This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AppSettings(BaseSettings): | |
project_name: Optional[str] | |
debug: bool = False | |
include_admin_routes: bool = False | |
# Server | |
server_name: Optional[str] | |
server_host: Optional[str] | |
sentry_dsn: Optional[str] | |
backend_cors_origins_str: str = "" # Should be a comma-separated list of origins |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
COOKIE_AUTHORIZATION_NAME = "Authorization" | |
COOKIE_DOMAIN = "<YOUR_DOMAIN_NAME>" | |
PROTOCOL = "http://" | |
FULL_HOST_NAME = "<YOUR_DOMAIN_NAME>" | |
PORT_NUMBER = 8000 | |
CLIENT_ID = "1007436511433-1o329ffhgodf6ipbmgqm99r2kkjsoj9u.apps.googleusercontent.com" | |
CLIENT_SECRETS_JSON = "client_secret_1007436511433-1o329ffhgodf6ipbmgqm99r2kkjsoj9u.apps.googleusercontent.com.json" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
google_login_javascript_client = f"""<!DOCTYPE html> | |
<html itemscope itemtype="http://schema.org/Article"> | |
<head> | |
<meta charset="UTF-8"> | |
<meta name="google-signin-client_id" content="{CLIENT_ID}"> | |
<title>Google Login</title><script src="https://apis.google.com/js/platform.js" async defer></script> | |
<body> | |
<div class="g-signin2" data-onsuccess="onSignIn"></div> | |
<script>function onSignIn(googleUser) {{ | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@app.get("/login_basic") | |
async def login_basic(auth: BasicAuth = Depends(basic_auth)): | |
if not auth: | |
response = Response(headers={"WWW-Authenticate": "Basic"}, status_code=401) | |
return response | |
try: | |
decoded = base64.b64decode(auth).decode("ascii") | |
username, _, password = decoded.partition(":") | |
user = authenticate_user(fake_users_db, username, password) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@app.get("/logout") | |
async def route_logout_and_remove_cookie(): | |
response = RedirectResponse(url="/") | |
response.delete_cookie("Authorization", domain="localtest.me") | |
return response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class BasicAuth(SecurityBase): | |
def __init__(self, scheme_name: str = None, auto_error: bool = True): | |
self.scheme_name = scheme_name or self.__class__.__name__ | |
self.auto_error = auto_error | |
async def __call__(self, request: Request) -> Optional[str]: | |
authorization: str = request.headers.get("Authorization") | |
scheme, param = get_authorization_scheme_param(authorization) | |
if not authorization or scheme.lower() != "basic": | |
if self.auto_error: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@app.get("/secure_endpoint", tags=["test"]) | |
async def get_open_api_endpoint(api_key: APIKey = Depends(get_api_key)): | |
response = "How cool is this?" | |
return response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
async def get_api_key( | |
api_key_query: str = Security(api_key_query), | |
api_key_header: str = Security(api_key_header), | |
api_key_cookie: str = Security(api_key_cookie), | |
): | |
if api_key_query == API_KEY: | |
return api_key_query | |
elif api_key_header == API_KEY: | |
return api_key_header |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@app.get("/google_login_client", tags=["security"]) | |
def google_login_client(): | |
return HTMLResponse(google_login_javascript_client) | |
@app.get("/google_login_server", tags=["security"]) | |
def google_login_server(): | |
return HTMLResponse(google_login_javascript_server) |