zoukankan      html  css  js  c++  java
  • FastAPI 安全 (Security)

    OAuth2

      OAuth2是一个规范,它定义了几种处理身份验证和授权的方式。它是一个相当广泛的规范,涵盖了几个复杂的用例。

    它包括使用“第三方”进行身份验证的方法。

    这就是所有带有“使用Facebook,Google,Twitter,GitHub登录”的系统的基础。

      OAuth1,它与OAuth2完全不同,并且更为复杂,因为它直接包含有关如何加密通信的规范。

    如今它不是很流行或使用过, OAuth2没有指定如何加密通信,它希望您使用HTTPS为您的应用程序提供服务。

    # OAuth2PasswordBearer
    
    from fastapi import Depends, FastAPI
    from fastapi.security import OAuth2PasswordBearer
    
    app = FastAPI()
    
    oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
    
    
    @app.get("/items/")
    async def read_items(token: str = Depends(oauth2_scheme)):
        return {"token": token}

     

    from typing import Optional
    
    from fastapi import Depends, FastAPI, HTTPException, status
    from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
    from pydantic import BaseModel
    
    fake_users_db = {
        "johndoe": {
            "username": "johndoe",
            "full_name": "John Doe",
            "email": "johndoe@example.com",
            "hashed_password": "fakehashedsecret",
            "disabled": False,
        },
        "alice": {
            "username": "alice",
            "full_name": "Alice Wonderson",
            "email": "alice@example.com",
            "hashed_password": "fakehashedsecret2",
            "disabled": True,
        },
    }
    
    app = FastAPI()
    
    
    def fake_hash_password(password: str):
        return "fakehashed" + password
    
    
    oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
    print(oauth2_scheme)
    
    
    class User(BaseModel):
        username: str
        email: Optional[str] = None
        full_name: Optional[str] = None
        disabled: Optional[bool] = None
    
    
    class UserInDB(User):
        hashed_password: str
    
    
    async def get_current_user(token: str = Depends(oauth2_scheme)):
        print(token)
        user_dict = fake_users_db[token]
        user = UserInDB(**user_dict)
        if not user:
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail="Invalid authentication credentials",
                headers={"WWW-Authenticate": "Bearer"},
            )
        return user
    
    
    async def get_current_active_user(current_user: User = Depends(get_current_user)):
        if current_user.disabled:
            raise HTTPException(status_code=400, detail="Inactive user")
        return current_user
    
    
    @app.post("/token")
    async def login(form_data: OAuth2PasswordRequestForm = Depends()):
        user_dict = fake_users_db.get(form_data.username)
        if not user_dict:
            raise HTTPException(status_code=400, detail="Incorrect username or password")
        user = UserInDB(**user_dict)
        hashed_password = fake_hash_password(form_data.password)
        if not hashed_password == user.hashed_password:
            raise HTTPException(status_code=400, detail="Incorrect username or password")
    
        return {"access_token": user.username, "token_type": "bearer"}
    
    
    @app.get("/users/me")
    async def read_users_me(current_user: User = Depends(get_current_active_user)):
        return current_user

    https://fastapi.tiangolo.com/tutorial/security/

  • 相关阅读:
    Ubuntu配置sublime text 3的c编译环境
    ORA-01078错误举例:SID的大写和小写错误
    linux下多进程的文件拷贝与进程相关的一些基础知识
    ASM(四) 利用Method 组件动态注入方法逻辑
    基于Redis的三种分布式爬虫策略
    Go语言并发编程总结
    POJ2406 Power Strings 【KMP】
    nyoj 会场安排问题
    Server Tomcat v7.0 Server at localhost was unable to start within 45 seconds. If the server requires more time, try increasing the timeout in the server editor.
    Java的String、StringBuffer和StringBuilder的区别
  • 原文地址:https://www.cnblogs.com/Mint-diary/p/14445609.html
Copyright © 2011-2022 走看看