mirror
/
tiangolo.fastapi
mirror of https://github.com/tiangolo/fastapi
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

docs: clarify that APIKey classes do not perform validation

pull/13765/head
oxqnd 1 month ago
parent
935bcfa657
commit
6e85699bfb
1 changed files with 18 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 18
      fastapi/security/api_key.py

18
fastapi/security/api_key.py
View File

@ -24,6 +24,12 @@ class APIKeyQuery(APIKeyBase):
"""
API key authentication using a query parameter.
Note:
This class does **not** perform API key validation or decoding.
It only extracts the key from the request and provides OpenAPI integration.
You must implement the actual verification logic yourself (e.g., checking against a database or list of valid keys).
This defines the name of the query parameter that should be provided in the request
with the API key and integrates that into the OpenAPI documentation. It extracts
the key value sent in the query parameter automatically and provides it as the
@ -116,6 +122,12 @@ class APIKeyHeader(APIKeyBase):
"""
API key authentication using a header.
Note:
This class does **not** perform API key validation or decoding.
It only extracts the key from the request and provides OpenAPI integration.
You must implement the actual verification logic yourself (e.g., checking against a database or list of valid keys).
This defines the name of the header that should be provided in the request with
the API key and integrates that into the OpenAPI documentation. It extracts
the key value sent in the header automatically and provides it as the dependency
@ -204,6 +216,12 @@ class APIKeyCookie(APIKeyBase):
"""
API key authentication using a cookie.
Note:
This class does **not** perform API key validation or decoding.
It only extracts the key from the request and provides OpenAPI integration.
You must implement the actual verification logic yourself (e.g., checking against a database or list of valid keys).
This defines the name of the cookie that should be provided in the request with
the API key and integrates that into the OpenAPI documentation. It extracts
the key value sent in the cookie automatically and provides it as the dependency

Write Preview
Loading…
Cancel
Save