Skip to content

Instantly share code, notes, and snippets.

@muhammadwafi

muhammadwafi/oauth2cookie.py

Created May 1, 2024 05:44
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save muhammadwafi/46b1c5f83607097a4844f040de9eeff4 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save muhammadwafi/46b1c5f83607097a4844f040de9eeff4 to your computer and use it in GitHub Desktop.
Download ZIP
Oauth2 Password Bearer with Cookie - FastAPI
Raw
oauth2cookie.py
# originally from: https://github.com/nofoobar/JobBoard-Fastapi
from typing import Dict
from typing import Optional
from fastapi import HTTPException
from fastapi import Request
from fastapi import status
from fastapi.openapi.models import OAuthFlows as OAuthFlowsModel
from fastapi.security import OAuth2
from fastapi.security.utils import get_authorization_scheme_param
class OAuth2PasswordBearerWithCookie(OAuth2):
def __init__(
self,
tokenUrl: str,
scheme_name: Optional[str] = None,
scopes: Optional[Dict[str, str]] = None,
auto_error: bool = True,
):
if not scopes:
scopes = {}
flows = OAuthFlowsModel(password={"tokenUrl": tokenUrl, "scopes": scopes})
super().__init__(flows=flows, scheme_name=scheme_name, auto_error=auto_error)
async def __call__(self, request: Request) -> Optional[str]:
authorization: str = request.cookies.get(
"access_token"
) # changed to accept access token from httpOnly Cookie
scheme, param = get_authorization_scheme_param(authorization)
if not authorization or scheme.lower() != "bearer":
if self.auto_error:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
detail="Not authenticated",
headers={"WWW-Authenticate": "Bearer"},
)
else:
return None
return param
# Use it like the default one from fastapi:
# oauth2_scheme = OAuth2PasswordBearerWithCookie(tokenUrl="/login/token")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment