Make only verified email be required for cafe pass

main.py

@@ -50,9 +50,17 @@ async def lifespan(app: FastAPI):
 dev_origins = [
     "http://localhost",
     "http://localhost:3000",
+    "http://127.0.0.1",
+    "http://127.0.0.1:3000",
 ]
 
-stage_origins = ["https://stage.frontend.fsektionen.se"]
+stage_origins = [
+    "https://stage.frontend.fsektionen.se",
+    "http://localhost",
+    "http://localhost:3000",
+    "http://127.0.0.1",
+    "http://127.0.0.1:3000",
+]
 
 production_origins = ["https://fsektionen.se"]
 

routes/cafe_shift_router.py

@@ -20,7 +20,7 @@
 cafe_shift_router = APIRouter()
 
 
-@cafe_shift_router.get("/view-shifts", dependencies=[Permission.member()], response_model=list[CafeShiftRead])
+@cafe_shift_router.get("/view-shifts", dependencies=[Permission.verified()], response_model=list[CafeShiftRead])
 def view_all_shifts(db: DB_dependency):
     shifts = db.query(CafeShift_DB).all()
     return shifts
@@ -36,7 +36,7 @@ def admin_view_shift(shift_id: int, db: DB_dependency):
     return shift
 
 
-@cafe_shift_router.get("/{shift_id}", dependencies=[Permission.member()], response_model=CafeShiftRead)
+@cafe_shift_router.get("/{shift_id}", dependencies=[Permission.verified()], response_model=CafeShiftRead)
 def view_shift(shift_id: int, db: DB_dependency):
     shift = db.query(CafeShift_DB).filter_by(id=shift_id).one_or_none()
     if shift is None:
@@ -45,7 +45,7 @@ def view_shift(shift_id: int, db: DB_dependency):
 
 
 # Var tvungen att göra en fuling och göra detta till en POST för att kunna skicka med en JSON body. Det var problem med att parsa datetimes om de skickades med som fält.
-@cafe_shift_router.post("/view-between-dates", dependencies=[Permission.member()], response_model=list[CafeShiftRead])
+@cafe_shift_router.post("/view-between-dates", dependencies=[Permission.verified()], response_model=list[CafeShiftRead])
 def view_shifts_between_dates(data: CafeViewBetweenDates, db: DB_dependency):
     shifts = (
         db.query(CafeShift_DB)
@@ -178,7 +178,7 @@ def update_shift(shift_id: int, data: CafeShiftUpdate, db: DB_dependency):
 
 
 @cafe_shift_router.patch("/sign-up/{shift_id}", response_model=CafeShiftRead)
-def signup_to_shift(shift_id: int, user: Annotated[User_DB, Permission.member()], db: DB_dependency):
+def signup_to_shift(shift_id: int, user: Annotated[User_DB, Permission.verified()], db: DB_dependency):
     shift = db.query(CafeShift_DB).filter_by(id=shift_id).one_or_none()
     if shift is None:
         raise HTTPException(status.HTTP_404_NOT_FOUND)
@@ -194,7 +194,7 @@ def signup_to_shift(shift_id: int, user: Annotated[User_DB, Permission.member()]
 @cafe_shift_router.patch("/sign-off/{shift_id}", response_model=CafeShiftRead)
 def signoff_from_shift(
     shift_id: int,
-    user: Annotated[User_DB, Permission.member()],
+    user: Annotated[User_DB, Permission.verified()],
     manage_permission: Annotated[bool, Permission.check("manage", "Cafe")],
     db: DB_dependency,
 ):

user/permission.py

@@ -32,6 +32,20 @@ def dependency(user: User_DB | None = Depends(current_verified_user)):
 
         return Depends(dependency)
 
+    @classmethod
+    def verified(cls):
+        # Use this dependency for routes that all verified users should access
+        def dependency(user: User_DB | None = Depends(current_verified_user)):
+            if user is None:
+                raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Not authenticated")
+
+            if not user.is_verified:
+                raise HTTPException(status.HTTP_403_FORBIDDEN)
+
+            return user
+
+        return Depends(dependency)
+
     @classmethod
     def member(cls):
         # Use this dependency for routes that only members should access