Skip to content

[Feature] Add token authorization to web app #17

New issue
New issue
Open
Open
[Feature] Add token authorization to web app#17
Labels
enhancementNew feature or requestgood first issueGood for newcomershelp wantedExtra attention is needed
@nxexox

Description

@nxexox
nxexox
opened on Nov 15, 2023

Problem

User web app can public in internet. Need add authorization

Solution

Add generated token how query params or headers.

http://localhost:8009/info?token=saasfa1123123sadasd3sadasdadsasd

In application code read from query or headers. Decorator example:

def _check_auth_token(func):
    @wraps(func)
    async def wrap(self, *args, request: FastAPIRequest, **kwargs):
        token = request.query_params.get('token', None)
        if not token:
            token = request.headers.get('token', None)
            if token:
                token = token.replace('Bearer', '', 1).strip()
        if token is None or token != VALID_TOKEN:
            raise ApiRequestError('Auth token not valid.', status_code=401, type='auth_error')
        return await func(self, *args, request=request, **kwargs)
    return wrap

Generate auth token, if user not set custom token:

import secrets
token = secrets.token_urlsafe(32)

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requestgood first issueGood for newcomershelp wantedExtra attention is needed

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions