This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from fastapi import Security, Depends, FastAPI, HTTPException | |
from fastapi.security.api_key import APIKeyQuery, APIKeyCookie, APIKeyHeader, APIKey | |
from fastapi.openapi.docs import get_swagger_ui_html | |
from fastapi.openapi.utils import get_openapi | |
from starlette.status import HTTP_403_FORBIDDEN | |
from starlette.responses import RedirectResponse, JSONResponse |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Detecting multiple request methods | |
@app.api_route(methods=["PATCH", "POST"]) | |
OR | |
@app.get('/profile') | |
@app.post('/profile') | |
async def profile(request: Request, api_key: str = Depends(get_api_key)): | |
if request.method == 'POST': |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
app = FastAPI(docs_url=None, redoc_url=None, openapi_url=None) | |
@app.get("/") | |
async def homepage(): | |
return "Welcome to the security test!" | |
@app.get("/openapi.json") | |
async def get_open_api_endpoint(current_user: User = Depends(get_current_active_user)): | |
return JSONResponse(get_openapi(title="FastAPI", version=1, routes=app.routes)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
API_KEY = "1234567asdfgh" | |
API_KEY_NAME = "access_token" | |
COOKIE_DOMAIN = "localtest.me" | |
api_key_query = APIKeyQuery(name=API_KEY_NAME, auto_error=False) | |
api_key_header = APIKeyHeader(name=API_KEY_NAME, auto_error=False) | |
api_key_cookie = APIKeyCookie(name=API_KEY_NAME, auto_error=False) | |
app = FastAPI(docs_url=None, redoc_url=None, openapi_url=None) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@app.get("/") | |
async def homepage(): | |
return "Welcome to the security test!" | |
@app.get("/openapi.json", tags=["documentation"]) | |
async def get_open_api_endpoint(api_key: APIKey = Depends(get_api_key)): | |
response = JSONResponse( | |
get_openapi(title="FastAPI security test", version=1, routes=app.routes) | |
) | |
return response |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Decorator for fastapi | |
def repeat_every(*, seconds: float, wait_first: bool = False): | |
def decorator(func: Callable[[], Optional[Awaitable[None]]]): | |
is_coroutine = asyncio.iscoroutinefunction(func) | |
@wraps(func) | |
async def wrapped(): | |
async def loop(): | |
if wait_first: | |
await asyncio.sleep(seconds) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class Token(BaseModel): | |
access_token: str | |
token_type: str | |
class TokenData(BaseModel): | |
username: str = None | |
email: str = None | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@app.get("/") | |
async def homepage(): | |
return "Welcome to the security test!" | |
@app.get(f"{ERROR_ROUTE}", tags=["security"]) | |
async def login_error(): | |
return "Something went wrong logging in!" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
class AppSettings(BaseSettings): | |
project_name: Optional[str] | |
debug: bool = False | |
include_admin_routes: bool = False | |
# Server | |
server_name: Optional[str] | |
server_host: Optional[str] | |
sentry_dsn: Optional[str] | |
backend_cors_origins_str: str = "" # Should be a comma-separated list of origins |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
COOKIE_AUTHORIZATION_NAME = "Authorization" | |
COOKIE_DOMAIN = "<YOUR_DOMAIN_NAME>" | |
PROTOCOL = "http://" | |
FULL_HOST_NAME = "<YOUR_DOMAIN_NAME>" | |
PORT_NUMBER = 8000 | |
CLIENT_ID = "1007436511433-1o329ffhgodf6ipbmgqm99r2kkjsoj9u.apps.googleusercontent.com" | |
CLIENT_SECRETS_JSON = "client_secret_1007436511433-1o329ffhgodf6ipbmgqm99r2kkjsoj9u.apps.googleusercontent.com.json" |