mirror of
https://github.com/fastapi-users/fastapi-users.git
synced 2025-11-03 22:22:06 +08:00
c4de66b81c
* Implement Transport classes * Implement authentication strategy classes * Revamp authentication with Transport and Strategy * Revamp strategy and OAuth so that they can use a callable dependency * Update docstring * Make ErrorCode a proper Enum and cleanup unused OpenAPI utils * Remove useless check * Tweak typing in authenticator * Update docs * Improve logout/destroy token logic * Update docs * Update docs * Update docs and full examples * Apply formatting to examples * Update OAuth doc and examples * Add migration doc * Implement Redis session token * Add Redis Session documentation * RedisSession -> Redis * Fix links in docs
60 lines
2.0 KiB
Python
60 lines
2.0 KiB
Python
from typing import Any, Optional
|
|
|
|
from fastapi import Response, status
|
|
from fastapi.security import APIKeyCookie
|
|
|
|
from fastapi_users.authentication.transport.base import Transport
|
|
from fastapi_users.openapi import OpenAPIResponseType
|
|
|
|
|
|
class CookieTransport(Transport):
|
|
scheme: APIKeyCookie
|
|
|
|
def __init__(
|
|
self,
|
|
cookie_name: str = "fastapiusersauth",
|
|
cookie_max_age: Optional[int] = None,
|
|
cookie_path: str = "/",
|
|
cookie_domain: Optional[str] = None,
|
|
cookie_secure: bool = True,
|
|
cookie_httponly: bool = True,
|
|
cookie_samesite: str = "lax",
|
|
):
|
|
self.cookie_name = cookie_name
|
|
self.cookie_max_age = cookie_max_age
|
|
self.cookie_path = cookie_path
|
|
self.cookie_domain = cookie_domain
|
|
self.cookie_secure = cookie_secure
|
|
self.cookie_httponly = cookie_httponly
|
|
self.cookie_samesite = cookie_samesite
|
|
self.scheme = APIKeyCookie(name=self.cookie_name, auto_error=False)
|
|
|
|
async def get_login_response(self, token: str, response: Response) -> Any:
|
|
response.set_cookie(
|
|
self.cookie_name,
|
|
token,
|
|
max_age=self.cookie_max_age,
|
|
path=self.cookie_path,
|
|
domain=self.cookie_domain,
|
|
secure=self.cookie_secure,
|
|
httponly=self.cookie_httponly,
|
|
samesite=self.cookie_samesite,
|
|
)
|
|
|
|
# We shouldn't return directly the response
|
|
# so that FastAPI can terminate it properly
|
|
return None
|
|
|
|
async def get_logout_response(self, response: Response) -> Any:
|
|
response.delete_cookie(
|
|
self.cookie_name, path=self.cookie_path, domain=self.cookie_domain
|
|
)
|
|
|
|
@staticmethod
|
|
def get_openapi_login_responses_success() -> OpenAPIResponseType:
|
|
return {status.HTTP_200_OK: {"model": None}}
|
|
|
|
@staticmethod
|
|
def get_openapi_logout_responses_success() -> OpenAPIResponseType:
|
|
return {status.HTTP_200_OK: {"model": None}}
|