Coverage for tests/test_security_http_basic_optional.py: 100%

Shortcuts on this page

r m x toggle line displays

j k next/prev highlighted chunk

0 (zero) top of page

1 (one) first highlighted chunk

[ ] prev/next file

u up to the index

? show/hide this help

37 statements

« prev ^ index » next coverage.py v7.6.1, created at 2025-12-04 08:29 +0000

1from base64 import b64encode 7 ctx1abcdefg

2from typing import Optional 7 ctx1abcdefg

4from fastapi import FastAPI, Security 7 ctx1abcdefg

5from fastapi.security import HTTPBasic, HTTPBasicCredentials 7 ctx1abcdefg

6from fastapi.testclient import TestClient 7 ctx1abcdefg

8app = FastAPI() 7 ctx1abcdefg

10security = HTTPBasic(auto_error=False) 7 ctx1abcdefg

13@app.get("/users/me") 7 ctx1abcdefg

14def read_current_user(credentials: Optional[HTTPBasicCredentials] = Security(security)): 7 ctx1abcdefg

15 if credentials is None: 14 ctx1opqrstuvwxyzAB

16 return {"msg": "Create an account first"} 7 ctx1prtvxzB

17 return {"username": credentials.username, "password": credentials.password} 7 ctx1oqsuwyA

20client = TestClient(app) 7 ctx1abcdefg

23def test_security_http_basic(): 7 ctx1abcdefg

24 response = client.get("/users/me", auth=("john", "secret")) 7 ctx1oqsuwyA

25 assert response.status_code == 200, response.text 7 ctx1oqsuwyA

26 assert response.json() == {"username": "john", "password": "secret"} 7 ctx1oqsuwyA

29def test_security_http_basic_no_credentials(): 7 ctx1abcdefg

30 response = client.get("/users/me") 7 ctx1prtvxzB

31 assert response.status_code == 200, response.text 7 ctx1prtvxzB

32 assert response.json() == {"msg": "Create an account first"} 7 ctx1prtvxzB

35def test_security_http_basic_invalid_credentials(): 7 ctx1abcdefg

36 response = client.get( 7 ctx1CDEFGHI

37 "/users/me", headers={"Authorization": "Basic notabase64token"}

38 )

39 assert response.status_code == 401, response.text 7 ctx1CDEFGHI

40 assert response.headers["WWW-Authenticate"] == "Basic" 7 ctx1CDEFGHI

41 assert response.json() == {"detail": "Not authenticated"} 7 ctx1CDEFGHI

44def test_security_http_basic_non_basic_credentials(): 7 ctx1abcdefg

45 payload = b64encode(b"johnsecret").decode("ascii") 7 ctx1hijklmn

46 auth_header = f"Basic {payload}" 7 ctx1hijklmn

47 response = client.get("/users/me", headers={"Authorization": auth_header}) 7 ctx1hijklmn

48 assert response.status_code == 401, response.text 7 ctx1hijklmn

49 assert response.headers["WWW-Authenticate"] == "Basic" 7 ctx1hijklmn

50 assert response.json() == {"detail": "Not authenticated"} 7 ctx1hijklmn

53def test_openapi_schema(): 7 ctx1abcdefg

54 response = client.get("/openapi.json") 7 ctx1JKLMNOP

55 assert response.status_code == 200, response.text 7 ctx1JKLMNOP

56 assert response.json() == { 7 ctx1JKLMNOP

57 "openapi": "3.1.0",

58 "info": {"title": "FastAPI", "version": "0.1.0"},

59 "paths": {

60 "/users/me": {

61 "get": {

62 "responses": {

63 "200": {

64 "description": "Successful Response",

65 "content": {"application/json": {"schema": {}}},

66 }

67 },

68 "summary": "Read Current User",

69 "operationId": "read_current_user_users_me_get",

70 "security": [{"HTTPBasic": []}],

71 }

72 }

73 },

74 "components": {

75 "securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}}

76 },

77 }