Python fastapi.Security() Examples

The following are 28 code examples of fastapi.Security(). You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may also want to check out all available functions/classes of the module fastapi , or try the search function .
Example #1
Source File: authentication.py    From fastapi-realworld-example-app with MIT License 6 votes vote down vote up
def _get_authorization_header(
    api_key: str = Security(RWAPIKeyHeader(name=HEADER_KEY)),
) -> str:
    try:
        token_prefix, token = api_key.split(" ")
    except ValueError:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=strings.WRONG_TOKEN_PREFIX,
        )

    if token_prefix != JWT_TOKEN_PREFIX:
        raise HTTPException(
            status_code=status.HTTP_403_FORBIDDEN, detail=strings.WRONG_TOKEN_PREFIX,
        )

    return token 
Example #2
Source File: test_security_http_basic_optional.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(credentials: Optional[HTTPBasicCredentials] = Security(security)):
    if credentials is None:
        return {"msg": "Create an account first"}
    return {"username": credentials.username, "password": credentials.password} 
Example #3
Source File: security.py    From LuWu with Apache License 2.0 5 votes vote down vote up
def get_current_active_superuser(current_user: User = Security(get_current_user)):
    if not crud.user.is_superuser(current_user):
        raise HTTPException(
            status_code=400, detail="The user doesn't have enough privileges"
        )
    return current_user 
Example #4
Source File: security.py    From LuWu with Apache License 2.0 5 votes vote down vote up
def get_current_active_user(current_user: User = Security(get_current_user)):
    if not crud.user.is_active(current_user):
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user 
Example #5
Source File: security.py    From LuWu with Apache License 2.0 5 votes vote down vote up
def get_current_user(
    db: Session = Depends(get_db), token: str = Security(reusable_oauth2)
):
    try:
        payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM])
        token_data = TokenPayload(**payload)
    except PyJWTError:
        raise HTTPException(
            status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials"
        )
    user = crud.user.get(db, id=token_data.user_id)
    if not user:
        raise HTTPException(status_code=400, detail="User not found")
    return user 
Example #6
Source File: authentication.py    From fastapi-realworld-example-app with MIT License 5 votes vote down vote up
def _get_authorization_header_optional(
    authorization: Optional[str] = Security(
        RWAPIKeyHeader(name=HEADER_KEY, auto_error=False),
    ),
) -> str:
    if authorization:
        return _get_authorization_header(authorization)

    return "" 
Example #7
Source File: tutorial005.py    From fastapi with MIT License 5 votes vote down vote up
def read_own_items(
    current_user: User = Security(get_current_active_user, scopes=["items"])
):
    return [{"item_id": "Foo", "owner": current_user.username}] 
Example #8
Source File: tutorial005.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_active_user(
    current_user: User = Security(get_current_user, scopes=["me"])
):
    if current_user.disabled:
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user 
Example #9
Source File: test_security_http_base.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(credentials: HTTPAuthorizationCredentials = Security(security)):
    return {"scheme": credentials.scheme, "credentials": credentials.credentials} 
Example #10
Source File: test_security_oauth2_password_bearer_optional.py    From fastapi with MIT License 5 votes vote down vote up
def read_items(token: Optional[str] = Security(oauth2_scheme)):
    if token is None:
        return {"msg": "Create an account first"}
    return {"token": token} 
Example #11
Source File: test_security_openid_connect.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: str = Security(oid)):
    user = User(username=oauth_header)
    return user 
Example #12
Source File: test_security_http_basic_realm.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(credentials: HTTPBasicCredentials = Security(security)):
    return {"username": credentials.username, "password": credentials.password} 
Example #13
Source File: test_security_api_key_header_optional.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: Optional[str] = Security(api_key)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user 
Example #14
Source File: test_security_api_key_cookie.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user 
Example #15
Source File: security.py    From full-stack-fastapi-couchbase with MIT License 5 votes vote down vote up
def get_current_user(token: str = Security(reusable_oauth2)):
    try:
        payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM])
        token_data = TokenPayload(**payload)
    except PyJWTError:
        raise HTTPException(
            status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials"
        )
    bucket = get_default_bucket()
    user = crud.user.get(bucket, username=token_data.username)
    if not user:
        raise HTTPException(status_code=404, detail="User not found")
    return user 
Example #16
Source File: test_security_http_base_optional.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(
    credentials: Optional[HTTPAuthorizationCredentials] = Security(security),
):
    if credentials is None:
        return {"msg": "Create an account first"}
    return {"scheme": credentials.scheme, "credentials": credentials.credentials} 
Example #17
Source File: test_security_api_key_header.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: str = Security(api_key)):
    user = User(username=oauth_header)
    return user 
Example #18
Source File: test_security_http_digest.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(credentials: HTTPAuthorizationCredentials = Security(security)):
    return {"scheme": credentials.scheme, "credentials": credentials.credentials} 
Example #19
Source File: test_security_http_bearer.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(credentials: HTTPAuthorizationCredentials = Security(security)):
    return {"scheme": credentials.scheme, "credentials": credentials.credentials} 
Example #20
Source File: test_security_api_key_cookie_optional.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: Optional[str] = Security(api_key)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user 
Example #21
Source File: test_security_http_bearer_optional.py    From fastapi with MIT License 5 votes vote down vote up
def read_current_user(
    credentials: Optional[HTTPAuthorizationCredentials] = Security(security),
):
    if credentials is None:
        return {"msg": "Create an account first"}
    return {"scheme": credentials.scheme, "credentials": credentials.credentials} 
Example #22
Source File: test_security_oauth2_authorization_code_bearer.py    From fastapi with MIT License 5 votes vote down vote up
def read_items(token: Optional[str] = Security(oauth2_scheme)):
    return {"token": token} 
Example #23
Source File: test_security_oauth2_optional.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: Optional[str] = Security(reusable_oauth2)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user 
Example #24
Source File: test_dependency_security_overrides.py    From fastapi with MIT License 5 votes vote down vote up
def read_user(
    user_data: Tuple[str, List[str]] = Security(get_user, scopes=["foo", "bar"]),
    data: List[int] = Depends(get_data),
):
    return {"user": user_data[0], "scopes": user_data[1], "data": data} 
Example #25
Source File: test_security_api_key_query_optional.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: Optional[str] = Security(api_key)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user 
Example #26
Source File: test_security_openid_connect_optional.py    From fastapi with MIT License 5 votes vote down vote up
def get_current_user(oauth_header: Optional[str] = Security(oid)):
    if oauth_header is None:
        return None
    user = User(username=oauth_header)
    return user 
Example #27
Source File: security.py    From full-stack-fastapi-couchbase with MIT License 5 votes vote down vote up
def get_current_active_superuser(current_user: UserInDB = Security(get_current_user)):
    if not crud.user.is_superuser(current_user):
        raise HTTPException(
            status_code=400, detail="The user doesn't have enough privileges"
        )
    return current_user 
Example #28
Source File: security.py    From full-stack-fastapi-couchbase with MIT License 5 votes vote down vote up
def get_current_active_user(current_user: UserInDB = Security(get_current_user)):
    if not crud.user.is_active(current_user):
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user