Add simple Basic auth #1203
Merged
Add simple Basic auth #1203
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
imartinez
previously approved these changes
Nov 11, 2023
There was a problem hiding this comment.
Looks good to me! We me be overusing the
if not settings.server.auth.enabled:
check in auth.py, but I think it makes it safer for future refactors.
As a general note, we should be documenting this (also the previous CORS support) in docs/description.md and then executing make api-docs to generate the udpated version of the api docs github pages, then commit those changes.
pabloogc
reviewed
Nov 11, 2023
pabloogc
requested changes
Nov 11, 2023
lopagela
force-pushed
the
add-simple-optional-auth
branch
from
177f895 to
5222ba8
Compare
To enable the basic authentication, one must set `server.auth.enabled` to true. The static string defined in `server.auth.secret` must be set in the header `Authorization`. The health check endpoint will always be accessible, no matter the API auth configuration.
Had to disable mypy in the `auth` as we are not using the same signature for the authenticated method. mypy was complaining that the signatures of `authenticated` must be identical, no matter in which logical branch we are. Given that fastapi is accomodating itself of method signatures (it will inject the dependencies in the method call), this warning of mypy is actually preventing us to do something legit. mypy doc: https://mypy.readthedocs.io/en/stable/common_issues.html
pabloogc
approved these changes
Nov 12, 2023
simonbermudez
pushed a commit
to simonbermudez/saimon
that referenced
this pull request
Feb 24, 2024
* Add simple Basic auth To enable the basic authentication, one must set `server.auth.enabled` to true. The static string defined in `server.auth.secret` must be set in the header `Authorization`. The health check endpoint will always be accessible, no matter the API auth configuration. * Fix linting and type check * Fighting with mypy being too restrictive Had to disable mypy in the `auth` as we are not using the same signature for the authenticated method. mypy was complaining that the signatures of `authenticated` must be identical, no matter in which logical branch we are. Given that fastapi is accomodating itself of method signatures (it will inject the dependencies in the method call), this warning of mypy is actually preventing us to do something legit. mypy doc: https://mypy.readthedocs.io/en/stable/common_issues.html * Write tests to verify that the simple auth is working
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
To enable the basic authentication, one must set
server.auth.enabledto true.The static string defined in
server.auth.secretmust be set in the headerAuthorization.The health check endpoint will always be accessible, no matter the API auth configuration.
The
authenticated"bean"/"method-in-the-chain" is declared as a dependency in the API router that requiresauthenticatedconnections. c.f.faspAPIdocumentation for details ondependencies: https://fastapi.tiangolo.com/tutorial/bigger-applications/Securitysection of the fastAPI is also a good read: https://fastapi.tiangolo.com/tutorial/security/