feat(api): add authentication to all endpoints and update OpenAPI schema

api.py

@@ -175,6 +175,28 @@ app = FastAPI(
 ) """
 
 
+def custom_openapi():
+    if app.openapi_schema:
+        return app.openapi_schema
+
+    openapi_schema = app.openapi()
+
+    # Définir deux schémas de sécurité
+    openapi_schema["components"]["securitySchemes"] = {
+        "HTTPBearer": {"type": "http", "scheme": "bearer", "bearerFormat": "JWT"},
+        "ApiKeyAuth": {"type": "apiKey", "in": "header", "name": "X-API-Key"},
+    }
+
+    openapi_schema["security"] = [{"HTTPBearer": []}, {"ApiKeyAuth": []}]
+
+    app.openapi_schema = openapi_schema
+    return app.openapi_schema
+
+
+# Après app = FastAPI(...), ajouter:
+app.openapi = custom_openapi
+
+
 setup_cors(app, mode="open")
 app.add_middleware(SwaggerAuthMiddleware)
 app.add_middleware(ApiKeyMiddleware)
@@ -189,6 +211,7 @@ app.include_router(entreprises_router)
 @app.get("/clients", response_model=List[ClientDetails], tags=["Clients"])
 async def obtenir_clients(
     query: Optional[str] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -202,6 +225,7 @@ async def obtenir_clients(
 @app.get("/clients/{code}", response_model=ClientDetails, tags=["Clients"])
 async def lire_client_detail(
     code: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -224,6 +248,7 @@ async def modifier_client(
     code: str,
     client_update: ClientUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -249,6 +274,7 @@ async def modifier_client(
 async def ajouter_client(
     client: ClientCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -273,6 +299,7 @@ async def ajouter_client(
 @app.get("/articles", response_model=List[Article], tags=["Articles"])
 async def rechercher_articles(
     query: Optional[str] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -291,6 +318,7 @@ async def rechercher_articles(
 )
 async def creer_article(
     article: ArticleCreate,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -331,6 +359,7 @@ async def creer_article(
 async def modifier_article(
     reference: str = Path(..., description="Référence de l'article à modifier"),
     article: ArticleUpdate = Body(...),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -374,6 +403,7 @@ async def modifier_article(
 @app.get("/articles/{reference}", response_model=Article, tags=["Articles"])
 async def lire_article(
     reference: str = Path(..., description="Référence de l'article"),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -403,6 +433,7 @@ async def lire_article(
 @app.post("/devis", response_model=Devis, status_code=201, tags=["Devis"])
 async def creer_devis(
     devis: DevisRequest,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -442,6 +473,7 @@ async def modifier_devis(
     id: str,
     devis_update: DevisUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -487,6 +519,7 @@ async def modifier_devis(
 async def creer_commande(
     commande: CommandeCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -536,6 +569,7 @@ async def modifier_commande(
     id: str,
     commande_update: CommandeUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -584,6 +618,7 @@ async def lister_devis(
     inclure_lignes: bool = Query(
         True, description="Inclure les lignes de chaque devis"
     ),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -600,6 +635,7 @@ async def lister_devis(
 @app.get("/devis/{id}", tags=["Devis"])
 async def lire_devis(
     id: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -620,6 +656,7 @@ async def lire_devis(
 @app.get("/devis/{id}/pdf", tags=["Devis"])
 async def telecharger_devis_pdf(
     id: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -642,6 +679,7 @@ async def telecharger_document_pdf(
         description="Type de document (0=Devis, 10=Commande, 30=Livraison, 60=Facture, 50=Avoir)",
     ),
     numero: str = Path(..., description="Numéro du document"),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -698,6 +736,7 @@ async def envoyer_devis_email(
     id: str,
     request: EmailEnvoi,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -753,6 +792,7 @@ async def changer_statut_document(
     nouveau_statut: int = Query(
         ..., ge=0, le=6, description="0=Saisi, 1=Confirmé, 2=Accepté"
     ),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     document_type_sql = None
@@ -869,6 +909,7 @@ async def changer_statut_document(
 @app.get("/commandes/{id}", tags=["Commandes"])
 async def lire_commande(
     id: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -887,6 +928,7 @@ async def lire_commande(
 async def lister_commandes(
     limit: int = Query(100, le=1000),
