Some way to add authentication for all routes with exclusion.

miguelgrinberg / APIFairy

A minimalistic API framework built on top of Flask, Marshmallow and friends.

MIT License

323 stars 30 forks source link

Some way to add authentication for all routes with exclusion. #86

Open aderbas opened 6 months ago

aderbas commented 6 months ago

(question) Isn't there some way for the documentation generated to understand that all routes, except for some informed ones, are protected by authentication? For example, in my application I am using a middleware.

app.wsgi_app = AuthMiddleware(app.wsgi_app)

Therefore, the documentation does not understand that the routes are protected by authentication. I would have to put the @authenticate() annotation on all routes. Isn't there any way to recognize the middleware?

miguelgrinberg commented 6 months ago

No, there is currently no way to add authentication to all routes. Normally this isn't what you want, there is always routes that are exempt, so if this feature was added you would need to have an exempt list.

Another option you may consider is creating an "authenticated_route" decorator that combines Flask's route with APIFairy's authenticate.