DO NOT FORK, CLICK "Use this template" - The base to start an openapi project featuring: SQLModel, Typer, FastAPI, JWT Token Auth, Interactive Shell, Management Commands.
I'm just learning about FastAPI and this project was incredibly useful!
PR Summary:
Expanded tests of user routes to increase coverage
Moved "/user/me" route to "/profile"
Added check to avoid 500 error when adding a username already in the db
Added refresh_token mechanism and associated tests
Found the same bugs listed on a previous PR. While expanding the tests for the user route I found the ordering bug listed in another PR. I started by re-ordering the functions but ultimately decided the "/user/me" route was too risky (for me) i.e. a user is created with the username of "me"... thus I elected to move the route from /user/me to /profile.
Added a JWT refresh_token mechanism that I'm going to need for my next project. This includes the new /refesh_token POST route for updating the the access_token. The access_token now includes a boolean "fresh" value in the JWT to indicated if it was issued based on a /token request or by the refresh_token request. Added a new depends (AuthenticatedFreshUser) to require that the user must have a "fresh" access_token or be a superuser.
I'm just learning about FastAPI and this project was incredibly useful!
PR Summary:
Found the same bugs listed on a previous PR. While expanding the tests for the user route I found the ordering bug listed in another PR. I started by re-ordering the functions but ultimately decided the "/user/me" route was too risky (for me) i.e. a user is created with the username of "me"... thus I elected to move the route from /user/me to /profile.
Added a JWT refresh_token mechanism that I'm going to need for my next project. This includes the new /refesh_token POST route for updating the the access_token. The access_token now includes a boolean "fresh" value in the JWT to indicated if it was issued based on a /token request or by the refresh_token request. Added a new depends (AuthenticatedFreshUser) to require that the user must have a "fresh" access_token or be a superuser.