@ -168,7 +168,7 @@ You can use this same `responses` parameter to add different media types for the
For example, you can add an additional media type of `image/png`, declaring that your *path operation* can return a JSON object (with media type `application/json`) or a PNG image:
@ -104,6 +104,6 @@ You can also set the `route_class` parameter of an `APIRouter`:
In this example, the *path operations* under the `router` will use the custom `TimedRoute` class, and will have an extra `X-Response-Time` header in the response with the time it took to generate the response:
@ -80,7 +80,7 @@ This will have the data that is actually stored in the database.
We don't create it as a subclass of Pydantic's `BaseModel` but as a subclass of our own `User`, because it will have all the attributes in `User` plus a couple more:
@ -100,7 +100,7 @@ Now create a function that will:
By creating a function that is only dedicated to getting your user from a `username` (or any other parameter) independent of your *path operation function*, you can more easily re-use it in multiple parts and also add <abbrtitle="Automated test, written in code, that checks if another piece of code is working correctly.">unit tests</abbr> for it:
@ -145,7 +145,7 @@ As our code is calling Couchbase and we are not using the <a href="https://docs.
Also, Couchbase recommends not using a single `Bucket` object in multiple "<abbrtitle="A sequence of code being executed by the program, while at the same time, or at intervals, there can be others being executed too.">thread</abbr>s", so, we can just get the bucket directly and pass it to our utility functions:
@ -24,7 +24,7 @@ You can also add headers when you return a `Response` directly.
Create a response as described in [Return a Response Directly](response-directly.md){.internal-link target=_blank} and pass the headers as an additional parameter:
@ -20,7 +20,7 @@ Then, when you type that username and password, the browser sends them in the he
* It returns an object of type `HTTPBasicCredentials`:
* It contains the `username` and `password` sent.
```Python hl_lines="2 6 10"
```Python hl_lines="2 6 10"
{!../../../docs_src/security/tutorial006.py!}
```
@ -36,7 +36,7 @@ Use a dependency to check if the username and password are correct.
For this, use the Python standard module <ahref="https://docs.python.org/3/library/secrets.html"class="external-link"target="_blank">`secrets`</a> to check the username and password:
```Python hl_lines="1 11 12 13"
```Python hl_lines="1 11-13"
{!../../../docs_src/security/tutorial007.py!}
```
@ -102,6 +102,6 @@ That way, using `secrets.compare_digest()` in your application code, it will be
After detecting that the credentials are incorrect, return an `HTTPException` with a status code 401 (the same returned when no credentials are provided) and add the header `WWW-Authenticate` to make the browser show the login prompt again:
@ -56,7 +56,7 @@ They are normally used to declare specific security permissions, for example:
First, let's quickly see the parts that change from the examples in the main **Tutorial - User Guide** for [OAuth2 with Password (and hashing), Bearer with JWT tokens](../../tutorial/security/oauth2-jwt.md){.internal-link target=_blank}. Now using OAuth2 scopes:
@ -68,7 +68,7 @@ The first change is that now we are declaring the OAuth2 security scheme with tw
The `scopes` parameter receives a `dict` with each scope as a key and the description as the value:
```Python hl_lines="62 63 64 65"
```Python hl_lines="62-65"
{!../../../docs_src/security/tutorial005.py!}
```
@ -159,7 +159,7 @@ We create an `HTTPException` that we can re-use (`raise`) later at several point
In this exception, we include the scopes required (if any) as a string separated by spaces (using `scope_str`). We put that string containing the scopes in in the `WWW-Authenticate` header (this is part of the spec).
@ -135,7 +135,7 @@ The same way as with Pydantic models, you declare class attributes with type ann
You can use all the same validation features and tools you use for Pydantic models, like different data types and additional validations with `Field()`.
```Python hl_lines="2 5 6 7 8 11"
```Python hl_lines="2 5-8 11"
{!../../../docs_src/settings/tutorial001.py!}
```
@ -150,7 +150,7 @@ Next it will convert and validate the data. So, when you use that `settings` obj
Then you can use the new `settings` object in your application:
```Python hl_lines="18 19 20"
```Python hl_lines="18-20"
{!../../../docs_src/settings/tutorial001.py!}
```
@ -189,7 +189,7 @@ For example, you could have a file `config.py` with:
And then use it in a file `main.py`:
```Python hl_lines="3 11 12 13"
```Python hl_lines="3 11-13"
{!../../../docs_src/settings/app01/main.py!}
```
@ -216,7 +216,7 @@ Notice that now we don't create a default instance `settings = Settings()`.
Now we create a dependency that returns a new `config.Settings()`.
```Python hl_lines="5 1112"
```Python hl_lines="5 11-12"
{!../../../docs_src/settings/app02/main.py!}
```
@ -227,7 +227,7 @@ Now we create a dependency that returns a new `config.Settings()`.
And then we can require it from the *path operation function* as a dependency and use it anywhere we need it.
```Python hl_lines="16 18 19 20"
```Python hl_lines="16 18-20"
{!../../../docs_src/settings/app02/main.py!}
```
@ -235,7 +235,7 @@ And then we can require it from the *path operation function* as a dependency an
Then it would be very easy to provide a different settings object during testing by creating a dependency override for `get_settings`:
@ -291,7 +291,7 @@ For all the `contextvars` parts to work, we need to make sure we have an indepen
For that, we need to create another `async` dependency `reset_db_state()` that is used as a sub-dependency in `get_db()`. It will set the value for the context variable (with just a default `dict`) that will be used as the database state for the whole request. And then the dependency `get_db()` will store in it the database state (connection, transactions, etc).
* Declare a `Request` parameter in the *path operation* that will return a template.
* Use the `templates` you created to render and return a `TemplateResponse`, passing the `request` as one of the key-value pairs in the Jinja2 "context".
So, if you are using a library that tells you that you can call it with `await`, you need to create the *path operation functions* that uses it with `async def`, like in:
@ -57,7 +57,7 @@ Using `BackgroundTasks` also works with the dependency injection system, you can
**FastAPI** knows what to do in each case and how to re-use the same object, so that all the background tasks are merged together and are run in the background afterwards:
@ -245,7 +245,7 @@ And we can add predefined `responses` that will be included in all the *path ope
And we can add a list of `dependencies` that will be added to all the *path operations* in the router and will be executed/solved for each request made to them. Note that, much like dependencies in *path operation decorators*, no value will be passed to your *path operation function*.
@ -6,7 +6,7 @@ To update an item you can use the <a href="https://developer.mozilla.org/en-US/d
You can use the `jsonable_encoder` to convert the input data to data that can be stored as JSON (e.g. with a NoSQL database). For example, converting `datetime` to `str`.
```Python hl_lines="30 31 32 33 34 35"
```Python hl_lines="30-35"
{!../../../docs_src/body_updates/tutorial001.py!}
```
@ -82,7 +82,7 @@ In summary, to apply partial updates you would:
@ -29,7 +29,7 @@ Then you declare your data model as a class that inherits from `BaseModel`.
Use standard Python types for all the attributes:
```Python hl_lines="7 8 9 10 11"
```Python hl_lines="7-11"
{!../../../docs_src/body/tutorial001.py!}
```
@ -135,7 +135,7 @@ You can declare path parameters and body requests at the same time.
**FastAPI** will recognize that the function parameters that match path parameters should be **taken from the path**, and that function parameters that are declared to be Pydantic models should be **taken from the request body**.
@ -35,7 +35,7 @@ You can use the same dependency *functions* you use normally.
They can declare request requirements (like headers) or other sub-dependencies:
```Python hl_lines="6 11"
```Python hl_lines="6 11"
{!../../../docs_src/dependencies/tutorial006.py!}
```
@ -43,7 +43,7 @@ They can declare request requirements (like headers) or other sub-dependencies:
These dependencies can `raise` exceptions, the same as normal dependencies:
```Python hl_lines="8 13"
```Python hl_lines="8 13"
{!../../../docs_src/dependencies/tutorial006.py!}
```
@ -53,7 +53,7 @@ And they can return values or not, the values won't be used.
So, you can re-use a normal dependency (that returns a value) you already use somewhere else, and even though the value won't be used, the dependency will be executed:
@ -150,7 +150,7 @@ All the data conversion, validation, documentation, etc. will still work as norm
That way, we can declare just the differences between the models (with plaintext `password`, with `hashed_password` and without password):
```Python hl_lines="9 15 16 19 20 23 24"
```Python hl_lines="9 15-16 19-20 23-24"
{!../../../docs_src/extra_models/tutorial002.py!}
```
@ -165,7 +165,7 @@ To do that, use the standard Python type hint <a href="https://docs.python.org/3
!!! note
When defining a <ahref="https://pydantic-docs.helpmanual.io/usage/types/#unions"class="external-link"target="_blank">`Union`</a>, include the most specific type first, followed by the less specific type. In the example below, the more specific `PlaneItem` comes before `CarItem` in `Union[PlaneItem, CarItem]`.
