Coverage for docs_src/security/tutorial003_py310.py: 100%

1from fastapi import Depends, FastAPI, HTTPException, status 5 ctx1abcde

2from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm 5 ctx1abcde

3from pydantic import BaseModel 5 ctx1abcde

4 

5fake_users_db = { 5 ctx1abcde

6 "johndoe": { 

7 "username": "johndoe", 

8 "full_name": "John Doe", 

9 "email": "johndoe@example.com", 

10 "hashed_password": "fakehashedsecret", 

11 "disabled": False, 

12 }, 

13 "alice": { 

14 "username": "alice", 

15 "full_name": "Alice Wonderson", 

16 "email": "alice@example.com", 

17 "hashed_password": "fakehashedsecret2", 

18 "disabled": True, 

19 }, 

20} 

21 

22app = FastAPI() 5 ctx1abcde

23 

24 

25def fake_hash_password(password: str): 5 ctx1abcde

26 return "fakehashed" + password 10 ctx1pqrstuvwxy

27 

28 

29oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") 5 ctx1abcde

30 

31 

32class User(BaseModel): 5 ctx1abcde

33 username: str 5 ctx1abcde

34 email: str | None = None 5 ctx1abcde

35 full_name: str | None = None 5 ctx1abcde

36 disabled: bool | None = None 5 ctx1abcde

37 

38 

39class UserInDB(User): 5 ctx1abcde

40 hashed_password: str 5 ctx1abcde

41 

42 

43def get_user(db, username: str): 5 ctx1abcde

44 if username in db: 15 ctx1kzflAgmBhnCioDj

45 user_dict = db[username] 10 ctx1kflgmhnioj

46 return UserInDB(**user_dict) 10 ctx1kflgmhnioj

47 

48 

49def fake_decode_token(token): 5 ctx1abcde

50 # This doesn't provide any security at all 

51 # Check the next version 

52 user = get_user(fake_users_db, token) 15 ctx1kzflAgmBhnCioDj

53 return user 15 ctx1kzflAgmBhnCioDj

54 

55 

56async def get_current_user(token: str = Depends(oauth2_scheme)): 5 ctx1abcde

57 user = fake_decode_token(token) 15 ctx1kzflAgmBhnCioDj

58 if not user: 15 ctx1kzflAgmBhnCioDj

59 raise HTTPException( 5 ctx1zABCD

60 status_code=status.HTTP_401_UNAUTHORIZED, 

61 detail="Not authenticated", 

62 headers={"WWW-Authenticate": "Bearer"}, 

63 ) 

64 return user 10 ctx1kflgmhnioj

65 

66 

67async def get_current_active_user(current_user: User = Depends(get_current_user)): 5 ctx1abcde

68 if current_user.disabled: 10 ctx1kflgmhnioj

69 raise HTTPException(status_code=400, detail="Inactive user") 5 ctx1klmno

70 return current_user 5 ctx1fghij

71 

72 

73@app.post("/token") 5 ctx1abcde

74async def login(form_data: OAuth2PasswordRequestForm = Depends()): 5 ctx1abcde

75 user_dict = fake_users_db.get(form_data.username) 15 ctx1pqErsFtuGvwHxyI

76 if not user_dict: 15 ctx1pqErsFtuGvwHxyI

77 raise HTTPException(status_code=400, detail="Incorrect username or password") 5 ctx1EFGHI

78 user = UserInDB(**user_dict) 10 ctx1pqrstuvwxy

79 hashed_password = fake_hash_password(form_data.password) 10 ctx1pqrstuvwxy

80 if not hashed_password == user.hashed_password: 10 ctx1pqrstuvwxy

81 raise HTTPException(status_code=400, detail="Incorrect username or password") 5 ctx1qsuwy

82 

83 return {"access_token": user.username, "token_type": "bearer"} 5 ctx1prtvx

84 

85 

86@app.get("/users/me") 5 ctx1abcde

87async def read_users_me(current_user: User = Depends(get_current_active_user)): 5 ctx1abcde

88 return current_user 5 ctx1fghij