# Verify user is Logged In

* Best way to set this up is to initially create a schema for the Token in <mark style="color:green;">`schema.py`</mark>

```python
class Token(BaseModel):
    access_token: str
    token_type: str

class TokenData(BaseModel):
    id: Optional[str]
```

* We will then modify the file <mark style="color:green;">`oauth2.py`</mark>

```python
from fastapi import Depends, status, HTTPException
from jose import JWTError, jwt
from datetime import date, datetime, timedelta
from . import schemas
from fastapi.security import OAuth2PasswordBearer

def verify_access_token(token: str, credentials_exception):

    try:
        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
        id: str = payload.get("user_id")

        if str(id) is None:
            raise credentials_exception
        
        token_data = schemas.TokenData(id=id)

    except JWTError:
        raise credentials_exception

    return token_data

def get_current_user(token: str = Depends(oath2_scheme)):
    credentials_exception = HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail=f"Could not validate cedentials", headers={"WWW-Authenticate": "Bearer"})

    return verify_access_token(token, credentials_exception)
```

* The <mark style="color:orange;">`verify_access_token`</mark> function decodes the token by using the secret key and encryption algorithm and returns the data that was sent initially
* If there is no user id, this will return a exception
* Within the <mark style="color:orange;">`get_current_user`</mark> function, we are defining the HTTP exception (our case 401)
* Then calling the <mark style="color:orange;">`verify_access_token`</mark> function and providing the token
* The invoked function returns the <mark style="color:orange;">`token_data`</mark>