How to implement authentication and authorization of requests in FastAPI

王林
Release: 2023-07-29 16:39:20
Original
1533 people have browsed it

How to implement requested authentication and authorization in FastAPI

With the development of the Internet, network security issues have attracted more and more attention. When developing web applications, request authentication and authorization are important aspects of ensuring application security. This article will introduce how to implement request authentication and authorization in the FastAPI framework.

FastAPI is a high-performance web framework based on Python that provides a simple and powerful way to create web APIs. It integrates the Pydantic library and Starlette framework, making the development process easier and more efficient.

  1. Installing dependencies

First, we need to install FastAPI and the corresponding dependencies. It can be installed with the following command:

$ pip install fastapi
$ pip install uvicorn
Copy after login
  1. Create a basic application

Next, we create a simple FastAPI application and add some basic routes and endpoints . In this example, we will create a file called "app.py" and copy the following code into it:

from fastapi import FastAPI

app = FastAPI()

@app.get("/")
def read_root():
    return {"Hello": "World"}
Copy after login
  1. Add Authentication and Authorization

Next, we will introduce how to use FastAPI's security features to implement authentication and authorization of requests. We will use OAuth2.0 as the mechanism for authentication and authorization.

First, we need to import the relevant modules and classes:

from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from passlib.context import CryptContext
Copy after login

Then, we create a password encryption context:

pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
Copy after login

Next, we define a user model, with For verifying the user's identity:

class User:
    def __init__(self, username: str, password: str, disabled: bool = False):
        self.username = username
        self.password = pwd_context.hash(password)
        self.disabled = disabled

    def verify_password(self, password: str):
        return pwd_context.verify(password, self.password)

    def get_user(self, username: str):
        if self.username == username:
            return self
Copy after login

Then, we create a dummy database and add some user information for testing purposes:

fake_db = [
    User(username="user1", password="password"),
    User(username="user2", password="password", disabled=True)
]
Copy after login

Next, we define a function to verify the user's credentials :

def authenticate_user(username: str, password: str):
    user = get_user(username)
    if not user:
        return False
    if not user.verify_password(password):
        return False
    return user
Copy after login

Then, we define a function to get the current user:

def get_current_user(token: str = Depends(oauth2_scheme)):
    credentials_exception = HTTPException(
        status_code=status.HTTP_401_UNAUTHORIZED,
        detail="Could not validate credentials",
        headers={"WWW-Authenticate": "Bearer"},
    )
    user = authenticate_user(token)
    if not user:
        raise credentials_exception
    return user
Copy after login

Finally, we apply these functions to the FastAPI application:

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="/token")

@app.post("/token")
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
    user = authenticate_user(form_data.username, form_data.password)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid username or password",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return {"access_token": str(user.username), "token_type": "bearer"}

@app.get("/items/")
async def read_items(current_user: User = Depends(get_current_user)):
    return {"items": [{"item_id": "Item 1"}, {"item_id": "Item 2"}]}
Copy after login
  1. Test Application

Now we can run the application and test it. Start the application by running the following command:

$ uvicorn app:app --reload
Copy after login

Next, we can use curl or any HTTP client tool to test the application. First, we need to obtain the access token:

$ curl --request POST --url http://localhost:8000/token --header 'Content-Type: application/x-www-form-urlencoded' --data 'username=user1&password=password'
Copy after login

The response received should look like:

{"access_token":"user1","token_type":"bearer"}
Copy after login

We can then use the obtained access token to access the restricted endpoint:

$ curl --request GET --url http://localhost:8000/items/ --header 'Authorization: Bearer user1'
Copy after login

should receive a response similar to the following:

{"items":[{"item_id":"Item 1"},{"item_id":"Item 2"}]}
Copy after login

With this, we successfully implemented the authentication and authorization of the request in the FastAPI application.

Summary:

This article introduces how to implement request authentication and authorization in the FastAPI framework. We use the security features of FastAPI and perform authentication and authorization through the OAuth2.0 mechanism. By importing relevant modules and classes, creating a password encryption context, defining user models and verification functions, the requested authentication function is implemented. Finally, we applied these functions to the FastAPI application and tested them. With these steps, we can build a secure and reliable web application.

The above is the detailed content of How to implement authentication and authorization of requests in FastAPI. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!