Revamp authentication (#831)

* Implement Transport classes * Implement authentication strategy classes * Revamp authentication with Transport and Strategy * Revamp strategy and OAuth so that they can use a callable dependency * Update docstring * Make ErrorCode a proper Enum and cleanup unused OpenAPI utils * Remove useless check * Tweak typing in authenticator * Update docs * Improve logout/destroy token logic * Update docs * Update docs * Update docs and full examples * Apply formatting to examples * Update OAuth doc and examples * Add migration doc * Implement Redis session token * Add Redis Session documentation * RedisSession -> Redis * Fix links in docs
2025-11-12 20:49:34 +08:00 · 2021-12-30 15:22:07 +01:00
parent 72ab480aba
commit c4de66b81c
125 changed files with 3144 additions and 1344 deletions
--- a/examples/mongodb/sqlalchemy/app/init.py
+++ b/examples/mongodb/sqlalchemy/app/init.py
--- a/examples/mongodb/sqlalchemy/app/app.py
+++ b/examples/mongodb/sqlalchemy/app/app.py
@@ -0,0 +1,38 @@
+from fastapi import Depends, FastAPI
+
+from app.db import database
+from app.models import UserDB
+from app.users import auth_backend, current_active_user, fastapi_users
+
+app = FastAPI()
+
+app.include_router(
+    fastapi_users.get_auth_router(auth_backend), prefix="/auth/jwt", tags=["auth"]
+)
+app.include_router(fastapi_users.get_register_router(), prefix="/auth", tags=["auth"])
+app.include_router(
+    fastapi_users.get_reset_password_router(),
+    prefix="/auth",
+    tags=["auth"],
+)
+app.include_router(
+    fastapi_users.get_verify_router(),
+    prefix="/auth",
+    tags=["auth"],
+)
+app.include_router(fastapi_users.get_users_router(), prefix="/users", tags=["users"])
+
+
+@app.get("/authenticated-route")
+async def authenticated_route(user: UserDB = Depends(current_active_user)):
+    return {"message": f"Hello {user.email}!"}
+
+
+@app.on_event("startup")
+async def startup():
+    await database.connect()
+
+
+@app.on_event("shutdown")
+async def shutdown():
+    await database.disconnect()
--- a/examples/mongodb/sqlalchemy/app/db.py
+++ b/examples/mongodb/sqlalchemy/app/db.py
@@ -0,0 +1,26 @@
+import databases
+import sqlalchemy
+from fastapi_users.db import SQLAlchemyBaseUserTable, SQLAlchemyUserDatabase
+from sqlalchemy.ext.declarative import DeclarativeMeta, declarative_base
+
+from app.models import UserDB
+
+DATABASE_URL = "sqlite:///./test.db"
+database = databases.Database(DATABASE_URL)
+Base: DeclarativeMeta = declarative_base()
+
+
+class UserTable(Base, SQLAlchemyBaseUserTable):
+    pass
+
+
+engine = sqlalchemy.create_engine(
+    DATABASE_URL, connect_args={"check_same_thread": False}
+)
+Base.metadata.create_all(engine)
+
+users = UserTable.__table__
+
+
+async def get_user_db():
+    yield SQLAlchemyUserDatabase(UserDB, database, users)
--- a/examples/mongodb/sqlalchemy/app/models.py
+++ b/examples/mongodb/sqlalchemy/app/models.py
@@ -0,0 +1,17 @@
+from fastapi_users import models
+
+
+class User(models.BaseUser):
+    pass
+
+
+class UserCreate(models.BaseUserCreate):
+    pass
+
+
+class UserUpdate(models.BaseUserUpdate):
+    pass
+
+
+class UserDB(User, models.BaseUserDB):
+    pass
--- a/examples/mongodb/sqlalchemy/app/users.py
+++ b/examples/mongodb/sqlalchemy/app/users.py
@@ -0,0 +1,62 @@
+from typing import Optional
+
+from fastapi import Depends, Request
+from fastapi_users import BaseUserManager, FastAPIUsers
+from fastapi_users.authentication import (
+    AuthenticationBackend,
+    BearerTransport,
+    JWTStrategy,
+)
+from fastapi_users.db import SQLAlchemyUserDatabase
+
+from app.db import get_user_db
+from app.models import User, UserCreate, UserDB, UserUpdate
+
+SECRET = "SECRET"
+
+
+class UserManager(BaseUserManager[UserCreate, UserDB]):
+    user_db_model = UserDB
+    reset_password_token_secret = SECRET
+    verification_token_secret = SECRET
+
+    async def on_after_register(self, user: UserDB, request: Optional[Request] = None):
+        print(f"User {user.id} has registered.")
+
+    async def on_after_forgot_password(
+        self, user: UserDB, token: str, request: Optional[Request] = None
+    ):
+        print(f"User {user.id} has forgot their password. Reset token: {token}")
+
+    async def on_after_request_verify(
+        self, user: UserDB, token: str, request: Optional[Request] = None
+    ):
+        print(f"Verification requested for user {user.id}. Verification token: {token}")
+
+
+async def get_user_manager(user_db: SQLAlchemyUserDatabase = Depends(get_user_db)):
+    yield UserManager(user_db)
+
+
+bearer_transport = BearerTransport(tokenUrl="auth/jwt/login")
+
+
+def get_jwt_strategy() -> JWTStrategy:
+    return JWTStrategy(secret=SECRET, lifetime_seconds=3600)
+
+
+auth_backend = AuthenticationBackend(
+    name="jwt",
+    transport=bearer_transport,
+    get_strategy=get_jwt_strategy,
+)
+fastapi_users = FastAPIUsers(
+    get_user_manager,
+    [auth_backend],
+    User,
+    UserCreate,
+    UserUpdate,
+    UserDB,
+)
+
+current_active_user = fastapi_users.current_user(active=True)
--- a/examples/mongodb/sqlalchemy/main.py
+++ b/examples/mongodb/sqlalchemy/main.py
@@ -0,0 +1,4 @@
+import uvicorn
+
+if __name__ == "__main__":
+    uvicorn.run("app.app:app", host="0.0.0.0", port=5000, log_level="info")
--- a/examples/mongodb/sqlalchemy/requirements.txt
+++ b/examples/mongodb/sqlalchemy/requirements.txt
@@ -0,0 +1,3 @@
+fastapi
+fastapi-users[sqlalchemy]
+uvicorn[standard]