Revamp authentication (#831)

* Implement Transport classes * Implement authentication strategy classes * Revamp authentication with Transport and Strategy * Revamp strategy and OAuth so that they can use a callable dependency * Update docstring * Make ErrorCode a proper Enum and cleanup unused OpenAPI utils * Remove useless check * Tweak typing in authenticator * Update docs * Improve logout/destroy token logic * Update docs * Update docs * Update docs and full examples * Apply formatting to examples * Update OAuth doc and examples * Add migration doc * Implement Redis session token * Add Redis Session documentation * RedisSession -> Redis * Fix links in docs
2025-11-02 12:21:53 +08:00 · 2021-12-30 15:22:07 +01:00
parent 72ab480aba
commit c4de66b81c
125 changed files with 3144 additions and 1344 deletions
--- a/fastapi_users/fastapi_users.py
+++ b/fastapi_users/fastapi_users.py
@ -3,7 +3,7 @@ from typing import Generic, Sequence, Type
 from fastapi import APIRouter

 from fastapi_users import models
-from fastapi_users.authentication import Authenticator, BaseAuthentication
+from fastapi_users.authentication import AuthenticationBackend, Authenticator
 from fastapi_users.jwt import SecretType
 from fastapi_users.manager import UserManagerDependency
 from fastapi_users.router import (
@ -47,7 +47,7 @@ class FastAPIUsers(Generic[models.U, models.UC, models.UU, models.UD]):
    def __init__(
        self,
        get_user_manager: UserManagerDependency[models.UC, models.UD],
-        auth_backends: Sequence[BaseAuthentication],
+        auth_backends: Sequence[AuthenticationBackend],
        user_model: Type[models.U],
        user_create_model: Type[models.UC],
        user_update_model: Type[models.UU],
@ -80,7 +80,7 @@ class FastAPIUsers(Generic[models.U, models.UC, models.UU, models.UD]):
        return get_reset_password_router(self.get_user_manager)

    def get_auth_router(
-        self, backend: BaseAuthentication, requires_verification: bool = False
+        self, backend: AuthenticationBackend, requires_verification: bool = False
    ) -> APIRouter:
        """
        Return an auth router for a given authentication backend.
@ -99,21 +99,23 @@ class FastAPIUsers(Generic[models.U, models.UC, models.UU, models.UD]):
    def get_oauth_router(
        self,
        oauth_client: BaseOAuth2,
+        backend: AuthenticationBackend,
        state_secret: SecretType,
        redirect_url: str = None,
    ) -> APIRouter:
        """
-        Return an OAuth router for a given OAuth client.
+        Return an OAuth router for a given OAuth client and authentication backend.

        :param oauth_client: The HTTPX OAuth client instance.
+        :param backend: The authentication backend instance.
        :param state_secret: Secret used to encode the state JWT.
        :param redirect_url: Optional arbitrary redirect URL for the OAuth2 flow.
        If not given, the URL to the callback endpoint will be generated.
        """
        return get_oauth_router(
            oauth_client,
+            backend,
            self.get_user_manager,
-            self.authenticator,
            state_secret,
            redirect_url,
        )