```Python hl_lines="1 14 15 18 19 20 33"
```Python hl_lines="1 14-15 18-20 33"
{!../../../docs_src/extra_models/tutorial003.py!}
```
@ -175,7 +175,7 @@ The same way, you can declare responses of lists of objects.
For that, use the standard Python `typing.List`:
```Python hl_lines="1 20"
```Python hl_lines="1 20"
{!../../../docs_src/extra_models/tutorial004.py!}
```
@ -187,7 +187,7 @@ This is useful if you don't know the valid field/attribute names (that would be
@ -28,7 +28,7 @@ The middleware function receives:
* Then it returns the `response` generated by the corresponding *path operation*.
* You can then modify further the `response` before returning it.
```Python hl_lines="89 11 14"
```Python hl_lines="8-9 11 14"
{!../../../docs_src/middleware/tutorial001.py!}
```
@ -50,7 +50,7 @@ And also after the `response` is generated, before returning it.
For example, you could add a custom header `X-Process-Time` containing the time in seconds that it took to process the request and generate a response:
@ -50,7 +50,7 @@ As descriptions tend to be long and cover multiple lines, you can declare the *p
You can write <ahref="https://en.wikipedia.org/wiki/Markdown"class="external-link"target="_blank">Markdown</a> in the docstring, it will be interpreted and displayed correctly (taking into account docstring indentation).
You can declare path "parameters" or "variables" with the same syntax used by Python format strings:
```Python hl_lines="67"
```Python hl_lines="6-7"
{!../../../docs_src/path_params/tutorial001.py!}
```
@ -109,7 +109,7 @@ And then you can also have a path `/users/{user_id}` to get data about a specifi
Because *path operations* are evaluated in order, you need to make sure that the path for `/users/me` is declared before the one for `/users/{user_id}`:
```Python hl_lines="6 11"
```Python hl_lines="6 11"
{!../../../docs_src/path_params/tutorial003.py!}
```
@ -127,7 +127,7 @@ By inheriting from `str` the API docs will be able to know that the values must
Then create class attributes with fixed values, which will be the available valid values:
@ -10,7 +10,7 @@ There are several ways you can declare extra JSON Schema information.
You can declare an example for a Pydantic model using `Config` and `schema_extra`, as described in <ahref="https://pydantic-docs.helpmanual.io/usage/schema/#schema-customization"class="external-link"target="_blank">Pydantic's docs: Schema customization</a>:
@ -20,7 +20,7 @@ That extra info will be added as-is to the output JSON Schema.
In `Field`, `Path`, `Query`, `Body` and others you'll see later, you can also declare extra info for the JSON Schema by passing any other arbitrary arguments to the function, for example, to add an `example`:
@ -90,7 +90,7 @@ If there is no such user, we return an error saying "incorrect username or passw
For the error, we use the exception `HTTPException`:
```Python hl_lines="3 77 78 79"
```Python hl_lines="3 77-79"
{!../../../docs_src/security/tutorial003.py!}
```
@ -118,7 +118,7 @@ If your database is stolen, the thief won't have your users' plaintext passwords
So, the thief won't be able to try to use those same passwords in another system (as many users use the same password everywhere, this would be dangerous).
```Python hl_lines="80 81 82 83"
```Python hl_lines="80-83"
{!../../../docs_src/security/tutorial003.py!}
```
@ -181,7 +181,7 @@ Both of these dependencies will just return an HTTP error if the user doesn't ex
So, in our endpoint, we will only get a user if the user exists, was correctly authenticated, and is active:
@ -640,7 +640,7 @@ A "middleware" is basically a function that is always executed for each request,
The middleware we'll add (just a function) will create a new SQLAlchemy `SessionLocal` for each request, add it to the request and then close it once the request is finished.
Por lo tanto, si estás utilizando una library que te dice que puedes llamarla con `await`, debes crear las *path operation functions* que la usan con `async def`, como en:
Brock Friedrich
5 years ago
GitHub