Nils de Bruin nilsdebruin
nilsdebruin
/ fastapi_basic.py
Last active
February 21, 2024 16:05
FastAPI Basic Authentication - Based on https://fastapi.tiangolo.com/tutorial/security/oauth2-jwt/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from typing import Optional | |
| import base64 | |
| from passlib.context import CryptContext | |
| from datetime import datetime, timedelta | |
| import jwt | |
| from jwt import PyJWTError | |
| from pydantic import BaseModel |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from typing import Optional | |
| import base64 | |
| from passlib.context import CryptContext | |
| from datetime import datetime, timedelta | |
| import jwt | |
| from jwt import PyJWTError | |
| from pydantic import BaseModel |
nilsdebruin
/ fastapi_basic_basic_class.py
Created
April 15, 2019 11:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class BasicAuth(SecurityBase): | |
| def __init__(self, scheme_name: str = None, auto_error: bool = True): | |
| self.scheme_name = scheme_name or self.__class__.__name__ | |
| self.auto_error = auto_error | |
| async def __call__(self, request: Request) -> Optional[str]: | |
| authorization: str = request.headers.get("Authorization") | |
| scheme, param = get_authorization_scheme_param(authorization) | |
| if not authorization or scheme.lower() != "basic": | |
| if self.auto_error: |
nilsdebruin
/ fastapi_basic_login_basic.py
Created
April 15, 2019 11:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @app.get("/login_basic") | |
| async def login_basic(auth: BasicAuth = Depends(basic_auth)): | |
| if not auth: | |
| response = Response(headers={"WWW-Authenticate": "Basic"}, status_code=401) | |
| return response | |
| try: | |
| decoded = base64.b64decode(auth).decode("ascii") | |
| username, _, password = decoded.partition(":") | |
| user = authenticate_user(fake_users_db, username, password) |
nilsdebruin
/ fastapi_basic_oauth2_cookie_class.py
Last active
June 2, 2019 12:35
nilsdebruin
/ fastapi_basic_logout.py
Created
April 15, 2019 11:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @app.get("/logout") | |
| async def route_logout_and_remove_cookie(): | |
| response = RedirectResponse(url="/") | |
| response.delete_cookie("Authorization", domain="localtest.me") | |
| return response |
nilsdebruin
/ fastapi_basic_general_parts.py
Created
April 15, 2019 11:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| app = FastAPI(docs_url=None, redoc_url=None, openapi_url=None) | |
| @app.get("/") | |
| async def homepage(): | |
| return "Welcome to the security test!" | |
| @app.get("/openapi.json") | |
| async def get_open_api_endpoint(current_user: User = Depends(get_current_active_user)): | |
| return JSONResponse(get_openapi(title="FastAPI", version=1, routes=app.routes)) |
nilsdebruin
/ fastapi_api_key.py
Last active
December 26, 2022 14:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from fastapi import Security, Depends, FastAPI, HTTPException | |
| from fastapi.security.api_key import APIKeyQuery, APIKeyCookie, APIKeyHeader, APIKey | |
| from fastapi.openapi.docs import get_swagger_ui_html | |
| from fastapi.openapi.utils import get_openapi | |
| from starlette.status import HTTP_403_FORBIDDEN | |
| from starlette.responses import RedirectResponse, JSONResponse | |
| API_KEY = "1234567asdfgh" | |
| API_KEY_NAME = "access_token" |
nilsdebruin
/ fastapi_api_key_imports.py
Last active
June 2, 2019 13:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from fastapi import Security, Depends, FastAPI, HTTPException | |
| from fastapi.security.api_key import APIKeyQuery, APIKeyCookie, APIKeyHeader, APIKey | |
| from fastapi.openapi.docs import get_swagger_ui_html | |
| from fastapi.openapi.utils import get_openapi | |
| from starlette.status import HTTP_403_FORBIDDEN | |
| from starlette.responses import RedirectResponse, JSONResponse |
nilsdebruin
/ fastapi_api_key_setup.py
Last active
June 2, 2019 12:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| API_KEY = "1234567asdfgh" | |
| API_KEY_NAME = "access_token" | |
| COOKIE_DOMAIN = "localtest.me" | |
| api_key_query = APIKeyQuery(name=API_KEY_NAME, auto_error=False) | |
| api_key_header = APIKeyHeader(name=API_KEY_NAME, auto_error=False) | |
| api_key_cookie = APIKeyCookie(name=API_KEY_NAME, auto_error=False) | |
| app = FastAPI(docs_url=None, redoc_url=None, openapi_url=None) |
OlderNewer