def __init__( self, db: BaseUserDatabase, auth_backends: Sequence[BaseAuthentication], user_model: Type[models.BaseUser], user_create_model: Type[models.BaseUserCreate], user_update_model: Type[models.BaseUserUpdate], user_db_model: Type[models.BaseUserDB], reset_password_token_secret: str, reset_password_token_lifetime_seconds: int = 3600, ): self.db = db self.authenticator = Authenticator(auth_backends, db) self.router = get_user_router( self.db, user_model, user_create_model, user_update_model, user_db_model, self.authenticator, reset_password_token_secret, reset_password_token_lifetime_seconds, ) self.oauth_routers = [] self._user_db_model = user_db_model self._event_handlers = defaultdict(list) self.get_current_user = self.authenticator.get_current_user self.get_current_active_user = self.authenticator.get_current_active_user self.get_current_superuser = self.authenticator.get_current_superuser
async def _get_test_auth_client( backends: List[AuthenticationBackend], get_enabled_backends: Optional[DependencyCallable[ Sequence[AuthenticationBackend]]] = None, ) -> AsyncGenerator[httpx.AsyncClient, None]: app = FastAPI() authenticator = Authenticator(backends, get_user_manager) @app.get("/test-current-user") def test_current_user(user: UserDB = Depends( authenticator.current_user( get_enabled_backends=get_enabled_backends)), ): return user @app.get("/test-current-active-user") def test_current_active_user(user: UserDB = Depends( authenticator.current_user( active=True, get_enabled_backends=get_enabled_backends)), ): return user @app.get("/test-current-superuser") def test_current_superuser(user: UserDB = Depends( authenticator.current_user( active=True, superuser=True, get_enabled_backends=get_enabled_backends, )), ): return user async for client in get_test_client(app): yield client
async def _get_test_auth_client( backends: List[BaseAuthentication], ) -> AsyncGenerator[httpx.AsyncClient, None]: app = FastAPI() authenticator = Authenticator(backends, mock_user_db) @app.get("/test-current-user") def test_current_user(user: UserDB = Depends(authenticator.current_user())): return user @app.get("/test-current-active-user") def test_current_active_user( user: UserDB = Depends(authenticator.current_user(active=True)), ): return user @app.get("/test-current-superuser") def test_current_superuser( user: UserDB = Depends( authenticator.current_user(active=True, superuser=True) ), ): return user async for client in get_test_client(app): yield client
def __init__( self, db: BaseUserDatabase, auth_backends: Sequence[BaseAuthentication], user_model: Type[models.BaseUser], user_create_model: Type[models.BaseUserCreate], user_update_model: Type[models.BaseUserUpdate], user_db_model: Type[models.BaseUserDB], ): self.db = db self.authenticator = Authenticator(auth_backends, db) self._user_model = user_model self._user_db_model = user_db_model self._user_create_model = user_create_model self._user_update_model = user_update_model self._user_db_model = user_db_model self.get_current_user = self.authenticator.get_current_user self.get_current_active_user = self.authenticator.get_current_active_user self.get_current_superuser = self.authenticator.get_current_superuser self.get_optional_current_user = self.authenticator.get_optional_current_user self.get_optional_current_active_user = ( self.authenticator.get_optional_current_active_user) self.get_optional_current_superuser = ( self.authenticator.get_optional_current_superuser)
def test_app_client(mock_user_db, mock_authentication, event_handler) -> TestClient: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db ) user_router = get_user_router( mock_user_db, User, UserCreate, UserUpdate, UserDB, authenticator, SECRET, LIFETIME, ) user_router.add_event_handler(Event.ON_AFTER_REGISTER, event_handler) user_router.add_event_handler(Event.ON_AFTER_FORGOT_PASSWORD, event_handler) user_router.add_event_handler(Event.ON_AFTER_UPDATE, event_handler) app = FastAPI() app.include_router(user_router) return TestClient(app)
async def test_app_client(mock_user_db, mock_authentication, get_test_client) -> httpx.AsyncClient: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db) mock_auth_router = get_auth_router(mock_authentication, mock_user_db, authenticator) mock_bis_auth_router = get_auth_router(mock_authentication_bis, mock_user_db, authenticator) app = FastAPI() app.include_router(mock_auth_router, prefix="/mock") app.include_router(mock_bis_auth_router, prefix="/mock-bis") return await get_test_client(app)
def __init__( self, get_user_manager: UserManagerDependency[models.UC, models.UD], auth_backends: Sequence[AuthenticationBackend], user_model: Type[models.U], user_create_model: Type[models.UC], user_update_model: Type[models.UU], user_db_model: Type[models.UD], ): self.authenticator = Authenticator(auth_backends, get_user_manager) self._user_model = user_model self._user_db_model = user_db_model self._user_create_model = user_create_model self._user_update_model = user_update_model self.get_user_manager = get_user_manager self.current_user = self.authenticator.current_user
async def test_app_client( mock_user_db, mock_authentication, get_test_client) -> AsyncGenerator[httpx.AsyncClient, None]: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db) mock_auth_router = get_auth_router(mock_authentication, mock_user_db, authenticator) mock_bis_auth_router = get_auth_router(mock_authentication_bis, mock_user_db, authenticator) app = FastAPI() app.include_router(mock_auth_router, prefix="/mock") app.include_router(mock_bis_auth_router, prefix="/mock-bis") async for client in get_test_client(app): yield client
def _app_factory(requires_verification: bool) -> FastAPI: mock_authentication_bis = get_mock_authentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], get_user_manager) user_router = get_users_router( get_user_manager, User, UserUpdate, UserDB, authenticator, requires_verification=requires_verification, ) app = FastAPI() app.include_router(user_router) return app
async def test_app_client(mock_user_db, mock_authentication, after_update, get_test_client) -> httpx.AsyncClient: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db) user_router = get_users_router( mock_user_db, User, UserUpdate, UserDB, authenticator, after_update, ) app = FastAPI() app.include_router(user_router) return await get_test_client(app)
async def _get_test_app_client(redirect_url: str = None) -> httpx.AsyncClient: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db_oauth ) oauth_router = get_oauth_router( oauth_client, mock_user_db_oauth, UserDB, authenticator, SECRET, redirect_url, after_register, ) app = FastAPI() app.include_router(oauth_router) return await get_test_client(app)
def _app_factory(requires_verification: bool) -> FastAPI: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db) user_router = get_users_router( mock_user_db, User, UserUpdate, UserDB, authenticator, after_update, requires_verification=requires_verification, validate_password=validate_password, ) app = FastAPI() app.include_router(user_router) return app
def _get_test_app_client(redirect_url: str = None) -> TestClient: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db_oauth) oauth_router = get_oauth_router( oauth_client, mock_user_db_oauth, UserDB, authenticator, SECRET, redirect_url, ) oauth_router.add_event_handler(Event.ON_AFTER_REGISTER, event_handler) app = FastAPI() app.include_router(oauth_router) return TestClient(app)
def __init__( self, db: BaseUserDatabase, auth_backends: Sequence[BaseAuthentication], user_model: Type[models.BaseUser], user_create_model: Type[models.BaseUserCreate], user_update_model: Type[models.BaseUserUpdate], user_db_model: Type[models.BaseUserDB], validate_password: Optional[ValidatePasswordProtocol] = None, ): self.db = db self.authenticator = Authenticator(auth_backends, db) self._user_model = user_model self._user_db_model = user_db_model self._user_create_model = user_create_model self._user_update_model = user_update_model self._user_db_model = user_db_model self.create_user = get_create_user(db, user_db_model) self.verify_user = get_verify_user(db) self.get_user = get_get_user(db) self.validate_password = validate_password self.current_user = self.authenticator.current_user self.get_current_user = self.authenticator.get_current_user self.get_current_active_user = self.authenticator.get_current_active_user self.get_current_verified_user = self.authenticator.get_current_verified_user self.get_current_superuser = self.authenticator.get_current_superuser self.get_current_verified_superuser = ( self.authenticator.get_current_verified_superuser) self.get_optional_current_user = self.authenticator.get_optional_current_user self.get_optional_current_active_user = ( self.authenticator.get_optional_current_active_user) self.get_optional_current_verified_user = ( self.authenticator.get_optional_current_verified_user) self.get_optional_current_superuser = ( self.authenticator.get_optional_current_superuser) self.get_optional_current_verified_superuser = ( self.authenticator.get_optional_current_verified_superuser)
