• FastAPI 安全 (Security)

    OAuth2

      OAuth2是一个规范,它定义了几种处理身份验证和授权的方式。它是一个相当广泛的规范,涵盖了几个复杂的用例。

    它包括使用“第三方”进行身份验证的方法。

    这就是所有带有“使用Facebook,Google,Twitter,GitHub登录”的系统的基础。

      OAuth1,它与OAuth2完全不同,并且更为复杂,因为它直接包含有关如何加密通信的规范。

    如今它不是很流行或使用过, OAuth2没有指定如何加密通信,它希望您使用HTTPS为您的应用程序提供服务。

    # OAuth2PasswordBearer

from fastapi import Depends, FastAPI
from fastapi.security import OAuth2PasswordBearer

app = FastAPI()

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")


@app.get("/items/")
async def read_items(token: str = Depends(oauth2_scheme)):
    return {"token": token}

     

    from typing import Optional

from fastapi import Depends, FastAPI, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from pydantic import BaseModel

fake_users_db = {
    "johndoe": {
        "username": "johndoe",
        "full_name": "John Doe",
        "email": "johndoe@example.com",
        "hashed_password": "fakehashedsecret",
        "disabled": False,
    },
    "alice": {
        "username": "alice",
        "full_name": "Alice Wonderson",
        "email": "alice@example.com",
        "hashed_password": "fakehashedsecret2",
        "disabled": True,
    },
}

app = FastAPI()


def fake_hash_password(password: str):
    return "fakehashed" + password


oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
print(oauth2_scheme)


class User(BaseModel):
    username: str
    email: Optional[str] = None
    full_name: Optional[str] = None
    disabled: Optional[bool] = None


class UserInDB(User):
    hashed_password: str


async def get_current_user(token: str = Depends(oauth2_scheme)):
    print(token)
    user_dict = fake_users_db[token]
    user = UserInDB(**user_dict)
    if not user:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid authentication credentials",
            headers={"WWW-Authenticate": "Bearer"},
        )
    return user


async def get_current_active_user(current_user: User = Depends(get_current_user)):
    if current_user.disabled:
        raise HTTPException(status_code=400, detail="Inactive user")
    return current_user


@app.post("/token")
async def login(form_data: OAuth2PasswordRequestForm = Depends()):
    user_dict = fake_users_db.get(form_data.username)
    if not user_dict:
        raise HTTPException(status_code=400, detail="Incorrect username or password")
    user = UserInDB(**user_dict)
    hashed_password = fake_hash_password(form_data.password)
    if not hashed_password == user.hashed_password:
        raise HTTPException(status_code=400, detail="Incorrect username or password")

    return {"access_token": user.username, "token_type": "bearer"}


@app.get("/users/me")
async def read_users_me(current_user: User = Depends(get_current_active_user)):
    return current_user

    https://fastapi.tiangolo.com/tutorial/security/
  • 相关阅读:
    Swizzle在OC问题排查中的应用
    MacOS中系统提供的音频单元
    Mac catalyst 使用iOS-AudioUnit的音频采集、播放
    删除单向链表中的某一个节点
    C语言的的free和c++的delete的区别
    Mac下使用源码编译安装TensorFlow CPU版本
    ROC曲线与AUC值
    Linux中如何产生core文件?
    更改Linux默认栈空间的大小
    互信息(Mutual Information)
  • 原文地址:https://www.cnblogs.com/Mint-diary/p/14445609.html
Copyright © 2020-2023  润新知