Nuevos cambios de la implementacion token interno de dolibarr a los microservicios

Back_comercial_iko/app/comercial/Main_comercial.py

@@ -1,16 +1,17 @@
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends
 from Back_comercial_iko.services.Comercial_service import ComercialService
 from Back_comercial_iko.core.Response import ApiResponse
 from Back_comercial_iko.core.HttpStatus import HttpStatus
+from Back_comercial_iko.core.AuthTokenDoli import TokenDoliManager
 
 
 router = APIRouter(prefix="/comercial", tags=["Comercial"])
 
 @router.post("/create-project")
-def create_project(data: dict):
+def create_project(data: dict, token_data: dict = Depends(TokenDoliManager.verify_header)):
     try:
         service = ComercialService()
         result = service.create_project_commercial(data)
-        return ApiResponse.success(result,"Proyecto creado",HttpStatus.CREATED)
+        return ApiResponse.success(result, "Proyecto creado", HttpStatus.CREATED)
     except Exception as e:
-        return ApiResponse.error(str(e),HttpStatus.NOT_FOUND)
+        return ApiResponse.error(str(e), HttpStatus.NOT_FOUND)

Back_comercial_iko/core/Auth.py

@@ -1,7 +1,7 @@
 import jwt
 from datetime import datetime, timedelta
 from typing import Dict, Any
-from core.Config import settings
+from Back_comercial_iko.core.Config import settings
 
 
 class TokenManager:

Back_comercial_iko/core/AuthTokenDoli.py

@@ -0,0 +1,45 @@
+import base64
+import hashlib
+import hmac
+import json
+import time
+from typing import Dict, Any
+from fastapi import Header, HTTPException, Depends
+from Back_comercial_iko.core.Config import settings
+
+class TokenDoliManager:
+    """
+    Manages the generation and validation of Dolibarr session tokens.
+    """
+
+    @classmethod
+    def verify(cls, token: str) -> Dict[str, Any]:
+        try:
+            payload_b64, signature = token.split(".")
+
+            expected_signature = hmac.new(
+                settings.token_secret_key.encode(),
+                payload_b64.encode(),
+                hashlib.sha256
+            ).hexdigest()
+
+            if not hmac.compare_digest(signature, expected_signature):
+                raise ValueError("Firma inválida")
+
+            payload_json = base64.b64decode(payload_b64 + "===").decode()
+            payload = json.loads(payload_json)
+
+            if payload["exp"] < time.time():
+                raise ValueError("Token expirado")
+
+            return payload
+
+        except Exception:
+            raise ValueError("Token inválido")
+
+    @classmethod
+    def verify_header(cls, token: str = Header(...)) -> Dict[str, Any]:
+        try:
+            return cls.verify(token)
+        except ValueError as e:
+            raise HTTPException(status_code=401, detail=str(e))

Back_comercial_iko/core/Response.py

@@ -16,6 +16,7 @@ class ApiResponse:
             status_code=status_code,
             content={
                 "success": True,
+                "status_code": status_code,
                 "message": message,
                 "data": data
             }