second round of review

backend/main.py

@@ -343,23 +343,21 @@ class ProfileUpdate(BaseModel):
     nostr_npub: str | None = None
 
 
-def require_regular_user():
+async def require_regular_user(
+    current_user: User = Depends(get_current_user),
+) -> User:
     """Dependency that requires the user to have the 'regular' role."""
-    async def checker(
-        current_user: User = Depends(get_current_user),
-    ) -> User:
-        if ROLE_REGULAR not in current_user.role_names:
-            raise HTTPException(
-                status_code=status.HTTP_403_FORBIDDEN,
-                detail="Profile access is only available to regular users",
-            )
-        return current_user
-    return checker
+    if ROLE_REGULAR not in current_user.role_names:
+        raise HTTPException(
+            status_code=status.HTTP_403_FORBIDDEN,
+            detail="Profile access is only available to regular users",
+        )
+    return current_user
 
 
 @app.get("/api/profile", response_model=ProfileResponse)
 async def get_profile(
-    current_user: User = Depends(require_regular_user()),
+    current_user: User = Depends(require_regular_user),
 ):
     """Get the current user's profile (contact details)."""
     return ProfileResponse(
@@ -374,7 +372,7 @@ async def get_profile(
 async def update_profile(
     data: ProfileUpdate,
     db: AsyncSession = Depends(get_db),
-    current_user: User = Depends(require_regular_user()),
+    current_user: User = Depends(require_regular_user),
 ):
     """Update the current user's profile (contact details)."""
     # Validate all fields