     statut: Optional[int] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -902,6 +944,7 @@ async def lister_commandes(
 async def devis_vers_commande(
     id: str,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -946,6 +989,7 @@ async def devis_vers_commande(
 async def commande_vers_facture(
     id: str,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1047,6 +1091,7 @@ async def envoyer_emails_lot(
 async def valider_remise(
     client_id: str = Query(..., min_length=1),
     remise_pourcentage: float = Query(0.0, ge=0, le=100),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1080,6 +1125,7 @@ async def relancer_devis_signature(
     id: str,
     relance: RelanceDevis,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1146,6 +1192,7 @@ class ContactClientResponse(BaseModel):
 @app.get("/devis/{id}/contact", response_model=ContactClientResponse, tags=["Devis"])
 async def recuperer_contact_devis(
     id: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1173,6 +1220,7 @@ async def recuperer_contact_devis(
 async def lister_factures(
     limit: int = Query(100, le=1000),
     statut: Optional[int] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1187,6 +1235,7 @@ async def lister_factures(
 @app.get("/factures/{numero}", tags=["Factures"])
 async def lire_facture_detail(
     numero: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1213,6 +1262,7 @@ class RelanceFacture(BaseModel):
 async def creer_facture(
     facture: FactureCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1262,6 +1312,7 @@ async def modifier_facture(
     id: str,
     facture_update: FactureUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1331,6 +1382,7 @@ async def relancer_facture(
     id: str,
     relance: RelanceFacture,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1401,6 +1453,7 @@ async def journal_emails(
     destinataire: Optional[str] = Query(None),
     limit: int = Query(100, le=1000),
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     query = select(EmailLog)
@@ -1436,6 +1489,7 @@ async def journal_emails(
 async def exporter_logs_csv(
     statut: Optional[StatutEmail] = Query(None),
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     query = select(EmailLog)
@@ -1592,6 +1646,7 @@ async def supprimer_template(
 @app.post("/templates/emails/preview", tags=["Emails"])
 async def previsualiser_email(
     preview: TemplatePreview,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     if preview.template_id not in templates_email_db:
@@ -1630,6 +1685,7 @@ async def previsualiser_email(
 @app.get("/prospects", tags=["Prospects"])
 async def rechercher_prospects(
     query: Optional[str] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1643,6 +1699,7 @@ async def rechercher_prospects(
 @app.get("/prospects/{code}", tags=["Prospects"])
 async def lire_prospect(
     code: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1662,6 +1719,7 @@ async def lire_prospect(
 )
 async def rechercher_fournisseurs(
     query: Optional[str] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1683,6 +1741,7 @@ async def rechercher_fournisseurs(
 async def ajouter_fournisseur(
     fournisseur: FournisseurCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1712,6 +1771,7 @@ async def modifier_fournisseur(
     code: str,
     fournisseur_update: FournisseurUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1734,6 +1794,7 @@ async def modifier_fournisseur(
 @app.get("/fournisseurs/{code}", tags=["Fournisseurs"])
 async def lire_fournisseur(
     code: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1752,6 +1813,7 @@ async def lire_fournisseur(
 async def lister_avoirs(
     limit: int = Query(100, le=1000),
     statut: Optional[int] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1765,6 +1827,7 @@ async def lister_avoirs(
 @app.get("/avoirs/{numero}", tags=["Avoirs"])
 async def lire_avoir(
     numero: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1783,6 +1846,7 @@ async def lire_avoir(
 async def creer_avoir(
     avoir: AvoirCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1830,6 +1894,7 @@ async def modifier_avoir(
     id: str,
     avoir_update: AvoirUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1875,6 +1940,7 @@ async def modifier_avoir(
 async def lister_livraisons(
     limit: int = Query(100, le=1000),
     statut: Optional[int] = Query(None),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1888,6 +1954,7 @@ async def lister_livraisons(
 @app.get("/livraisons/{numero}", tags=["Livraisons"])
 async def lire_livraison(
     numero: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1906,6 +1973,7 @@ async def lire_livraison(
