bytes_too_long': 'Byte length input is too long',
+    'bytes_too_short': 'Byte length input is too short',
+    'bytes_type': 'Byte type input error',
+    'callable_type': 'Callable object type input error',
+    'dataclass_exact_type': 'Dataclass instance type input error',
+    'dataclass_type': 'Dataclass type input error',
+    'date_from_datetime_inexact': 'Non-zero date component input',
+    'date_from_datetime_parsing': 'Date input parsing error',
+    'date_future': 'Date input is not in the future',
+    'date_parsing': 'Date input validation error',
+    'date_past': 'Date input is not in the past',
+    'date_type': 'Date type input error',
+    'datetime_future': 'Datetime input is not in the future',
+    'datetime_object_invalid': 'Invalid datetime object input',
+    'datetime_parsing': 'Datetime input parsing error',
+    'datetime_past': 'Datetime input is not in the past',
+    'datetime_type': 'Datetime type input error',
+    'decimal_max_digits': 'Too many decimal places input',
+    'decimal_max_places': 'Incorrect decimal places input',
+    'decimal_parsing': 'Decimal input parsing error',
+    'decimal_type': 'Decimal type input error',
+    'decimal_whole_digits': 'Incorrect decimal places input',
+    'dict_type': 'Dictionary type input error',
+    'enum': 'Enum member input error, allowed {expected}',
+    'extra_forbidden': 'Extra field input is forbidden',
+    'finite_number': 'Finite number input error',
+    'float_parsing': 'Float input parsing error',
+    'float_type': 'Float type input error',
+    'frozen_field': 'Frozen field input error',
+    'frozen_instance': 'Modification of frozen instance is forbidden',
+    'frozen_set_type': 'Frozen type input is forbidden',
+    'get_attribute_error': 'Error retrieving attribute',
+    'greater_than': 'Input value is too large',
+    'greater_than_equal': 'Input value is too large or equal',
+    'int_from_float': 'Integer type input error',
+    'int_parsing': 'Integer input parsing error',
+    'int_parsing_size': 'Integer input parsing size error',
+    'int_type': 'Integer type input error',
+    'invalid_key': 'Invalid key input',
+    'is_instance_of': 'Instance type input error',
+    'is_subclass_of': 'Subclass type input error',
+    'iterable_type': 'Iterable type input error',
+    'iteration_error': 'Iteration value input error',
+    'json_invalid': 'Invalid JSON string input',
+    'json_type': 'JSON type input error',
+    'less_than': 'Input value is too small',
+    'less_than_equal': 'Input value is too small or equal',
+    'list_type': 'List type input error',
+    'literal_error': 'Literal value input error',
+    'mapping_type': 'Mapping type input error',
+    'missing': 'Missing required field',
+    'missing_argument': 'Missing argument',
+    'missing_keyword_only_argument': 'Missing keyword-only argument',
+    'missing_positional_only_argument': 'Missing positional-only argument',
+    'model_attributes_type': 'Model attributes type input error',
+    'model_type': 'Model instance input error',
+    'multiple_argument_values': 'Too many argument values input',
+    'multiple_of': 'Input value is not a multiple',
+    'no_such_attribute': 'Invalid attribute assignment',
+    'none_required': 'Input value must be None',
+    'recursion_loop': 'Input recursion loop',
+    'set_type': 'Set type input error',
+    'string_pattern_mismatch': 'String pattern input mismatch',
+    'string_sub_type': 'String subtype input error',
+    'string_too_long': 'String input is too long',
+    'string_too_short': 'String input is too short',
+    'string_type': 'String type input error',
+    'string_unicode': 'String input is not Unicode',
+    'time_delta_parsing': 'Timedelta input parsing error',
+    'time_delta_type': 'Timedelta type input error',
+    'time_parsing': 'Time input parsing error',
+    'time_type': 'Time type input error',
+    'timezone_aware': 'Missing timezone input information',
+    'timezone_naive': 'Timezone input information is forbidden',
+    'too_long': 'Input is too long',
+    'too_short': 'Input is too short',
+    'tuple_type': 'Tuple type input error',
+    'unexpected_keyword_argument': 'Unexpected keyword argument input',
+    'unexpected_positional_argument': 'Unexpected positional argument input',
+    'union_tag_invalid': 'Union tag input error',
+    'union_tag_not_found': 'Union tag input not found',
+    'url_parsing': 'URL input parsing error',
+    'url_scheme': 'URL input scheme error',
+    'url_syntax_violation': 'URL input syntax violation',
+    'url_too_long': 'URL input is too long',
+    'url_type': 'URL type input error',
+    'uuid_parsing': 'UUID input parsing error',
+    'uuid_type': 'UUID type input error',
+    'uuid_version': 'UUID version type input error',
