diff --git a/docs/em/docs/advanced/security/oauth2-scopes.md b/docs/em/docs/advanced/security/oauth2-scopes.md index d82fe152b..b9535900c 100644 --- a/docs/em/docs/advanced/security/oauth2-scopes.md +++ b/docs/em/docs/advanced/security/oauth2-scopes.md @@ -56,7 +56,7 @@ Oauth2️⃣ 🔧 🔬 "↔" 📇 🎻 🎏 🚀. 🥇, ➡️ 🔜 👀 🍕 👈 🔀 ⚪️➡️ 🖼 👑 **🔰 - 👩‍💻 🦮** [Oauth2️⃣ ⏮️ 🔐 (& 🔁), 📨 ⏮️ 🥙 🤝](../../tutorial/security/oauth2-jwt.md){.internal-link target=_blank}. 🔜 ⚙️ Oauth2️⃣ ↔: -```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155" +```Python hl_lines="2 4 8 12 46 64 105 107-115 121-125 129-135 140 156" {!../../../docs_src/security/tutorial005.py!} ``` @@ -93,7 +93,7 @@ Oauth2️⃣ 🔧 🔬 "↔" 📇 🎻 🎏 🚀. ✋️ 👆 🈸, 💂‍♂, 👆 🔜 ⚒ 💭 👆 🕴 🚮 ↔ 👈 👩‍💻 🤙 💪 ✔️, ⚖️ 🕐 👆 ✔️ 🔁. -```Python hl_lines="155" +```Python hl_lines="156" {!../../../docs_src/security/tutorial005.py!} ``` @@ -118,7 +118,7 @@ Oauth2️⃣ 🔧 🔬 "↔" 📇 🎻 🎏 🚀. 👥 🔨 ⚫️ 📥 🎦 ❔ **FastAPI** 🍵 ↔ 📣 🎏 🎚. -```Python hl_lines="4 139 168" +```Python hl_lines="4 139 169" {!../../../docs_src/security/tutorial005.py!} ``` @@ -177,7 +177,7 @@ Oauth2️⃣ 🔧 🔬 "↔" 📇 🎻 🎏 🚀. 👥 ✔ 👈 👥 ✔️ 👩‍💻 ⏮️ 👈 🆔, & 🚥 🚫, 👥 🤚 👈 🎏 ⚠ 👥 ✍ ⏭. -```Python hl_lines="46 116-127" +```Python hl_lines="46 116-128" {!../../../docs_src/security/tutorial005.py!} ``` @@ -187,7 +187,7 @@ Oauth2️⃣ 🔧 🔬 "↔" 📇 🎻 🎏 🚀. 👉, 👥 ⚙️ `security_scopes.scopes`, 👈 🔌 `list` ⏮️ 🌐 👫 ↔ `str`. -```Python hl_lines="128-134" +```Python hl_lines="129-135" {!../../../docs_src/security/tutorial005.py!} ``` diff --git a/docs/en/docs/advanced/security/oauth2-scopes.md b/docs/en/docs/advanced/security/oauth2-scopes.md index b93d2991c..6f059d1af 100644 --- a/docs/en/docs/advanced/security/oauth2-scopes.md +++ b/docs/en/docs/advanced/security/oauth2-scopes.md @@ -58,19 +58,19 @@ First, let's quickly see the parts that change from the examples in the main **T === "Python 3.10+" - ```Python hl_lines="4 8 12 46 64 105 107-115 121-124 128-134 139 155" + ```Python hl_lines="4 8 12 46 64 105 107-115 121-125 129-135 140 156" {!> ../../../docs_src/security/tutorial005_an_py310.py!} ``` === "Python 3.9+" - ```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155" + ```Python hl_lines="2 4 8 12 46 64 105 107-115 121-125 129-135 140 156" {!> ../../../docs_src/security/tutorial005_an_py39.py!} ``` === "Python 3.8+" - ```Python hl_lines="2 4 8 12 47 65 106 108-116 122-125 129-135 140 156" + ```Python hl_lines="2 4 8 12 47 65 106 108-116 122-126 130-136 141 157" {!> ../../../docs_src/security/tutorial005_an.py!} ``` @@ -79,7 +79,7 @@ First, let's quickly see the parts that change from the examples in the main **T !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="3 7 11 45 63 104 106-114 120-123 127-133 138 154" + ```Python hl_lines="3 7 11 45 63 104 106-114 120-124 128-134 139 155" {!> ../../../docs_src/security/tutorial005_py310.py!} ``` @@ -88,7 +88,7 @@ First, let's quickly see the parts that change from the examples in the main **T !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155" + ```Python hl_lines="2 4 8 12 46 64 105 107-115 121-125 129-135 140 156" {!> ../../../docs_src/security/tutorial005_py39.py!} ``` @@ -97,7 +97,7 @@ First, let's quickly see the parts that change from the examples in the main **T !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="2 4 8 12 46 64 105 107-115 121-124 128-134 139 155" + ```Python hl_lines="2 4 8 12 46 64 105 107-115 121-125 129-135 140 156" {!> ../../../docs_src/security/tutorial005.py!} ``` @@ -178,19 +178,19 @@ And we return the scopes as part of the JWT token. === "Python 3.10+" - ```Python hl_lines="155" + ```Python hl_lines="156" {!> ../../../docs_src/security/tutorial005_an_py310.py!} ``` === "Python 3.9+" - ```Python hl_lines="155" + ```Python hl_lines="156" {!> ../../../docs_src/security/tutorial005_an_py39.py!} ``` === "Python 3.8+" - ```Python hl_lines="156" + ```Python hl_lines="157" {!> ../../../docs_src/security/tutorial005_an.py!} ``` @@ -199,7 +199,7 @@ And we return the scopes as part of the JWT token. !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="154" + ```Python hl_lines="155" {!> ../../../docs_src/security/tutorial005_py310.py!} ``` @@ -208,7 +208,7 @@ And we return the scopes as part of the JWT token. !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="155" + ```Python hl_lines="156" {!> ../../../docs_src/security/tutorial005_py39.py!} ``` @@ -217,7 +217,7 @@ And we return the scopes as part of the JWT token. !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="155" + ```Python hl_lines="156" {!