Open br-follow opened 2 years ago
@br-allstreet ,
try to do something like this:
from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
async def get_current_user(
settings: AppSettings = Depends(get_app_settings),
http_auth: Optional[HTTPAuthorizationCredentials] = Depends(HTTPBearer(auto_error=False)),
) -> CognitoCurrentUser:
current_user_auth = FirebaseCurrentUser(project_id=settings.firebase_project_id)
return await current_user_auth(http_auth)
@app.get("/protected")
async def protected(current_user: FirebaseClaims = Depends(get_current_user)):
return f"Hello, {current_user.user_id}"
I didn't check it, jsut a quick sketch...
When injecting the
FirebaseClaims
object, no exception is raised for an unauthenticated user. It looks like it should raise a 401 exception becauseauto_error
is set toTrue
.Additionally, it is unclear how to test this via the Swagger UI. There does not appear to be any authentication UI, as there is with cogito.
Code: