bilal alpaslan
2 days ago
committed by
GitHub
GitHub
11 changed files with 128 additions and 25 deletions
@ -0,0 +1,107 @@ |
|||||
|
from fastapi import Depends, FastAPI, Security |
||||
|
from fastapi.security import APIKeyHeader |
||||
|
from fastapi.testclient import TestClient |
||||
|
from pydantic import BaseModel |
||||
|
|
||||
|
app = FastAPI() |
||||
|
|
||||
|
api_key = APIKeyHeader(name="key") |
||||
|
another_key = APIKeyHeader(name="another_key") |
||||
|
|
||||
|
|
||||
|
class User(BaseModel): |
||||
|
username: str |
||||
|
|
||||
|
|
||||
|
def get_current_user(oauth_header: str = Security(api_key)): |
||||
|
user = User(username=oauth_header) |
||||
|
return user |
||||
|
|
||||
|
|
||||
|
def get_current_user_with_another_key(oauth_header: str = Security(another_key)): |
||||
|
user = User(username=oauth_header) |
||||
|
return user |
||||
|
|
||||
|
|
||||
|
@app.get("/users/me") |
||||
|
def read_current_user(current_user: User = Depends(get_current_user)): |
||||
|
return current_user |
||||
|
|
||||
|
|
||||
|
@app.get("/another_key/users/me") |
||||
|
def read_current_user_another_key( |
||||
|
current_user: User = Depends(get_current_user_with_another_key), |
||||
|
): |
||||
|
return current_user |
||||
|
|
||||
|
|
||||
|
client = TestClient(app) |
||||
|
|
||||
|
openapi_schema = { |
||||
|
"openapi": "3.1.0", |
||||
|
"info": {"title": "FastAPI", "version": "0.1.0"}, |
||||
|
"paths": { |
||||
|
"/users/me": { |
||||
|
"get": { |
||||
|
"responses": { |
||||
|
"200": { |
||||
|
"description": "Successful Response", |
||||
|
"content": {"application/json": {"schema": {}}}, |
||||
|
} |
||||
|
}, |
||||
|
"summary": "Read Current User", |
||||
|
"operationId": "read_current_user_users_me_get", |
||||
|
"security": [{"key": []}], |
||||
|
} |
||||
|
}, |
||||
|
"/another_key/users/me": { |
||||
|
"get": { |
||||
|
"responses": { |
||||
|
"200": { |
||||
|
"description": "Successful Response", |
||||
|
"content": {"application/json": {"schema": {}}}, |
||||
|
} |
||||
|
}, |
||||
|
"summary": "Read Current User Another Key", |
||||
|
"operationId": "read_current_user_another_key_another_key_users_me_get", |
||||
|
"security": [{"another_key": []}], |
||||
|
} |
||||
|
}, |
||||
|
}, |
||||
|
"components": { |
||||
|
"securitySchemes": { |
||||
|
"key": {"type": "apiKey", "name": "key", "in": "header"}, |
||||
|
"another_key": {"type": "apiKey", "name": "another_key", "in": "header"}, |
||||
|
} |
||||
|
}, |
||||
|
} |
||||
|
|
||||
|
|
||||
|
def test_openapi_schema(): |
||||
|
response = client.get("/openapi.json") |
||||
|
assert response.status_code == 200, response.text |
||||
|
assert response.json() == openapi_schema |
||||
|
|
||||
|
|
||||
|
def test_security_api_key(): |
||||
|
response = client.get("/users/me", headers={"key": "secret"}) |
||||
|
assert response.status_code == 200, response.text |
||||
|
assert response.json() == {"username": "secret"} |
||||
|
|
||||
|
|
||||
|
def test_security_api_key_no_key(): |
||||
|
response = client.get("/users/me") |
||||
|
assert response.status_code == 403, response.text |
||||
|
assert response.json() == {"detail": "Not authenticated"} |
||||
|
|
||||
|
|
||||
|
def test_another_security_api_key(): |
||||
|
response = client.get("/another_key/users/me", headers={"another_key": "secret"}) |
||||
|
assert response.status_code == 200, response.text |
||||
|
assert response.json() == {"username": "secret"} |
||||
|
|
||||
|
|
||||
|
def test_another_security_api_key_no_key(): |
||||
|
response = client.get("/another_key/users/me") |
||||
|
assert response.status_code == 403, response.text |
||||
|
assert response.json() == {"detail": "Not authenticated"} |
||||
Loading…
Reference in new issue