diff --git a/docs_src/security/tutorial008.py b/docs_src/security/tutorial008.py index 9e6c413d2..8f1e7563c 100644 --- a/docs_src/security/tutorial008.py +++ b/docs_src/security/tutorial008.py @@ -1,4 +1,4 @@ -from fastapi import FastAPI, Depends, HTTPException +from fastapi import Depends, FastAPI, HTTPException from fastapi.security.api_key import APIKeyHeader # Replace with your actual API key, ideally injected as an Environment Variable @@ -11,13 +11,16 @@ api_key_header = APIKeyHeader( description="API Key required to access secure endpoints.", ) + def verify_api_key(api_key: str = Depends(api_key_header)): if api_key != API_KEY: raise HTTPException(status_code=401, detail="Invalid API Key") + # Apply it for all endpoints app = FastAPI(dependencies=[Depends(verify_api_key)]) + # Apply it for specific endpoints @app.get("/secure-data") def secure_endpoint(api_key: str = Depends(verify_api_key)): diff --git a/docs_src/security/tutorial009.py b/docs_src/security/tutorial009.py index 857d6c1c6..ccea1809f 100644 --- a/docs_src/security/tutorial009.py +++ b/docs_src/security/tutorial009.py @@ -1,4 +1,4 @@ -from fastapi import FastAPI, Depends, HTTPException +from fastapi import Depends, FastAPI, HTTPException from fastapi.security.api_key import APIKeyCookie app = FastAPI() @@ -7,7 +7,7 @@ app = FastAPI() # or stored in a secure DB. API_KEY = "mysecretapikey" -API_KEY_NAME = "X-API-KEY" # case-sensitive! +API_KEY_NAME = "X-API-KEY" # case-sensitive! api_key_cookie = APIKeyCookie( name=API_KEY_NAME, description="API Key required to access secure endpoints.", @@ -18,9 +18,11 @@ def verify_api_key(api_key: str = Depends(api_key_cookie)): if api_key != API_KEY: raise HTTPException(status_code=401, detail="Invalid API Key") + # Apply it for all endpoints app = FastAPI(dependencies=[Depends(verify_api_key)]) + # Apply it for specific endpoints @app.get("/secure-data") def secure_endpoint(api_key: str = Depends(verify_api_key)): diff --git a/docs_src/security/tutorial010.py b/docs_src/security/tutorial010.py index 107a8d6cb..e20e2e383 100644 --- a/docs_src/security/tutorial010.py +++ b/docs_src/security/tutorial010.py @@ -1,4 +1,4 @@ -from fastapi import FastAPI, Depends, HTTPException +from fastapi import Depends, FastAPI, HTTPException from fastapi.security.api_key import APIKeyQuery app = FastAPI() @@ -18,9 +18,11 @@ def verify_api_key(api_key: str = Depends(api_key_query)): if api_key != API_KEY: raise HTTPException(status_code=401, detail="Invalid API Key") + # Apply it for all endpoints app = FastAPI(dependencies=[Depends(verify_api_key)]) + # Apply it for specific endpoints @app.get("/secure-data") def secure_endpoint(api_key: str = Depends(verify_api_key)): diff --git a/tests/test_tutorial/test_security/test_tutorial008.py b/tests/test_tutorial/test_security/test_tutorial008.py index dd2a0b4d4..60b20c2a3 100644 --- a/tests/test_tutorial/test_security/test_tutorial008.py +++ b/tests/test_tutorial/test_security/test_tutorial008.py @@ -55,7 +55,6 @@ def test_apikey_header_no_credentials(): assert response.json() == {"detail": "Not authenticated"} - def test_apikey_header_invalid_credentials(): auth = {"X-API-KEY": "totally-wrong-api-key"} response = client.get("/secure-data", headers=auth) diff --git a/tests/test_tutorial/test_security/test_tutorial009.py b/tests/test_tutorial/test_security/test_tutorial009.py index 0c429338e..39b92c2ab 100644 --- a/tests/test_tutorial/test_security/test_tutorial009.py +++ b/tests/test_tutorial/test_security/test_tutorial009.py @@ -2,7 +2,6 @@ from fastapi.testclient import TestClient from docs_src.security.tutorial009 import app - openapi_schema = { "openapi": "3.1.0", "info": {"title": "FastAPI", "version": "0.1.0"}, @@ -55,6 +54,7 @@ def test_apikey_cookie_no_key(): assert response.status_code == 403, response.text assert response.json() == {"detail": "Not authenticated"} + def test_apikey_cookie_invalid_key(): client = TestClient(app, cookies={"X-API-KEY": "wrongkey"}) response = client.get("/secure-data") diff --git a/tests/test_tutorial/test_security/test_tutorial010.py b/tests/test_tutorial/test_security/test_tutorial010.py index cb519a5fd..3f55188e1 100644 --- a/tests/test_tutorial/test_security/test_tutorial010.py +++ b/tests/test_tutorial/test_security/test_tutorial010.py @@ -2,7 +2,6 @@ from fastapi.testclient import TestClient from docs_src.security.tutorial010 import app - client = TestClient(app) openapi_schema = {