import jwt
from fastapi import FastAPI, HTTPException, Depends, Request
from pydantic import BaseModel
from fastapi.responses import JSONResponse
from test.config import JWT_SECRET_KEY, HOST, PORT
import uvicorn
app = FastAPI()

class ScanCode(BaseModel):
    code: str
    scopes: str

# 解码并验证JWT
def decode_jwt(token: str):
    try:
        payload = jwt.decode(token, JWT_SECRET_KEY, algorithms=["HS256"])
        return ScanCode(username=payload.get("sub"))
    except jwt.PyJWTError as e:
        raise HTTPException(status_code=403, detail="Invalid or expired token")

# 登录端点
@app.post("/login")
async def login(user: ScanCode):
    # 在这里验证user_credentials（例如，检查username和密码）
    # 如果凭证有效，生成并返回token
    access_token = jwt.encode({"sub": user.username}, JWT_SECRET_KEY, algorithm="HS256")
    return {"token": access_token}

from fastapi.security import OAuth2PasswordBearer

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
# 创建一个依赖项来获取当前活动用户
def get_current_user(token: str = Depends(oauth2_scheme)):
    current_user = decode_jwt(token)
    return current_user

# 受保护资源示例
@app.get("/account")
async def read_account(current_user: User = Depends(oauth2_scheme)):
    # 在这里返回当前用户的信息
    return {"nickname": current_user.username, "avatar": "https://p26.douyinpic.com/aweme/100x100/aweme-avatar/tos-cn-i-0813_66c4e34ae8834399bbf967c3d3c919db.jpeg?from=4010531038"}

# 其他受保护的资源...

# 启动应用
def main():
    uvicorn.run(app, host=None, port=PORT, log_level="info")

if __name__ == "__main__":
    main()