From 0bdb7ca8f6c7dbd3b7abc17322baa770c130e8c8 Mon Sep 17 00:00:00 2001
From: fullsizemalt <106900403+fullsizemalt@users.noreply.github.com>
Date: Sun, 28 Dec 2025 17:06:44 -0800
Subject: [PATCH] fix: Add get_current_user_optional for public endpoints

---
 backend/auth.py | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/backend/auth.py b/backend/auth.py
index 37e5f27..e23e391 100644
--- a/backend/auth.py
+++ b/backend/auth.py
@@ -59,3 +59,26 @@ async def get_current_superuser(current_user: User = Depends(get_current_user)):
             detail="The user doesn't have enough privileges"
         )
     return current_user
+
+
+# Optional OAuth scheme that doesn't require auth
+oauth2_scheme_optional = OAuth2PasswordBearer(tokenUrl="auth/token", auto_error=False)
+
+async def get_current_user_optional(
+    token: Optional[str] = Depends(oauth2_scheme_optional), 
+    session: Session = Depends(get_session)
+) -> Optional[User]:
+    """Get current user if authenticated, otherwise return None (for public endpoints)"""
+    if not token:
+        return None
+    try:
+        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
+        email: str = payload.get("sub")
+        if email is None:
+            return None
+    except JWTError:
+        return None
+    
+    user = session.exec(select(User).where(User.email == email)).first()
+    return user
+