+    'value_error': 'Value input error',
+}
+
+CUSTOM_USAGE_ERROR_MESSAGES = {
+    'class-not-fully-defined': 'Class property type is not fully defined',
+    'custom-json-schema': '__modify_schema__ method has been deprecated in V2',
+    'decorator-missing-field': 'Invalid field validator defined',
+    'discriminator-no-field': 'Discriminator field not fully defined',
+    'discriminator-alias-type': 'Discriminator field uses non-string type definition',
+    'discriminator-needs-literal': 'Discriminator field needs to use literal definition',
+    'discriminator-alias': 'Discriminator field alias definition inconsistency',
+    'discriminator-validator': 'Discriminator field cannot define field validators',
+    'model-field-overridden': 'Field without type definition cannot be overridden',
+    'model-field-missing-annotation': 'Field type definition is missing',
+    'config-both': 'Duplicate configuration item definition',
+    'removed-kwargs': 'Call to removed keyword configuration parameters',
+    'invalid-for-json-schema': 'Invalid JSON type present',
+    'base-model-instantiated': 'Instantiation of base model is forbidden',
+    'undefined-annotation': 'Type definition is missing',
+    'schema-for-unknown-type': 'Unknown type definition',
+    'create-model-field-definitions': 'Field definition error',
+    'create-model-config-base': 'Configuration item definition error',
+    'validator-no-fields': 'Field validator did not specify fields',
+    'validator-invalid-fields': 'Field validator fields definition error',
+    'validator-instance-method': 'Field validator must be a class method',
+    'model-serializer-instance-method': 'Serializer must be an instance method',
+    'validator-v1-signature': 'V1 field validator signature has been deprecated',
+    'validator-signature': 'Field validator signature error',
+    'field-serializer-signature': 'Field serializer signature unrecognized',
+    'model-serializer-signature': 'Model serializer signature unrecognized',
+    'multiple-field-serializers': 'Multiple field serializers defined',
+    'invalid_annotated_type': 'Invalid type definition',
+    'type-adapter-config-unused': 'Type adapter configuration item definition error',
+    'root-model-extra': 'Root model cannot define extra fields',
+}
+
+class CustomEmailStr(EmailStr):
+    @classmethod
+    def _validate(cls, __input_value: str) -> str:
+        return None if __input_value == '' else validate_email(__input_value)[1]
+
+class SchemaBase(BaseModel):
+    model_config = ConfigDict(use_enum_values=True)

shaapi/template/backend/common/security/jwt.py

@@ -0,0 +1,203 @@
+from datetime import timedelta
+
+from fastapi import Depends, Request
+from fastapi.security import HTTPBearer
+from fastapi.security.utils import get_authorization_scheme_param
+from jose import ExpiredSignatureError, JWTError, jwt
+from passlib.context import CryptContext
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from backend.models import User
+from backend.common.dataclasses import AccessToken, NewToken, RefreshToken
+from backend.common.exception.errors import AuthorizationError, TokenError
+from backend.core.conf import settings
+from backend.database.db_redis import redis_client
+from backend.utils.timezone import timezone
+
+pwd_context = CryptContext(schemes=['bcrypt'], deprecated='auto')
+
+
+# JWT authorizes dependency injection
+DependsJwtAuth = Depends(HTTPBearer())
+
+
+def get_hash_password(password: str) -> str:
+    """
+    Encrypt passwords using the hash algorithm
+
+    :param password:
+    :return:
+    """
+    return pwd_context.hash(password)
+
+
+def password_verify(plain_password: str, hashed_password: str) -> bool:
+    """
+    Password verification
+
+    :param plain_password: The password to verify
+    :param hashed_password: The hash ciphers to compare
+    :return:
+    """
+    return pwd_context.verify(plain_password, hashed_password)
+
+
+async def create_access_token(sub: str, multi_login: bool) -> AccessToken:
+    """
+    Generate encryption token
+
+    :param sub: The subject/userid of the JWT
+    :param multi_login: multipoint login for user
+    :return:
+    """
+    expire = timezone.now() + timedelta(seconds=settings.TOKEN_EXPIRE_SECONDS)
+    expire_seconds = settings.TOKEN_EXPIRE_SECONDS
+
+    to_encode = {'exp': expire, 'sub': sub}
+    access_token = jwt.encode(to_encode, settings.TOKEN_SECRET_KEY, settings.TOKEN_ALGORITHM)
+
+    if multi_login is False:
+        key_prefix = f'{settings.TOKEN_REDIS_PREFIX}:{sub}'
+        await redis_client.delete_prefix(key_prefix)
+
+    key = f'{settings.TOKEN_REDIS_PREFIX}:{sub}:{access_token}'
+    await redis_client.setex(key, expire_seconds, access_token)
