Coverage for tests / test_security_http_basic_optional.py: 100%

Shortcuts on this page

r m x toggle line displays

j k next/prev highlighted chunk

0 (zero) top of page

1 (one) first highlighted chunk

[ ] prev/next file

u up to the index

? show/hide this help

38 statements

« prev ^ index » next coverage.py v7.13.3, created at 2026-02-12 18:15 +0000

1from base64 import b64encode 4 ctx1abcd

2from typing import Optional 4 ctx1abcd

4from fastapi import FastAPI, Security 4 ctx1abcd

5from fastapi.security import HTTPBasic, HTTPBasicCredentials 4 ctx1abcd

6from fastapi.testclient import TestClient 4 ctx1abcd

7from inline_snapshot import snapshot 4 ctx1abcd

9app = FastAPI() 4 ctx1abcd

11security = HTTPBasic(auto_error=False) 4 ctx1abcd

14@app.get("/users/me") 4 ctx1abcd

15def read_current_user(credentials: Optional[HTTPBasicCredentials] = Security(security)): 4 ctx1abcd

16 if credentials is None: 6 ctx1hijklm

17 return {"msg": "Create an account first"} 3 ctx1ikm

18 return {"username": credentials.username, "password": credentials.password} 3 ctx1hjl

21client = TestClient(app) 4 ctx1abcd

24def test_security_http_basic(): 4 ctx1abcd

25 response = client.get("/users/me", auth=("john", "secret")) 3 ctx1hjl

26 assert response.status_code == 200, response.text 3 ctx1hjl

27 assert response.json() == {"username": "john", "password": "secret"} 3 ctx1hjl

30def test_security_http_basic_no_credentials(): 4 ctx1abcd

31 response = client.get("/users/me") 3 ctx1ikm

32 assert response.status_code == 200, response.text 3 ctx1ikm

33 assert response.json() == {"msg": "Create an account first"} 3 ctx1ikm

36def test_security_http_basic_invalid_credentials(): 4 ctx1abcd

37 response = client.get( 3 ctx1nop

38 "/users/me", headers={"Authorization": "Basic notabase64token"}

39 )

40 assert response.status_code == 401, response.text 3 ctx1nop

41 assert response.headers["WWW-Authenticate"] == "Basic" 3 ctx1nop

42 assert response.json() == {"detail": "Not authenticated"} 3 ctx1nop

45def test_security_http_basic_non_basic_credentials(): 4 ctx1abcd

46 payload = b64encode(b"johnsecret").decode("ascii") 3 ctx1efg

47 auth_header = f"Basic {payload}" 3 ctx1efg

48 response = client.get("/users/me", headers={"Authorization": auth_header}) 3 ctx1efg

49 assert response.status_code == 401, response.text 3 ctx1efg

50 assert response.headers["WWW-Authenticate"] == "Basic" 3 ctx1efg

51 assert response.json() == {"detail": "Not authenticated"} 3 ctx1efg

54def test_openapi_schema(): 4 ctx1abcd

55 response = client.get("/openapi.json") 3 ctx1qrs

56 assert response.status_code == 200, response.text 3 ctx1qrs

57 assert response.json() == snapshot( 3 ctx1qrs

58 {

59 "openapi": "3.1.0",

60 "info": {"title": "FastAPI", "version": "0.1.0"},

61 "paths": {

62 "/users/me": {

63 "get": {

64 "responses": {

65 "200": {

66 "description": "Successful Response",

67 "content": {"application/json": {"schema": {}}},

68 }

69 },

70 "summary": "Read Current User",

71 "operationId": "read_current_user_users_me_get",

72 "security": [{"HTTPBasic": []}],

73 }

74 }

75 },

76 "components": {

77 "securitySchemes": {"HTTPBasic": {"type": "http", "scheme": "basic"}}

78 },

79 }

80 )