Implement OAuth2 flow (#88)

* Move users router in sub-module * Factorize UserRouter into EventHandlersRouter * Implement OAuth registration/login router * Apply isort/black * Remove temporary pytest marker * Fix httpx-oauth version in lock file * Ensure ON_AFTER_REGISTER event is triggered on OAuth registration * Add API on FastAPIUsers to generate an OAuth router * Improve test coverage of FastAPIUsers * Small fixes * Write the OAuth documentation * Fix SQL unit-tests by avoiding collisions in SQLite db files
2025-08-15 11:11:16 +08:00 · 2020-01-17 11:43:17 +01:00
parent 54aefea59a
commit 88b133d41c
32 changed files with 1723 additions and 107 deletions
--- a/docs/src/oauth_full_tortoise.py
+++ b/docs/src/oauth_full_tortoise.py
@ -0,0 +1,68 @@
+from fastapi import FastAPI
+from fastapi_users import FastAPIUsers, models
+from fastapi_users.authentication import JWTAuthentication
+from fastapi_users.db import (
+    TortoiseBaseOAuthAccountModel,
+    TortoiseBaseUserModel,
+    TortoiseUserDatabase,
+)
+from httpx_oauth.clients.google import GoogleOAuth2
+from tortoise import fields
+from tortoise.contrib.starlette import register_tortoise
+
+DATABASE_URL = "sqlite://./test.db"
+SECRET = "SECRET"
+
+
+google_oauth_client = GoogleOAuth2("CLIENT_ID", "CLIENT_SECRET")
+
+
+class User(models.BaseUser, models.BaseOAuthAccountMixin):
+    pass
+
+
+class UserCreate(User, models.BaseUserCreate):
+    pass
+
+
+class UserUpdate(User, models.BaseUserUpdate):
+    pass
+
+
+class UserDB(User, models.BaseUserDB):
+    pass
+
+
+class UserModel(TortoiseBaseUserModel):
+    pass
+
+
+class OAuthAccountModel(TortoiseBaseOAuthAccountModel):
+    user = fields.ForeignKeyField("models.UserModel", related_name="oauth_accounts")
+
+
+user_db = TortoiseUserDatabase(UserDB, UserModel, OAuthAccountModel)
+app = FastAPI()
+register_tortoise(app, db_url=DATABASE_URL, modules={"models": ["test"]})
+
+auth_backends = [
+    JWTAuthentication(secret=SECRET, lifetime_seconds=3600),
+]
+
+fastapi_users = FastAPIUsers(
+    user_db, auth_backends, User, UserCreate, UserUpdate, UserDB, SECRET,
+)
+app.include_router(fastapi_users.router, prefix="/users", tags=["users"])
+
+google_oauth_router = fastapi_users.get_oauth_router(google_oauth_client, SECRET)
+app.include_router(google_oauth_router, prefix="/google-oauth", tags=["users"])
+
+
+@fastapi_users.on_after_register()
+def on_after_register(user: User):
+    print(f"User {user.id} has registered.")
+
+
+@fastapi_users.on_after_forgot_password()
+def on_after_forgot_password(user: User, token: str):
+    print(f"User {user.id} has forgot their password. Reset token: {token}")