async def test_app_client( mock_user_db, mock_authentication, after_update, get_test_client) -> AsyncGenerator[httpx.AsyncClient, None]: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db) user_router = get_users_router( mock_user_db, User, UserUpdate, UserDB, authenticator, after_update, ) app = FastAPI() app.include_router(user_router) async for client in get_test_client(app): yield client
async def _get_test_app_client( redirect_url: str = None, ) -> AsyncGenerator[httpx.AsyncClient, None]: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db_oauth) oauth_router = get_oauth_router( oauth_client, mock_user_db_oauth, UserDB, authenticator, SECRET, redirect_url, after_register, ) app = FastAPI() app.include_router(oauth_router) async for client in get_test_client(app): yield client
def _get_test_auth_client( backends: List[BaseAuthentication]) -> TestClient: app = FastAPI() authenticator = Authenticator(backends, mock_user_db) @app.get("/test-current-user") def test_current_user( user: UserDB = Depends(authenticator.get_current_user), ): return user @app.get("/test-current-active-user") def test_current_active_user( user: UserDB = Depends( authenticator.get_current_active_user), ): return user @app.get("/test-current-superuser") def test_current_superuser( user: UserDB = Depends(authenticator.get_current_superuser), ): return user return TestClient(app)
def _app_factory(requires_verification: bool) -> FastAPI: mock_authentication_bis = MockAuthentication(name="mock-bis") authenticator = Authenticator( [mock_authentication, mock_authentication_bis], mock_user_db) mock_auth_router = get_auth_router( mock_authentication, mock_user_db, authenticator, requires_verification=requires_verification, ) mock_bis_auth_router = get_auth_router( mock_authentication_bis, mock_user_db, authenticator, requires_verification=requires_verification, ) app = FastAPI() app.include_router(mock_auth_router, prefix="/mock") app.include_router(mock_bis_auth_router, prefix="/mock-bis") return app
def get_auth_router( backend: BaseAuthentication, user_db: BaseUserDatabase[models.BaseUserDB], authenticator: Authenticator, requires_verification: bool = False, ) -> APIRouter: """Generate a router with login/logout routes for an authentication backend.""" router = APIRouter() get_current_user = authenticator.current_user( active=True, verified=requires_verification ) @router.post("/login") async def login( response: Response, credentials: OAuth2PasswordRequestForm = Depends() ): user = await user_db.authenticate(credentials) if user is None or not user.is_active: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=ErrorCode.LOGIN_BAD_CREDENTIALS, ) if requires_verification and not user.is_verified: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=ErrorCode.LOGIN_USER_NOT_VERIFIED, ) return await backend.get_login_response(user, response) if backend.logout: @router.post("/logout") async def logout(response: Response, user=Depends(get_current_user)): return await backend.get_logout_response(user, response) return router
