From e42421d2ffb87e2b59fc62ee7d8df714f71feb4b Mon Sep 17 00:00:00 2001
From: Egor <egor.andrianovv@gmail.com>
Date: Tue, 20 Jan 2026 14:28:35 +0300
Subject: [PATCH] Update dependencies.py

---
 app/cabinet/dependencies.py | 50 +++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/app/cabinet/dependencies.py b/app/cabinet/dependencies.py
index bd76b302..a11e4da6 100644
--- a/app/cabinet/dependencies.py
+++ b/app/cabinet/dependencies.py
@@ -1,16 +1,21 @@
 """FastAPI dependencies for cabinet module."""
 
+import logging
 from fastapi import Depends, HTTPException, status
 from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
 from sqlalchemy.ext.asyncio import AsyncSession
 from typing import Optional
+from aiogram import Bot
 
 from app.database.database import AsyncSessionLocal
 from app.database.models import User
 from app.database.crud.user import get_user_by_id
 from app.config import settings
+from app.services.maintenance_service import maintenance_service
 from .auth.jwt_handler import get_token_payload
 
+logger = logging.getLogger(__name__)
+
 security = HTTPBearer(auto_error=False)
 
 
@@ -40,6 +45,11 @@ async def get_current_cabinet_user(
     Raises:
         HTTPException: If token is invalid, expired, or user not found
     """
+    # Check maintenance mode first (except for admins - checked later)
+    if maintenance_service.is_maintenance_active():
+        # We need to check token first to see if user is admin
+        pass  # Will check after getting user
+
     if not credentials:
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
@@ -80,6 +90,46 @@ async def get_current_cabinet_user(
             detail="User account is not active",
         )
 
+    # Check maintenance mode (allow admins to pass)
+    if maintenance_service.is_maintenance_active():
+        if not settings.is_admin(user.telegram_id):
+            status_info = maintenance_service.get_status_info()
+            raise HTTPException(
+                status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
+                detail={
+                    "code": "maintenance",
+                    "message": maintenance_service.get_maintenance_message() or "Service is under maintenance",
+                    "reason": status_info.get("reason"),
+                },
+            )
+
+    # Check required channel subscription
+    if settings.CHANNEL_IS_REQUIRED_SUB and settings.CHANNEL_SUB_ID:
+        # Skip check for admins
+        if not settings.is_admin(user.telegram_id):
+            try:
+                bot = Bot(token=settings.BOT_TOKEN)
+                chat_member = await bot.get_chat_member(
+                    chat_id=settings.CHANNEL_SUB_ID,
+                    user_id=user.telegram_id
+                )
+                await bot.session.close()
+
+                if chat_member.status not in ["member", "administrator", "creator"]:
+                    raise HTTPException(
+                        status_code=status.HTTP_403_FORBIDDEN,
+                        detail={
+                            "code": "channel_subscription_required",
+                            "message": "Please subscribe to our channel to continue",
+                            "channel_link": settings.CHANNEL_LINK,
+                        },
+                    )
+            except HTTPException:
+                raise
+            except Exception as e:
+                logger.warning(f"Failed to check channel subscription for user {user.telegram_id}: {e}")
+                # Don't block user if check fails
+
     return user