Refactor token handling and introduce token revocation logic

Updated `decode_token` for stricter validation of token claims and explicit error handling. Added utilities for token revocation and verification, improving

backend/app/auth/dependencies.py

@@ -4,7 +4,7 @@ from jose import JWTError, jwt
 from sqlalchemy.ext.asyncio import AsyncSession
 
 from app.core.database import get_db
-from auth.security import SECRET_KEY, ALGORITHM
+from app.auth.security import decode_token
 from app.models.user import User
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="auth/token")
@@ -14,28 +14,22 @@ async def get_current_user(
         token: str = Depends(oauth2_scheme),
         db: AsyncSession = Depends(get_db)
 ):
-    credentials_exception = HTTPException(
-        status_code=status.HTTP_401_UNAUTHORIZED,
-        detail="Could not validate credentials",
-        headers={"WWW-Authenticate": "Bearer"},
-    )
-
     try:
-        payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
-        user_id: str = payload.get("sub")
-        token_type: str = payload.get("type")
+        payload = decode_token(token)  # Use updated decode_token.
+        user_id: str = payload.sub
+        token_type: str = payload.type
 
         if user_id is None or token_type != "access":
-            raise credentials_exception
+            raise HTTPException(status_code=401, detail="Invalid token type.")
 
-    except JWTError:
-        raise credentials_exception
+        user = await db.get(User, user_id)
+        if user is None:
+            raise HTTPException(status_code=401, detail="User not found.")
 
-    user = await db.get(User, user_id)
-    if user is None:
-        raise credentials_exception
+        return user
+    except JWTError as e:
+        raise HTTPException(status_code=401, detail=str(e))
 
-    return user
 
 
 async def get_current_active_user(