Add lots of comments

src/main.py

@@ -23,7 +23,7 @@ pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 # JWT authentication setup
 jwt_secret = "secret_key"
 ALGORITHM = "HS256"
-ACCESS_TOKEN_EXPIRE_MINUTES = 30
+ACCESS_TOKEN_EXPIRE_MINUTES = 44640 # One month
 
 bearer_scheme = HTTPBearer()
 
@@ -36,6 +36,18 @@ def get_db():
         db.close()
 
 
+def get_current_user(
+    token: HTTPAuthorizationCredentials = Depends(bearer_scheme),
+):
+    try:
+        payload = jwt.decode(token.credentials, jwt_secret, algorithms=[ALGORITHM])
+        username = payload.get("sub")
+        if username is None:
+            raise HTTPException(status_code=401, detail="Invalid JWT token")
+        return username
+    except jwt.exceptions.DecodeError:
+        raise HTTPException(status_code=401, detail="Invalid JWT token")
+
 @app.get("/")
 async def root():
     return {"message": "Hello world!"}
@@ -47,8 +59,14 @@ async def read_users(db: Session = Depends(get_db)):
     return users
 
 
-@app.post("/users", response_model=users.User)
-async def create_user(user: users.UserCreate, db: Session = Depends(get_db)):
+@app.patch("/users")
+async def patch_current_user(user: users.UserCreate, current_user = Depends(get_current_user), db: Session = Depends(get_db)):
+    db_user = crud.get_us
+    return users
+
+
+@app.post("/register", response_model=users.User)
+async def register(user: users.UserCreate, db: Session = Depends(get_db)):
     db_user = crud.get_user_by_username(db, username=user.username)
     if db_user:
         raise HTTPException(status_code=400, detail="Username already registered")
@@ -57,12 +75,28 @@ async def create_user(user: users.UserCreate, db: Session = Depends(get_db)):
     )
 
 
+@app.post("/login")
+async def login(user: users.UserCreate, db: Session = Depends(get_db)):
+    user = authenticate_user(user, db)
+    if not user:
+        raise HTTPException(status_code=401, detail="Invalid username or password")
+    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
+    access_token_payload = {
+        "sub": user.username,
+        "exp": datetime.utcnow() + access_token_expires,
+    }
+    access_token = jwt.encode(access_token_payload, jwt_secret, algorithm=ALGORITHM)
+    return {"access_token": access_token}
+
+
 @app.get("/highscores", response_model=List[users.UserHighScore])
 async def read_high_scores(
     db: Session = Depends(get_db),
     minigame: Optional[MinigameEnum] = None,
     n_highest: Optional[int] = None,
 ):
+    if n_highest < 1:
+        raise HTTPException(status_code=400, detail="Invalid number of high scores") 
     high_scores = crud.get_high_scores(db, minigame, n_highest)
     return high_scores
 
@@ -105,18 +139,7 @@ def authenticate_user(user: users.UserCreate, db: Session = Depends(get_db)):
     return db_user
 
 
-@app.post("/login")
-async def login(user: users.UserCreate, db: Session = Depends(get_db)):
-    user = authenticate_user(user, db)
-    if not user:
-        raise HTTPException(status_code=401, detail="Invalid username or password")
-    access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES)
-    access_token_payload = {
-        "sub": user.username,
-        "exp": datetime.utcnow() + access_token_expires,
-    }
-    access_token = jwt.encode(access_token_payload, jwt_secret, algorithm=ALGORITHM)
-    return {"access_token": access_token}
+
 
 
 @app.get("/courseprogress", response_model=List[courseprogress.CourseProgressBase])