search

tokusumi / fastapi-cloudauth

Simple integration between FastAPI and cloud authentication services (AWS Cognito, Auth0, Firebase Authentication).
MIT License
323 stars 35 forks source link

Firebase - Unauthenticated request is not raising an exception #54

Open br-follow opened 2 years ago

br-follow commented 2 years ago

When injecting the FirebaseClaims object, no exception is raised for an unauthenticated user. It looks like it should raise a 401 exception because auto_error is set to True.

Additionally, it is unclear how to test this via the Swagger UI. There does not appear to be any authentication UI, as there is with cogito.

Code:

async def get_current_user(settings: Settings = Depends(get_settings)):
    return FirebaseCurrentUser(project_id=settings.firebase_project_id)

@app.get("/protected")
async def protected(current_user: FirebaseClaims = Depends(get_current_user)):
    return f"Hello, {current_user.user_id}"
tivaliy commented 2 years ago

@br-allstreet ,

try to do something like this:

from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer

async def get_current_user(
    settings: AppSettings = Depends(get_app_settings),
    http_auth: Optional[HTTPAuthorizationCredentials] = Depends(HTTPBearer(auto_error=False)),
) -> CognitoCurrentUser:
    current_user_auth = FirebaseCurrentUser(project_id=settings.firebase_project_id)
    return await current_user_auth(http_auth)

@app.get("/protected")
async def protected(current_user: FirebaseClaims = Depends(get_current_user)):
    return f"Hello, {current_user.user_id}"

I didn't check it, jsut a quick sketch...