Coverage for tests/test_security_http_basic_optional.py: 100%

Shortcuts on this page

r m x toggle line displays

j k next/prev highlighted chunk

0 (zero) top of page

1 (one) first highlighted chunk

[ ] prev/next file

u up to the index

? show/hide this help

37 statements

« prev ^ index » next coverage.py v7.6.1, created at 2025-05-05 00:03 +0000

1from base64 import b64encode 6 ctx1abcdef

2from typing import Optional 6 ctx1abcdef

4from fastapi import FastAPI, Security 6 ctx1abcdef

5from fastapi.security import HTTPBasic, HTTPBasicCredentials 6 ctx1abcdef

6from fastapi.testclient import TestClient 6 ctx1abcdef

8app = FastAPI() 6 ctx1abcdef

10security = HTTPBasic(auto_error=False) 6 ctx1abcdef

13@app.get("/users/me") 6 ctx1abcdef

14def read_current_user(credentials: Optional[HTTPBasicCredentials] = Security(security)): 6 ctx1abcdef

15 if credentials is None: 12 ctx1mnopqrstuvwx

16 return {"msg": "Create an account first"} 6 ctx1nprtvx

17 return {"username": credentials.username, "password": credentials.password} 6 ctx1moqsuw

20client = TestClient(app) 6 ctx1abcdef

23def test_security_http_basic(): 6 ctx1abcdef

24 response = client.get("/users/me", auth=("john", "secret")) 6 ctx1moqsuw

25 assert response.status_code == 200, response.text 6 ctx1moqsuw

26 assert response.json() == {"username": "john", "password": "secret"} 6 ctx1moqsuw

29def test_security_http_basic_no_credentials(): 6 ctx1abcdef

30 response = client.get("/users/me") 6 ctx1nprtvx

31 assert response.status_code == 200, response.text 6 ctx1nprtvx

32 assert response.json() == {"msg": "Create an account first"} 6 ctx1nprtvx

35def test_security_http_basic_invalid_credentials(): 6 ctx1abcdef

36 response = client.get( 6 ctx1yzABCD

37 "/users/me", headers={"Authorization": "Basic notabase64token"}

38 )

39 assert response.status_code == 401, response.text 6 ctx1yzABCD

40 assert response.headers["WWW-Authenticate"] == "Basic" 6 ctx1yzABCD

41 assert response.json() == {"detail": "Invalid authentication credentials"} 6 ctx1yzABCD

44def test_security_http_basic_non_basic_credentials(): 6 ctx1abcdef

45 payload = b64encode(b"johnsecret").decode("ascii") 6 ctx1ghijkl

46 auth_header = f"Basic {payload}" 6 ctx1ghijkl

47 response = client.get("/users/me", headers={"Authorization": auth_header}) 6 ctx1ghijkl

48 assert response.status_code == 401, response.text 6 ctx1ghijkl

49 assert response.headers["WWW-Authenticate"] == "Basic" 6 ctx1ghijkl

50 assert response.json() == {"detail": "Invalid authentication credentials"} 6 ctx1ghijkl

53def test_openapi_schema(): 6 ctx1abcdef

54 response = client.get("/openapi.json") 6 ctx1EFGHIJ

55 assert response.status_code == 200, response.text 6 ctx1EFGHIJ

56 assert response.json() == { 6 ctx1EFGHIJ

57 "openapi": "3.1.0",

58 "info": {"title": "FastAPI", "version": "0.1.0"},

59 "paths": {

60 "/users/me": {

61 "get": {

62 "responses": {

63 "200": {

64 "description": "Successful Response",

65 "content": {"application/json": {"schema": {}}},

66 }

67 },

68 "summary": "Read Current User",

69 "operationId": "read_current_user_users_me_get",

70 "security": [{"HTTPBasic": []}],

71 }

72 }

73 },

74 "components": {

75 "securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}}

76 },

77 }