+    return AccessToken(access_token=access_token, access_token_expire_time=expire)
+
+
+async def create_refresh_token(sub: str, multi_login: bool) -> RefreshToken:
+    """
+    Generate encryption refresh token, only used to create a new token
+
+    :param sub: The subject/userid of the JWT
+    :param multi_login: multipoint login for user
+    :return:
+    """
+    expire = timezone.now() + timedelta(seconds=settings.TOKEN_REFRESH_EXPIRE_SECONDS)
+    expire_seconds = settings.TOKEN_REFRESH_EXPIRE_SECONDS
+
+    to_encode = {'exp': expire, 'sub': sub}
+    refresh_token = jwt.encode(to_encode, settings.TOKEN_SECRET_KEY, settings.TOKEN_ALGORITHM)
+
+    if multi_login is False:
+        key_prefix = f'{settings.TOKEN_REFRESH_REDIS_PREFIX}:{sub}'
+        await redis_client.delete_prefix(key_prefix)
+
+    key = f'{settings.TOKEN_REFRESH_REDIS_PREFIX}:{sub}:{refresh_token}'
+    await redis_client.setex(key, expire_seconds, refresh_token)
+    return RefreshToken(refresh_token=refresh_token, refresh_token_expire_time=expire)
+
+
+async def create_new_token(sub: str, token: str, refresh_token: str, multi_login: bool) -> NewToken:
+    """
+    Generate new token
+
+    :param sub:
+    :param token
+    :param refresh_token:
+    :param multi_login:
+    :return:
+    """
+    redis_refresh_token = await redis_client.get(f'{settings.TOKEN_REFRESH_REDIS_PREFIX}:{sub}:{refresh_token}')
+    if not redis_refresh_token or redis_refresh_token != refresh_token:
+        raise TokenError(msg='Refresh Token has expired')
+
+    new_access_token = await create_access_token(sub, multi_login)
+    new_refresh_token = await create_refresh_token(sub, multi_login)
+
+    token_key = f'{settings.TOKEN_REDIS_PREFIX}:{sub}:{token}'
+    refresh_token_key = f'{settings.TOKEN_REFRESH_REDIS_PREFIX}:{sub}:{refresh_token}'
+    await redis_client.delete(token_key)
+    await redis_client.delete(refresh_token_key)
+    return NewToken(
+        new_access_token=new_access_token.access_token,
+        new_access_token_expire_time=new_access_token.access_token_expire_time,
+        new_refresh_token=new_refresh_token.refresh_token,
+        new_refresh_token_expire_time=new_refresh_token.refresh_token_expire_time,
+    )
+
+
+def get_token(request: Request) -> str:
+    """
+    Get token for request header
+
+    :return:
+    """
+    authorization = request.headers.get('Authorization')
+    scheme, token = get_authorization_scheme_param(authorization)
+    if not authorization or scheme.lower() != 'bearer':
+        raise TokenError(msg='Token is invalid')
+    return token
+
+
+def jwt_decode(token: str) -> int:
+    """
+    Decode token
+
+    :param token:
+    :return:
+    """
+    try:
+        payload = jwt.decode(token, settings.TOKEN_SECRET_KEY, algorithms=[settings.TOKEN_ALGORITHM])
+        user_id = payload.get('sub')
+        if not user_id:
+            raise TokenError(msg='Token is invalid')
+    except ExpiredSignatureError:
+        raise TokenError(msg='Token has expired')
+    except (JWTError, Exception):
+        raise TokenError(msg='Token is invalid')
+    return user_id
+
+
+async def jwt_authentication(token: str) -> str:
+    """
+    JWT authentication
+
+    :param token:
+    :return:
+    """
+    user_id = jwt_decode(token)
+    key = f'{settings.TOKEN_REDIS_PREFIX}:{user_id}:{token}'
+    token_verify = await redis_client.get(key)
+    if not token_verify:
+        raise TokenError(msg='Token has expired')
+    return user_id
+
+
+async def get_current_user(db: AsyncSession, sub: str) -> User:
+    """
+    Get the current user through token
+
+    :param db:
+    :param pk:
+    :return:
+    """
+    from backend.crud.crud_user import user_dao
+
+    user = await user_dao.get_with_relation(db, x_id=sub)
+    if not user:
+        raise TokenError(msg='Token is invalid')
+    if not user.status:
+        raise AuthorizationError(msg='The user has been locked out, please contact the administrator')
+    # if user.dept_id:
+    #     if not user.dept.status:
+    #         raise AuthorizationError(msg='User\'s department is locked')
+    #     if user.dept.del_flag:
+    #         raise AuthorizationError(msg='The department to which the user belongs has been deleted')
+    if user.roles:
+        role_status = [role.status for role in user.roles]
+        if all(status == 0 for status in role_status):
+            raise AuthorizationError(msg='User\'s role is locked')
+    return user
+
+def superuser_verify(request: Request) -> bool:
+    """
+    Verify the current user permissions through token
+
+    :param request:
+    :return:
+    """
+    superuser = request.user.is_superuser
+    if not superuser or not request.user.is_staff:
+        raise AuthorizationError
+    return superuser