How to use the fastapi.Security function in fastapi
To help you get started, we’ve selected a few fastapi examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
tiangolo / fastapi / tests / test_security_http_base.py View on Github 
def read_current_user(credentials: HTTPAuthorizationCredentials = Security(security)):
return {"scheme": credentials.scheme, "credentials": credentials.credentials}def get_current_user(oauth_header: str = Security(api_key)):
user = User(username=oauth_header)
return userdef read_current_user(
credentials: Optional[HTTPAuthorizationCredentials] = Security(security),
):
if credentials is None:
return {"msg": "Create an account first"}
return {"scheme": credentials.scheme, "credentials": credentials.credentials}def read_current_user(
credentials: Optional[HTTPAuthorizationCredentials] = Security(security),
):
if credentials is None:
return {"msg": "Create an account first"}
return {"scheme": credentials.scheme, "credentials": credentials.credentials}def get_current_user(oauth_header: str = Security(oid)):
user = User(username=oauth_header)
return userdef get_current_user(oauth_header: Optional[str] = Security(api_key)):
if oauth_header is None:
return None
user = User(username=oauth_header)
return userdef _get_authorization_header_optional(
authorization: Optional[str] = Security(RWAPIKeyHeader(auto_error=False)),
) -> str:
if authorization:
return _get_authorization_header(authorization)
return ""async def get_current_active_user(
current_user: User = Security(get_current_user, scopes=["me"])
):
if current_user.disabled:
raise HTTPException(status_code=400, detail="Inactive user")
return current_userasync def __call__(
self,
request: Request,
bl_token_repo: BlackListedTokenRepo = Depends(BlackListedTokenRepo()),
token: str = Security(oauth2),
) -> TokenPayload:
token = verify_jwt_token(
token, bl_token_repo, self._leeway
) # proper validation goes here
if self._satisfy not in ["all", "one"]:
logger.warning(f"Invalid satisfy value: {self._satisfy}")
if self._satisfy == "one":
if not token_has_one_required_scopes(token, self._scopes):
vmsg = f"Token does not have one of the required scopes: {str(self._scopes)}"
logger.error(vmsg)
abort(code=403, msg="Forbidden", debug=vmsg)
else:
if not token_has_required_scopes(token, self._scopes):
vmsg = f"Token does not have all required scopes: {str(self._scopes)}"def get_current_user(
db: Session = Depends(get_db), token: str = Security(reusable_oauth2)
):
try:
payload = jwt.decode(token, config.SECRET_KEY, algorithms=[ALGORITHM])
token_data = TokenPayload(**payload)
except PyJWTError:
raise HTTPException(
status_code=HTTP_403_FORBIDDEN, detail="Could not validate credentials"
)
user = crud.user.get(db, user_id=token_data.user_id)
if not user:
raise HTTPException(status_code=404, detail="User not found")
return userfastapi
FastAPI framework, high performance, easy to learn, fast to code, ready for production
Package Health Score
88 / 100Popular fastapi functions
- fastapi.APIRouter
- fastapi.Body
- fastapi.concurrency.run_in_threadpool
- fastapi.Depends
- fastapi.encoders.jsonable_encoder
- fastapi.FastAPI
- fastapi.File
- fastapi.Form
- fastapi.Header
- fastapi.HTTPException
- fastapi.params
- fastapi.params.Body
- fastapi.params.Query
- fastapi.Path
- fastapi.Query
- fastapi.responses.JSONResponse
- fastapi.Security
- fastapi.testclient.TestClient
- fastapi.utils.get_field_info
- fastapi.utils.warning_response_model_skip_defaults_deprecated