def get_users_router( user_db: BaseUserDatabase[models.BaseUserDB], user_model: Type[models.BaseUser], user_update_model: Type[models.BaseUserUpdate], user_db_model: Type[models.BaseUserDB], authenticator: Authenticator, after_update: Optional[Callable[[models.UD, Dict[str, Any], Request], None]] = None, requires_verification: bool = False, ) -> APIRouter: """Generate a router with the authentication routes.""" router = APIRouter() get_current_active_user = authenticator.current_user( active=True, verified=requires_verification) get_current_superuser = authenticator.current_user( active=True, verified=requires_verification, superuser=True) async def _get_or_404(id: UUID4) -> models.BaseUserDB: user = await user_db.get(id) if user is None: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND) return user async def _update_user(user: models.BaseUserDB, update_dict: Dict[str, Any], request: Request): for field in update_dict: if field == "password": hashed_password = get_password_hash(update_dict[field]) user.hashed_password = hashed_password else: setattr(user, field, update_dict[field]) updated_user = await user_db.update(user) if after_update: await run_handler(after_update, updated_user, update_dict, request) return updated_user @router.get("/me", response_model=user_model) async def me( user: user_db_model = Depends( get_current_active_user), # type: ignore ): return user @router.patch("/me", response_model=user_model) async def update_me( request: Request, updated_user: user_update_model, # type: ignore user: user_db_model = Depends( get_current_active_user), # type: ignore ): updated_user = cast( models.BaseUserUpdate, updated_user, ) # Prevent mypy complain updated_user_data = updated_user.create_update_dict() updated_user = await _update_user(user, updated_user_data, request) return updated_user @router.get( "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], ) async def get_user(id: UUID4): return await _get_or_404(id) @router.patch( "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], ) async def update_user( id: UUID4, updated_user: user_update_model, request: Request # type: ignore ): updated_user = cast( models.BaseUserUpdate, updated_user, ) # Prevent mypy complain user = await _get_or_404(id) updated_user_data = updated_user.create_update_dict_superuser() return await _update_user(user, updated_user_data, request) @router.delete( "/{id:uuid}", status_code=status.HTTP_204_NO_CONTENT, dependencies=[Depends(get_current_superuser)], ) async def delete_user(id: UUID4): user = await _get_or_404(id) await user_db.delete(user) return None return router
def get_users_router( user_db: BaseUserDatabase[models.BaseUserDB], user_model: Type[models.BaseUser], user_update_model: Type[models.BaseUserUpdate], user_db_model: Type[models.BaseUserDB], authenticator: Authenticator, after_update: Optional[Callable[[models.UD, Dict[str, Any], Request], None]] = None, requires_verification: bool = False, validate_password: Optional[ValidatePasswordProtocol] = None, ) -> APIRouter: """Generate a router with the authentication routes.""" router = APIRouter() get_current_active_user = authenticator.current_user( active=True, verified=requires_verification) get_current_superuser = authenticator.current_user( active=True, verified=requires_verification, superuser=True) async def _get_or_404(id: UUID4) -> models.BaseUserDB: user = await user_db.get(id) if user is None: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND) return user async def _check_unique_email( updated_user: user_update_model, # type: ignore ) -> None: updated_user = cast(models.BaseUserUpdate, updated_user) # Prevent mypy complain if updated_user.email: user = await user_db.get_by_email(updated_user.email) if user is not None: raise HTTPException( status.HTTP_400_BAD_REQUEST, detail=ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS, ) async def _update_user(user: models.BaseUserDB, update_dict: Dict[str, Any], request: Request): for field in update_dict: if field == "password": password = update_dict[field] if validate_password: await validate_password(password, user) hashed_password = get_password_hash(password) user.hashed_password = hashed_password else: setattr(user, field, update_dict[field]) updated_user = await user_db.update(user) if after_update: await run_handler(after_update, updated_user, update_dict, request) return updated_user @router.get("/me", response_model=user_model) async def me( user: user_db_model = Depends( get_current_active_user), # type: ignore ): return user @router.patch( "/me", response_model=user_model, dependencies=[ Depends(get_current_active_user), Depends(_check_unique_email) ], ) async def update_me( request: Request, updated_user: user_update_model, # type: ignore user: user_db_model = Depends( get_current_active_user), # type: ignore ): updated_user = cast( models.BaseUserUpdate, updated_user, ) # Prevent mypy complain updated_user_data = updated_user.create_update_dict() try: return await _update_user(user, updated_user_data, request) except InvalidPasswordException as e: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail={ "code": ErrorCode.UPDATE_USER_INVALID_PASSWORD, "reason": e.reason, }, ) @router.get( "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], ) async def get_user(id: UUID4): return await _get_or_404(id) @router.patch( "/{id:uuid}", response_model=user_model, dependencies=[ Depends(get_current_superuser), Depends(_check_unique_email) ], ) async def update_user( id: UUID4, updated_user: user_update_model, request: Request # type: ignore ): updated_user = cast( models.BaseUserUpdate, updated_user, ) # Prevent mypy complain user = await _get_or_404(id) updated_user_data = updated_user.create_update_dict_superuser() try: return await _update_user(user, updated_user_data, request) except InvalidPasswordException as e: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail={ "code": ErrorCode.UPDATE_USER_INVALID_PASSWORD, "reason": e.reason, }, ) @router.delete( "/{id:uuid}", status_code=status.HTTP_204_NO_CONTENT, dependencies=[Depends(get_current_superuser)], ) async def delete_user(id: UUID4): user = await _get_or_404(id) await user_db.delete(user) return None return router
def get_users_router( get_user_manager: UserManagerDependency[models.UC, models.UD], user_model: Type[models.U], user_update_model: Type[models.UU], user_db_model: Type[models.UD], authenticator: Authenticator, requires_verification: bool = False, ) -> APIRouter: """Generate a router with the authentication routes.""" router = APIRouter() get_current_active_user = authenticator.current_user( active=True, verified=requires_verification) get_current_superuser = authenticator.current_user( active=True, verified=requires_verification, superuser=True) async def get_user_or_404( id: UUID4, user_manager: BaseUserManager[models.UC, models.UD] = Depends(get_user_manager), ) -> models.UD: try: return await user_manager.get(id) except UserNotExists: raise HTTPException(status_code=status.HTTP_404_NOT_FOUND) @router.get( "/me", response_model=user_model, name="users:current_user", responses={ status.HTTP_401_UNAUTHORIZED: { "description": "Missing token or inactive user.", }, }, ) async def me( user: user_db_model = Depends( get_current_active_user), # type: ignore ): return user @router.patch( "/me", response_model=user_model, dependencies=[Depends(get_current_active_user)], name="users:current_user", responses={ status.HTTP_401_UNAUTHORIZED: { "description": "Missing token or inactive user.", }, status.HTTP_400_BAD_REQUEST: { "model": ErrorModel, "content": { "application/json": { "examples": { ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS: { "summary": "A user with this email already exists.", "value": { "detail": ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS }, }, ErrorCode.UPDATE_USER_INVALID_PASSWORD: { "summary": "Password validation failed.", "value": { "detail": { "code": ErrorCode.UPDATE_USER_INVALID_PASSWORD, "reason": "Password should be" "at least 3 characters", } }, }, } } }, }, }, ) async def update_me( request: Request, user_update: user_update_model, # type: ignore user: user_db_model = Depends(get_current_active_user), # type: ignore user_manager: BaseUserManager[models.UC, models.UD] = Depends(get_user_manager), ): try: return await user_manager.update(user_update, user, safe=True, request=request) except InvalidPasswordException as e: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail={ "code": ErrorCode.UPDATE_USER_INVALID_PASSWORD, "reason": e.reason, }, ) except UserAlreadyExists: raise HTTPException( status.HTTP_400_BAD_REQUEST, detail=ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS, ) @router.get( "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], name="users:user", responses={ status.HTTP_401_UNAUTHORIZED: { "description": "Missing token or inactive user.", }, status.HTTP_403_FORBIDDEN: { "description": "Not a superuser.", }, status.HTTP_404_NOT_FOUND: { "description": "The user does not exist.", }, }, ) async def get_user(user=Depends(get_user_or_404)): return user @router.patch( "/{id:uuid}", response_model=user_model, dependencies=[Depends(get_current_superuser)], name="users:user", responses={ status.HTTP_401_UNAUTHORIZED: { "description": "Missing token or inactive user.", }, status.HTTP_403_FORBIDDEN: { "description": "Not a superuser.", }, status.HTTP_404_NOT_FOUND: { "description": "The user does not exist.", }, status.HTTP_400_BAD_REQUEST: { "model": ErrorModel, "content": { "application/json": { "examples": { ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS: { "summary": "A user with this email already exists.", "value": { "detail": ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS }, }, ErrorCode.UPDATE_USER_INVALID_PASSWORD: { "summary": "Password validation failed.", "value": { "detail": { "code": ErrorCode.UPDATE_USER_INVALID_PASSWORD, "reason": "Password should be" "at least 3 characters", } }, }, } } }, }, }, ) async def update_user( user_update: user_update_model, # type: ignore request: Request, user=Depends(get_user_or_404), user_manager: BaseUserManager[models.UC, models.UD] = Depends(get_user_manager), ): try: return await user_manager.update(user_update, user, safe=False, request=request) except InvalidPasswordException as e: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail={ "code": ErrorCode.UPDATE_USER_INVALID_PASSWORD, "reason": e.reason, }, ) except UserAlreadyExists: raise HTTPException( status.HTTP_400_BAD_REQUEST, detail=ErrorCode.UPDATE_USER_EMAIL_ALREADY_EXISTS, ) @router.delete( "/{id:uuid}", status_code=status.HTTP_204_NO_CONTENT, response_class=Response, dependencies=[Depends(get_current_superuser)], name="users:user", responses={ status.HTTP_401_UNAUTHORIZED: { "description": "Missing token or inactive user.", }, status.HTTP_403_FORBIDDEN: { "description": "Not a superuser.", }, status.HTTP_404_NOT_FOUND: { "description": "The user does not exist.", }, }, ) async def delete_user( user=Depends(get_user_or_404), user_manager: BaseUserManager[models.UC, models.UD] = Depends(get_user_manager), ): await user_manager.delete(user) return None return router
def get_auth_router( backend: AuthenticationBackend, get_user_manager: UserManagerDependency[models.UC, models.UD], authenticator: Authenticator, requires_verification: bool = False, ) -> APIRouter: """Generate a router with login/logout routes for an authentication backend.""" router = APIRouter() get_current_user_token = authenticator.current_user_token( active=True, verified=requires_verification) login_responses: OpenAPIResponseType = { status.HTTP_400_BAD_REQUEST: { "model": ErrorModel, "content": { "application/json": { "examples": { ErrorCode.LOGIN_BAD_CREDENTIALS: { "summary": "Bad credentials or the user is inactive.", "value": { "detail": ErrorCode.LOGIN_BAD_CREDENTIALS }, }, ErrorCode.LOGIN_USER_NOT_VERIFIED: { "summary": "The user is not verified.", "value": { "detail": ErrorCode.LOGIN_USER_NOT_VERIFIED }, }, } } }, }, **backend.transport.get_openapi_login_responses_success(), } @router.post( "/login", name=f"auth:{backend.name}.login", responses=login_responses, ) async def login( response: Response, credentials: OAuth2PasswordRequestForm = Depends(), user_manager: BaseUserManager[models.UC, models.UD] = Depends(get_user_manager), strategy: Strategy[models.UC, models.UD] = Depends(backend.get_strategy), ): user = await user_manager.authenticate(credentials) if user is None or not user.is_active: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=ErrorCode.LOGIN_BAD_CREDENTIALS, ) if requires_verification and not user.is_verified: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail=ErrorCode.LOGIN_USER_NOT_VERIFIED, ) return await backend.login(strategy, user, response) logout_responses: OpenAPIResponseType = { **{ status.HTTP_401_UNAUTHORIZED: { "description": "Missing token or inactive user." } }, **backend.transport.get_openapi_logout_responses_success(), } @router.post("/logout", name=f"auth:{backend.name}.logout", responses=logout_responses) async def logout( response: Response, user_token: Tuple[models.UD, str] = Depends(get_current_user_token), strategy: Strategy[models.UC, models.UD] = Depends(backend.get_strategy), ): user, token = user_token return await backend.logout(strategy, user, token, response) return router