create verify user function

backend/auth/security.py

@@ -1,7 +1,9 @@
 from datetime import datetime
 
 from passlib.context import CryptContext
-from jose import JWTError, jwt
+from jose import jwt
+from sqlalchemy.orm import scoped_session
+from fastapi import HTTPException, status
 
 from config import settings
 from db.dbapi import DatabaseService
@@ -12,19 +14,34 @@
 pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
 
 
-def authenticate_user(session, name: str, password: str):
+def verify_user(session: scoped_session, token: str):
+    username = decode_access_token(token)['name']
+    user = db.fetch_user_by_name(session, username)
+    if user.lifetime <= datetime.now() and token_expired(session, username):
+        db.remove_user(session, username)
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Your account was deleted",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    return user
+
+
+def authenticate_user(session: scoped_session, name: str, password: str):
     user = db.fetch_user_by_name(session, name)
     if not (user and verify_password(password, user.hashed_password)):
         raise LoginFailed("Either username or password is incorrect")
+    if token_expired(session, user.name):
+        db.remove_user(session, user.name)
+        raise UserExpired("Your account was deleted")
     return user
 
 
-def token_expired_check(session, username):
-    user = db.fetch_user_by_name(session, username)
+def token_expired(session, username):
     access_token = db.fetch_token_by_username(session, username)
-    if (access_token.expires_at - datetime.now()).total_seconds() < 0:
-        db.remove_user(session, user)
-        raise UserExpired("Token has expired")
+    if access_token.expires_at <= datetime.now():
+        return True
+    return False
 
 
 def verify_password(plain_password, hashed_password):