Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge helper function to get current user integrated with the JWT plugin #34

Closed
devraj opened this issue Aug 11, 2022 · 0 comments
Closed

Merge helper function to get current user integrated with the JWT plugin #34

devraj opened this issue Aug 11, 2022 · 0 comments
Assignees
@devraj
Labels
security-alert identified as a security vulnerability and requires immediate resolution and pushed downstream wontfix This will not be worked on

Comments

@devraj
Copy link
Member

devraj commented Aug 11, 2022

The FastAPI-JWT plugin provides a basic usage example which demonstrates using the Authorize: AuthJWT = Depends() dependency to get a handle on the JWT plugin instance, and then use the Authorize.jwt_required() function to protect endpoints.

Since we will be doing this across the application, the following utility function could wrap the entire process up and ultimately return the currently logged in user:

async def get_current_user(session:
  AsyncSession = Depends(get_async_session),
  Authorize: AuthJWT = Depends()
):
  """
  """
  Authorize.jwt_required()
  current_user_email = Authorize.get_jwt_subject()

  user = await User.get_by_email(session, current_user_email)

  if not user:
    raise HTTPException(status_code=404, detail="User not found")

  return user

a demonstration of using it in the /me endpoint

@router.get("/me",
  response_model=UserResponse,
  operation_id="who_am_i"
)
async def get_me(request: Request,
  Authorize: AuthJWT = Depends(),
  current_user = Depends(get_current_user),
  session: AsyncSession = Depends(get_async_session)):
  """Get the currently logged in user or myself

  This endpoint will return the currently logged in user or raise
  and exception if the user is not logged in.
  """
  return current_user

This example was developed as part of the first application developed using this template and we should merge these ideas into the base template
@devraj devraj self-assigned this Aug 11, 2022
devraj added a commit that referenced this issue Aug 17, 2022
@devraj
feat: adds fastapi dependency to get current user #34
1280e64
@devraj devraj added the security-alert identified as a security vulnerability and requires immediate resolution and pushed downstream label Oct 13, 2022
@devraj devraj mentioned this issue Oct 15, 2022
Closed
@devraj devraj added the wontfix This will not be worked on label Oct 15, 2022
@devraj devraj closed this as completed Oct 15, 2022
@devraj devraj mentioned this issue Nov 20, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@devraj devraj

Labels
security-alert identified as a security vulnerability and requires immediate resolution and pushed downstream wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@devraj