Closed sammaphey closed 8 months ago
Thanks for providing this suggestion! We've gone ahead and created a JIRA ticket for this change to track this issue.
Feel free to provide a contribution as well, and we will happily review it. :)
If SecretStr is used on the Token model how could we use the Oauth2 login workflow then ? The method login_with_oauth2 would output:
{'access_token': '***', 'refresh_token': '****', 'token_type': 'bearer'}`
so, how can we use the access token to access other API endpoints ? If I misunderstood something could you explain what I’m doing wrong.
@FlorianEisenbarth you aren't wrong , with the use of secretstr, the Oauth2 login workflow wouldn't work as expected as the authorization headers would be in '***'. I think the only workaround would be to create a new base model that wont type it field with secretstr
To avoid logging tokens or passwords accidentally pydantic provides a nice
SecretStr
model as a way to reduce these issues.Can change instances like:
to