add decorators for FastAPI as well

mschwager / route-detect

Find authentication (authn) and authorization (authz) security bugs in web application routes.

BSD 3-Clause "New" or "Revised" License

246 stars 16 forks source link

add decorators for FastAPI as well #19

Closed ocervell closed 3 months ago

ocervell commented 3 months ago

Sorry I didn't see that you asked me to review https://github.com/mschwager/route-detect/pull/17.

It is not uncommon in FastAPI to not use the Depends(Security) schema and instead build auth with the old methods used e.g in Flask, using good old decorators.

This PR makes it easy to detect authenticated decorated routes.

mschwager commented 3 months ago

If you rebase on master (https://github.com/mschwager/route-detect/commit/8d8f52153e538e5ca32998662253f657c65525c3), then CI should be working again 👍