FastAPI-users how to login, logout (register) behind routes? #1286
Answered
by
NickNaskida
MuzykaAndrii
asked this question in
Q&A
-
I have SQLAdmin panel to manage my models, they have built-in class AuthenticationBackendSQLAdmin to handle login and logout operations. How to manually define login and logout functionality to specify it in AuthenticationBackendSQLAdmin login and logout methods? |
Beta Was this translation helpful? Give feedback.
Answered by
NickNaskida
Sep 20, 2023
Replies: 1 comment
-
Here is a guide to authentication implementation in SQLAdmin - Authentication - SQLAlchemy Admin You should implement needed crud methods on User model (which is available if you are using FastAPI-users) Here is a snippet of my code (I use starlette admin) class AdminAuthProvider(AuthProvider):
"""Custom authentication provider for admin."""
async def login(
self,
username: str,
password: str,
remember_me: bool,
request: Request,
response: Response,
) -> Response:
# check if user exists
user = await crud.user.get_by_email(email=username, db_session=db.session)
if not user:
raise LoginFailed("Invalid username or password")
# check if user has rights to access admin panel
if not confirm_user_rights(user):
raise LoginFailed("Access denied")
# check user password
if not confirm_user_password(user, password):
raise LoginFailed("Invalid username or password")
# create session
request.session.update({"username": username})
return response
async def is_authenticated(self, request) -> bool:
# check user session
user_email = request.session.get("username", None)
if not user_email:
return False
# check if user exists
user = await crud.user.get_by_email(email=user_email, db_session=db.session)
if not user:
return False
# check if user has rights to access admin panel
if not confirm_user_rights(user):
return False
# set user email to request state
request.state.user = user.email
return True
def get_admin_user(self, request: Request) -> AdminUser:
user = request.state.user
return AdminUser(username=user)
async def logout(self, request: Request, response: Response) -> Response:
request.session.clear()
return response password and security handling from fastapi_users.password import PasswordHelper
from src.models.user import User
def confirm_user_rights(user: User) -> bool:
"""
Verify that the user has the rights to access the admin panel.
:param user: User model object
:return: True if the user has the rights, False otherwise
"""
print(user.is_superuser, user.is_active, user.is_verified)
if not user.is_superuser:
return False
if not user.is_active:
return False
if not user.is_verified:
return False
return True
def confirm_user_password(user: User, password: str) -> bool:
"""
Verify that the password is correct.
:param user: User model object
:param password: Password to verify
:return: True if the password is correct, False otherwise
"""
password_helper = PasswordHelper()
return password_helper.verify_and_update(password, user.hashed_password)[0]
def hash_password(password: str) -> str:
"""
Hash the password.
:param password: Password to hash
:return: Hashed password
"""
password_helper = PasswordHelper()
return password_helper.hash(password) |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
MuzykaAndrii
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Here is a guide to authentication implementation in SQLAdmin - Authentication - SQLAlchemy Admin
You should implement needed crud methods on User model (which is available if you are using FastAPI-users)
Here is a snippet of my code (I use starlette admin)