Files
fastapi-users/fastapi_users/authentication/transport/cookie.py
Can H. Tartanoglu 77d0077503 Cookie transport must return empty json and not null in response.data on login (#1037)
* Fix: LoginResponse is set to application/json, and should return response with status code 204 when body is empty.

The database backend login response is a cookie header with empty body. This causes issues when integrating the openapi schema into openapi-generator. Because the code generator expects the response to be a JSON when the status code isn't 204.

* Fix: Bump fastapi version to appropriate version for status code 204 handling.

* Build a full response for CookieTransport login_response

Co-authored-by: Can H. Tartanoglu <2947298-caniko@users.noreply.gitlab.com>
Co-authored-by: François Voron <fvoron@gmail.com>
2022-07-22 15:53:56 +02:00

65 lines
2.1 KiB
Python

from typing import Any, Optional
from fastapi import Response, status
from fastapi.security import APIKeyCookie
from fastapi_users.authentication.transport.base import Transport
from fastapi_users.openapi import OpenAPIResponseType
class CookieTransport(Transport):
scheme: APIKeyCookie
def __init__(
self,
cookie_name: str = "fastapiusersauth",
cookie_max_age: Optional[int] = None,
cookie_path: str = "/",
cookie_domain: Optional[str] = None,
cookie_secure: bool = True,
cookie_httponly: bool = True,
cookie_samesite: str = "lax",
):
self.cookie_name = cookie_name
self.cookie_max_age = cookie_max_age
self.cookie_path = cookie_path
self.cookie_domain = cookie_domain
self.cookie_secure = cookie_secure
self.cookie_httponly = cookie_httponly
self.cookie_samesite = cookie_samesite
self.scheme = APIKeyCookie(name=self.cookie_name, auto_error=False)
async def get_login_response(self, token: str, response: Response) -> Any:
response = Response(status_code=status.HTTP_204_NO_CONTENT)
response.set_cookie(
self.cookie_name,
token,
max_age=self.cookie_max_age,
path=self.cookie_path,
domain=self.cookie_domain,
secure=self.cookie_secure,
httponly=self.cookie_httponly,
samesite=self.cookie_samesite,
)
return response
async def get_logout_response(self, response: Response) -> Any:
response.set_cookie(
self.cookie_name,
"",
max_age=0,
path=self.cookie_path,
domain=self.cookie_domain,
secure=self.cookie_secure,
httponly=self.cookie_httponly,
samesite=self.cookie_samesite,
)
@staticmethod
def get_openapi_login_responses_success() -> OpenAPIResponseType:
return {status.HTTP_204_NO_CONTENT: {"model": None}}
@staticmethod
def get_openapi_logout_responses_success() -> OpenAPIResponseType:
return {status.HTTP_200_OK: {"model": None}}