 async def creer_livraison(
     livraison: LivraisonCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -1959,6 +2027,7 @@ async def modifier_livraison(
     id: str,
     livraison_update: LivraisonUpdate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2004,6 +2073,7 @@ async def modifier_livraison(
 async def livraison_vers_facture(
     id: str,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2047,6 +2117,7 @@ async def livraison_vers_facture(
 async def devis_vers_facture_direct(
     id: str,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2107,6 +2178,7 @@ async def devis_vers_facture_direct(
 async def commande_vers_livraison(
     id: str,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2178,6 +2250,7 @@ async def commande_vers_livraison(
 )
 async def lister_familles(
     filtre: Optional[str] = Query(None, description="Filtre sur code ou intitulé"),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2203,6 +2276,7 @@ async def lister_familles(
 )
 async def lire_famille(
     code: str = Path(..., description="Code de la famille (ex: ZDIVERS)"),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2238,6 +2312,7 @@ async def lire_famille(
 )
 async def creer_famille(
     famille: FamilleCreate,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2281,6 +2356,7 @@ async def creer_famille(
 )
 async def creer_entree_stock(
     entree: EntreeStock,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2317,6 +2393,7 @@ async def creer_entree_stock(
 )
 async def creer_sortie_stock(
     sortie: SortieStock,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2352,6 +2429,7 @@ async def creer_sortie_stock(
 )
 async def lire_mouvement_stock(
     numero: str = Path(..., description="Numéro du mouvement (ex: ME00123 ou MS00124)"),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2384,6 +2462,7 @@ async def lire_mouvement_stock(
     summary="Statistiques sur les familles",
 )
 async def statistiques_familles(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2492,6 +2571,7 @@ async def statistiques_utilisateurs(session: AsyncSession = Depends(get_session)
 async def creer_contact(
     numero: str,
     contact: ContactCreate,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2524,6 +2604,7 @@ async def creer_contact(
 @app.get("/tiers/{numero}/contacts", response_model=List[Contact], tags=["Contacts"])
 async def lister_contacts(
     numero: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2542,6 +2623,7 @@ async def lister_contacts(
 async def obtenir_contact(
     numero: str,
     contact_numero: int,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2567,6 +2649,7 @@ async def modifier_contact(
     numero: str,
     contact_numero: int,
     contact: ContactUpdate,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2598,6 +2681,7 @@ async def modifier_contact(
 async def supprimer_contact(
     numero: str,
     contact_numero: int,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2612,6 +2696,7 @@ async def supprimer_contact(
 async def definir_contact_defaut(
     numero: str,
     contact_numero: int,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2633,6 +2718,7 @@ async def obtenir_tiers(
         description="Filtre par type: 0/client, 1/fournisseur, 2/prospect, 3/all ou strings",
     ),
     query: Optional[str] = Query(None, description="Recherche sur code ou intitulé"),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2647,6 +2733,7 @@ async def obtenir_tiers(
 @app.get("/tiers/{code}", response_model=TiersDetails, tags=["Tiers"])
 async def lire_tiers_detail(
     code: str,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2684,6 +2771,7 @@ async def lister_collaborateurs(
     actifs_seulement: bool = Query(
         True, description="Exclure les collaborateurs en sommeil"
     ),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Liste tous les collaborateurs"""
@@ -2702,6 +2790,7 @@ async def lister_collaborateurs(
 )
 async def lire_collaborateur_detail(
     numero: int,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Lit un collaborateur par son numéro"""
@@ -2728,6 +2817,7 @@ async def lire_collaborateur_detail(
 )
 async def creer_collaborateur(
     collaborateur: CollaborateurCreate,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Crée un nouveau collaborateur"""
@@ -2754,6 +2844,7 @@ async def creer_collaborateur(
 async def modifier_collaborateur(
     numero: int,
     collaborateur: CollaborateurUpdate,
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Modifie un collaborateur existant"""
@@ -2776,6 +2867,7 @@ async def modifier_collaborateur(
 
