writer · ramedina86 · Jun 27, 2024 · Jun 27, 2024
diff --git a/docs/framework/custom-server.mdx b/docs/framework/custom-server.mdx
@@ -58,9 +58,10 @@ Note the inclusion of the imported `ws_max_size` setting. This is important for
 
 Fine-tuning Uvicorn allows you to set up SSL, configure proxy headers, etc, which can prove vital in complex deployments.
 
-Use server setup hook
+If you want to disable server setup hook, you should use `enable_server_setup`:
+
 ```python
-asgi_app = writer.serve.get_asgi_app(app_path, mode, enable_server_setup=True)
+asgi_app = writer.serve.get_asgi_app(app_path, mode, enable_server_setup=False)
 ```
 
 ## Multiple apps at once

diff --git a/src/writer/serve.py b/src/writer/serve.py
@@ -62,10 +62,25 @@ def get_asgi_app(
         user_app_path: str,
         serve_mode: ServeMode,
         enable_remote_edit: bool = False,
-        enable_server_setup: bool = False,
+        enable_server_setup: bool = True,
         on_load: Optional[Callable] = None,
         on_shutdown: Optional[Callable] = None,
 ) -> WriterFastAPI:
+    """
+    Builds an ASGI server that can be injected into another ASGI application
+    or an asgi server like uvicorn
+
+    >>> asgi_app = writer.serve.get_asgi_app("app1", "run")
+    >>> uvicorn.run(asgi_app, host="0.0.0.0", port=5328)
+
+    :param user_app_path: writer application path
+    :param serve_mode: server mode (run, edit)
+    :param enable_remote_edit: allow editing from the internet (by default, editing only works locally)
+    :param enable_server_setup: enables fastapi setup hook on startup, server_setup.py
+    :param on_load: callback called on loading
+    :param on_shutdown: callback called at shutdown
+    :return: ASGI Server
+    """
     global app
     if serve_mode not in ["run", "edit"]:
         raise ValueError("""Invalid mode. Must be either "run" or "edit".""")

diff --git a/tests/backend/test_auth.py b/tests/backend/test_auth.py
@@ -12,7 +12,7 @@ def test_basicauth_authentication_module_should_ask_user_to_write_basic_auth(sel
         This test verifies that a user has to authenticate when the basic auth module is active.
 
         """
-        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run", enable_server_setup=True)
+        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run")
         with fastapi.testclient.TestClient(asgi_app) as client:
             res = client.get("/api/init")
             assert res.status_code == 401
@@ -22,7 +22,16 @@ def test_basicauth_authentication_module_should_accept_user_using_authorization(
         This test verifies that a user can use the application when providing basic auth credentials.
 
         """
-        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run", enable_server_setup=True)
+        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run")
         with fastapi.testclient.TestClient(asgi_app) as client:
             res = client.get("/static/file.js", auth=("admin", "admin"))
             assert res.status_code == 200
+
+    def test_basicauth_authentication_module_disabled_when_server_setup_hook_is_disabled(self):
+        """
+        This test verifies that a user bypass the authentication when server setup hook is disabled.
+        """
+        asgi_app: fastapi.FastAPI = writer.serve.get_asgi_app(test_basicauth_dir, "run", enable_server_setup=False)
+        with fastapi.testclient.TestClient(asgi_app) as client:
+            res = client.get("/api/init")
+            assert res.status_code == 405