> ../../../docs_src/security/tutorial005.py!} ``` @@ -244,19 +244,19 @@ In this case, it requires the scope `me` (it could require more than one scope). === "Python 3.10+" - ```Python hl_lines="4 139 170" + ```Python hl_lines="4 140 171" {!> ../../../docs_src/security/tutorial005_an_py310.py!} ``` === "Python 3.9+" - ```Python hl_lines="4 139 170" + ```Python hl_lines="4 140 171" {!> ../../../docs_src/security/tutorial005_an_py39.py!} ``` === "Python 3.8+" - ```Python hl_lines="4 140 171" + ```Python hl_lines="4 141 172" {!> ../../../docs_src/security/tutorial005_an.py!} ``` @@ -265,7 +265,7 @@ In this case, it requires the scope `me` (it could require more than one scope). !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="3 138 167" + ```Python hl_lines="3 139 168" {!> ../../../docs_src/security/tutorial005_py310.py!} ``` @@ -274,7 +274,7 @@ In this case, it requires the scope `me` (it could require more than one scope). !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="4 139 168" + ```Python hl_lines="4 140 169" {!> ../../../docs_src/security/tutorial005_py39.py!} ``` @@ -283,7 +283,7 @@ In this case, it requires the scope `me` (it could require more than one scope). !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="4 139 168" + ```Python hl_lines="4 140 169" {!> ../../../docs_src/security/tutorial005.py!} ``` @@ -426,19 +426,19 @@ We also verify that we have a user with that username, and if not, we raise that === "Python 3.10+" - ```Python hl_lines="46 116-127" + ```Python hl_lines="46 116-128" {!> ../../../docs_src/security/tutorial005_an_py310.py!} ``` === "Python 3.9+" - ```Python hl_lines="46 116-127" + ```Python hl_lines="46 116-128" {!> ../../../docs_src/security/tutorial005_an_py39.py!} ``` === "Python 3.8+" - ```Python hl_lines="47 117-128" + ```Python hl_lines="47 117-129" {!> ../../../docs_src/security/tutorial005_an.py!} ``` @@ -447,7 +447,7 @@ We also verify that we have a user with that username, and if not, we raise that !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="45 115-126" + ```Python hl_lines="45 115-127" {!> ../../../docs_src/security/tutorial005_py310.py!} ``` @@ -456,7 +456,7 @@ We also verify that we have a user with that username, and if not, we raise that !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="46 116-127" + ```Python hl_lines="46 116-128" {!> ../../../docs_src/security/tutorial005_py39.py!} ``` @@ -465,7 +465,7 @@ We also verify that we have a user with that username, and if not, we raise that !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="46 116-127" + ```Python hl_lines="46 116-128" {!> ../../../docs_src/security/tutorial005.py!} ``` @@ -477,19 +477,19 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these === "Python 3.10+" - ```Python hl_lines="128-134" + ```Python hl_lines="129-135" {!> ../../../docs_src/security/tutorial005_an_py310.py!} ``` === "Python 3.9+" - ```Python hl_lines="128-134" + ```Python hl_lines="129-135" {!> ../../../docs_src/security/tutorial005_an_py39.py!} ``` === "Python 3.8+" - ```Python hl_lines="129-135" + ```Python hl_lines="129-136" {!> ../../../docs_src/security/tutorial005_an.py!} ``` @@ -498,7 +498,7 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="127-133" + ```Python hl_lines="128-134" {!> ../../../docs_src/security/tutorial005_py310.py!} ``` @@ -507,7 +507,7 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="128-134" + ```Python hl_lines="129-135" {!> ../../../docs_src/security/tutorial005_py39.py!} ``` @@ -516,7 +516,7 @@ For this, we use `security_scopes.scopes`, that contains a `list` with all these !!! tip Prefer to use the `Annotated` version if possible. - ```Python hl_lines="128-134" + ```Python hl_lines="129-135" {!> ../../../docs_src/security/tutorial005.py!} ``` diff --git a/docs_src/security/tutorial005.py b/docs_src/security/tutorial005.py index b16bf440a..8ac087738 100644 --- a/docs_src/security/tutorial005.py +++ b/docs_src/security/tutorial005.py @@ -118,7 +118,8 @@ async def get_current_user( username: str = payload.get("sub") if username is None: raise credentials_exception - token_scopes = payload.get("scopes", []) + scope: str = payload.get("scope", "") + token_scopes = scope.split(" ") token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception @@ -152,7 +153,7 @@ async def login_for_access_token( raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( - data={"sub": user.username, "scopes": form_data.scopes}, + data={"sub": user.username, "scope": " ".join(form_data.scopes)}, expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer") diff --git a/docs_src/security/tutorial005_an.py b/docs_src/security/tutorial005_an.py index 95e406b32..9a10ac894 100644 --- a/docs_src/security/tutorial005_an.py +++ b/docs_src/security/tutorial005_an.py @@ -119,7 +119,8 @@ async def get_current_user( username: str = payload.get("sub") if username is None: raise credentials_exception - token_scopes = payload.get("scopes", []) + scope: str = payload.get("scope", "") + token_scopes = scope.split(" ") token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception @@ -153,7 +154,7 @@ async def login_for_access_token( raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( - data={"sub": user.username, "scopes": form_data.scopes}, + data={"sub": user.username, "scope": " ".join(form_data.scopes)}, expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer") diff --git a/docs_src/security/tutorial005_an_py310.py b/docs_src/security/tutorial005_an_py310.py index c6116a5ed..80c8fab6d 100644 --- a/docs_src/security/tutorial005_an_py310.py +++ b/docs_src/security/tutorial005_an_py310.py @@ -118,7 +118,8 @@ async def get_current_user( username: str = payload.get("sub") if username is None: raise credentials_exception - token_scopes = payload.get("scopes", []) + scope: str = payload.get("scope", "") + token_scopes = scope.split(" ") token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception @@ -152,7 +153,7 @@ async def login_for_access_token( raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( - data={"sub": user.username, "scopes": form_data.scopes}, + data={"sub": user.username, "scope": " ".join(form_data.scopes)}, expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer") diff --git a/docs_src/security/tutorial005_an_py39.py b/docs_src/security/tutorial005_an_py39.py index af51c08b5..56584766f 100644 --- a/docs_src/security/tutorial005_an_py39.py +++ b/docs_src/security/tutorial005_an_py39.py @@ -118,7 +118,8 @@ async def get_current_user( username: str = payload.get("sub") if username is None: raise credentials_exception - token_scopes = payload.get("scopes", []) + scope: str = payload.get("scope", "") + token_scopes = scope.split(" ") token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception @@ -152,7 +153,7 @@ async def login_for_access_token( raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( - data={"sub": user.username, "scopes": form_data.scopes}, + data={"sub": user.username, "scope": " ".join(form_data.scopes)}, expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer") diff --git a/docs_src/security/tutorial005_py310.py b/docs_src/security/tutorial005_py310.py index 37a22c709..82ad9e83e 100644 --- a/docs_src/security/tutorial005_py310.py +++ b/docs_src/security/tutorial005_py310.py @@ -117,7 +117,8 @@ async def get_current_user( username: str = payload.get("sub") if username is None: raise credentials_exception - token_scopes = payload.get("scopes", []) + scope: str = payload.get("scope", "") + token_scopes = scope.split(" ") token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception @@ -151,7 +152,7 @@ async def login_for_access_token( raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( - data={"sub": user.username, "scopes": form_data.scopes}, + data={"sub": user.username, "scope": " ".join(form_data.scopes)}, expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer") diff --git a/docs_src/security/tutorial005_py39.py b/docs_src/security/tutorial005_py39.py index c27580763..f45fbf1e7 100644 --- a/docs_src/security/tutorial005_py39.py +++ b/docs_src/security/tutorial005_py39.py @@ -118,7 +118,8 @@ async def get_current_user( username: str = payload.get("sub") if username is None: raise credentials_exception - token_scopes = payload.get("scopes", []) + scope: str = payload.get("scope", "") + token_scopes = scope.split(" ") token_data = TokenData(scopes=token_scopes, username=username) except (JWTError, ValidationError): raise credentials_exception @@ -152,7 +153,7 @@ async def login_for_access_token( raise HTTPException(status_code=400, detail="Incorrect username or password") access_token_expires = timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) access_token = create_access_token( - data={"sub": user.username, "scopes": form_data.scopes}, + data={"sub": user.username, "scope": " ".join(form_data.scopes)}, expires_delta=access_token_expires, ) return Token(access_token=access_token, token_type="bearer")