From 1f13e8aa5a24d4378413f977070f2aef128542f5 Mon Sep 17 00:00:00 2001
From: lilly <li@lly.sh>
Date: Sun, 3 May 2026 23:41:54 +0200
Subject: [PATCH] api: implement bare-bones userinfo endpoint

---
 api/src/dooris_api/deps.py   | 8 +++++++-
 api/src/dooris_api/models.py | 5 -----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/api/src/dooris_api/deps.py b/api/src/dooris_api/deps.py
index 1d8dccf..0a5ded3 100644
--- a/api/src/dooris_api/deps.py
+++ b/api/src/dooris_api/deps.py
@@ -13,7 +13,13 @@ OpenidClient = Annotated[OpenidClient, Depends(get_oidc_client)]
 
 
 async def get_current_user(req: Request, oidc_client: OpenidClient) -> Optional[models.CurrentUser]:
-    return None
+    # for now we only handle the case of no expired tokens
+    # TODO: automatically use the refresh token to fetch new access tokens
+    if not all(i in req.cookies for i in ["access_token", "refresh_token", "id_token", "auth_nonce"]):
+        return None
+
+    id_token = oidc_client.decode_id_token(req.cookies["id_token"], nonce=req.cookies["auth_nonce"])
+    return models.CurrentUser(id_token=id_token)
 
 
 CurrentUser = Annotated[Optional[models.CurrentUser], Depends(get_current_user)]
diff --git a/api/src/dooris_api/models.py b/api/src/dooris_api/models.py
index 72791f7..7cf5940 100644
--- a/api/src/dooris_api/models.py
+++ b/api/src/dooris_api/models.py
@@ -1,14 +1,9 @@
 from typing import Optional
-from datetime import datetime
 from pydantic import BaseModel
 from simple_openid_connect.data import IdToken
 
 
 class CurrentUser(BaseModel):
-    access_token: str
-    access_token_expiry: datetime
-    refresh_token: Optional[str]
-    refresh_token_expiry: Optional[datetime]
     id_token: IdToken