 @app.get("/societe/info", response_model=SocieteInfo, tags=["Société"])
 async def obtenir_informations_societe(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2795,6 +2887,7 @@ async def obtenir_informations_societe(
 
 @app.get("/societe/logo", tags=["Société"])
 async def obtenir_logo_societe(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Retourne le logo en tant qu'image directe"""
@@ -2819,6 +2912,7 @@ async def obtenir_logo_societe(
 
 @app.get("/societe/preview", response_class=HTMLResponse, tags=["Société"])
 async def preview_societe(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Page HTML pour visualiser les infos société avec logo"""
@@ -2892,6 +2986,7 @@ async def preview_societe(
 async def valider_facture(
     numero_facture: str,
     _: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2915,6 +3010,7 @@ async def valider_facture(
 async def devalider_facture(
     numero_facture: str,
     _: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2938,6 +3034,7 @@ async def devalider_facture(
 async def get_statut_validation_facture(
     numero_facture: str,
     _: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -2958,6 +3055,7 @@ async def regler_facture(
     numero_facture: str,
     reglement: ReglementFactureCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -3001,6 +3099,7 @@ async def regler_facture(
 async def regler_factures_multiple(
     reglement: ReglementMultipleCreate,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -3039,6 +3138,7 @@ async def regler_factures_multiple(
 async def get_reglements_facture(
     numero_facture: str,
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -3063,6 +3163,7 @@ async def get_reglements_client(
     date_fin: Optional[datetime] = Query(None, description="Date fin"),
     inclure_soldees: bool = Query(True, description="Inclure les factures soldées"),
     session: AsyncSession = Depends(get_session),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -3087,6 +3188,7 @@ async def get_reglements_client(
 
 @app.get("/journaux/banque", tags=["Règlements"])
 async def get_journaux_banque(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     try:
@@ -3099,6 +3201,7 @@ async def get_journaux_banque(
 
 @app.get("/reglements/modes", tags=["Référentiels"])
 async def get_modes_reglement(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Liste des modes de règlement disponibles dans Sage"""
@@ -3112,6 +3215,7 @@ async def get_modes_reglement(
 
 @app.get("/devises", tags=["Référentiels"])
 async def get_devises(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Liste des devises disponibles dans Sage"""
@@ -3125,6 +3229,7 @@ async def get_devises(
 
 @app.get("/journaux/tresorerie", tags=["Référentiels"])
 async def get_journaux_tresorerie(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Liste des journaux de trésorerie (banque + caisse)"""
@@ -3143,6 +3248,7 @@ async def get_comptes_generaux(
         None,
         description="client | fournisseur | banque | caisse | tva | produit | charge",
     ),
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Liste des comptes généraux"""
@@ -3156,6 +3262,7 @@ async def get_comptes_generaux(
 
 @app.get("/tva/taux", tags=["Référentiels"])
 async def get_tva_taux(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Liste des taux de TVA"""
@@ -3169,6 +3276,7 @@ async def get_tva_taux(
 
 @app.get("/parametres/encaissement", tags=["Référentiels"])
 async def get_parametres_encaissement(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     """Paramètres TVA sur encaissement"""
@@ -3215,6 +3323,7 @@ async def get_reglement_detail(rg_no):
 
 @app.get("/health", tags=["System"])
 async def health_check(
+    user: User = Depends(get_current_user),
     sage: SageGatewayClient = Depends(get_sage_client_for_user),
 ):
     gateway_health = sage.health()
@@ -3236,9 +3345,23 @@ async def health_check(
 async def root():
     return {
         "api": "Sage 100c Dataven - VPS Linux",
-        "version": "2.0.0",
+        "version": "3.0.0",
-        "documentation": "/docs",
+        "documentation": "/docs (authentification requise)",
         "health": "/health",
+        "authentication": {
+            "methods": [
+                {
+                    "type": "JWT",
+                    "header": "Authorization: Bearer <token>",
+                    "endpoint": "/api/auth/login",
+                },
+                {
+                    "type": "API Key",
+                    "header": "X-API-Key: sdk_live_xxx",
+                    "endpoint": "/api/api-keys",
+                },
+            ]
+        },
     }