@feat : implement token verification for secure API endpoints

app/api/routes.py

@@ -1,19 +1,17 @@
 from fastapi import APIRouter, HTTPException
 from app.models.schema import GenerateRequest, GenerateResponse
 from app.services.generator import coverLetterGenerativeAIBot
-from app.services.pdf_creator import save_pdf
 from app.services.resume_parser import extract_resume_text
 from app.utils.file_utils import generate_unique_filename
-from fastapi import UploadFile, File
+from fastapi import UploadFile, File,Depends
 from app.services.hf_storage_service import HuggingFaceStorageService
-from app.services.pdf_creator import build_cover_letter_md, convert_md_to_text
-
+from app.auth.auth import verify_token
 storage_service = HuggingFaceStorageService()
 
 router = APIRouter()
 
-@router.post("/generate", response_model=GenerateResponse)
-async def generate_cover_letter_api(data: GenerateRequest):
+@router.post("/generate", response_model=GenerateResponse,)
+async def generate_cover_letter_api(data: GenerateRequest,user=Depends(verify_token)):
     try:
         if len(data.job_details) > 8192:
             raise HTTPException(status_code=400, detail="Job detail is too long")
@@ -50,23 +48,18 @@ async def generate_cover_letter_api(data: GenerateRequest):
 
 
 @router.post("/upload-resume")
-async def upload_resume(resume: UploadFile = File(...)):
+async def upload_resume(resume: UploadFile = File(...),user=Depends(verify_token)):
     try:
-        # Read resume content
         resume_content = await resume.read()
-        
-        # Upload to HuggingFace Hub
         resume_url = storage_service.upload_file_to_hf(
             file_content=resume_content,
             folder="resumes",
             filename=resume.filename
         )
-        
         return {
             "success": True,
             "url": resume_url
         }
-        
     except Exception as e:
         return {
             "success": False,
@@ -74,7 +67,7 @@ async def upload_resume(resume: UploadFile = File(...)):
         }
      
 @router.post("/upload-file")
-async def upload_file(pdf: UploadFile = File(...)):
+async def upload_file(pdf: UploadFile = File(...),user=Depends(verify_token)):
     try:
         # Read resume content
         pdf_content = await pdf.read()

app/auth/auth.py

@@ -0,0 +1,19 @@
+from fastapi import Depends, HTTPException, status
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from jose import jwt, JWTError
+import os
+
+security = HTTPBearer()
+def verify_token(credentials: HTTPAuthorizationCredentials = Depends(security)):
+    JWT_SECRET = os.getenv("JWT_SECRET_KEY", "fallback_secret")
+    ALGORITHM = os.getenv("ALGORITHM")
+    token = credentials.credentials
+    try:
+        payload = jwt.decode(token, JWT_SECRET, algorithms=[ALGORITHM])
+        return payload
+    except JWTError as e:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Invalid or expired token",
+            headers={"WWW-Authenticate": "Bearer"},
+        )