|
| 1 | +======================== |
| 2 | +FastAPI Auth JWT support |
| 3 | +======================== |
| 4 | + |
| 5 | +.. |
| 6 | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
| 7 | + !! This file is generated by oca-gen-addon-readme !! |
| 8 | + !! changes will be overwritten. !! |
| 9 | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
| 10 | + !! source digest: sha256:2829a34d48a1906819029e7b796d33a1ee2ad2a47693396da96f92ede04ec17d |
| 11 | + !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! |
| 12 | +
|
| 13 | +.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png |
| 14 | + :target: https://odoo-community.org/page/development-status |
| 15 | + :alt: Beta |
| 16 | +.. |badge2| image:: https://img.shields.io/badge/licence-LGPL--3-blue.png |
| 17 | + :target: http://www.gnu.org/licenses/lgpl-3.0-standalone.html |
| 18 | + :alt: License: LGPL-3 |
| 19 | +.. |badge3| image:: https://img.shields.io/badge/github-OCA%2Frest--framework-lightgray.png?logo=github |
| 20 | + :target: https://github.com/OCA/rest-framework/tree/18.0/fastapi_auth_jwt |
| 21 | + :alt: OCA/rest-framework |
| 22 | +.. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png |
| 23 | + :target: https://translation.odoo-community.org/projects/rest-framework-18-0/rest-framework-18-0-fastapi_auth_jwt |
| 24 | + :alt: Translate me on Weblate |
| 25 | +.. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png |
| 26 | + :target: https://runboat.odoo-community.org/builds?repo=OCA/rest-framework&target_branch=18.0 |
| 27 | + :alt: Try me on Runboat |
| 28 | + |
| 29 | +|badge1| |badge2| |badge3| |badge4| |badge5| |
| 30 | + |
| 31 | +This module provides ``FastAPI`` ``Depends`` to allow authentication |
| 32 | +with |
| 33 | +`auth_jwt <https://github.com/OCA/server-auth/tree/18.0/auth_jwt>`__. |
| 34 | + |
| 35 | +**Table of contents** |
| 36 | + |
| 37 | +.. contents:: |
| 38 | + :local: |
| 39 | + |
| 40 | +Usage |
| 41 | +===== |
| 42 | + |
| 43 | +The following FastAPI dependencies are provided and importable from |
| 44 | +``odoo.addons.fastapi_auth_jwt.dependencies``: |
| 45 | + |
| 46 | +``def auth_jwt_authenticated_payload() -> Payload`` |
| 47 | + |
| 48 | + Return the authenticated JWT payload. Raise a 401 (unauthorized) if |
| 49 | + absent or invalid. |
| 50 | + |
| 51 | +``def auth_jwt_optionally_authenticated_payload() -> Payload | None`` |
| 52 | + |
| 53 | + Return the authenticated JWT payload, or ``None`` if the |
| 54 | + ``Authorization`` header and cookie are absent. Raise a 401 |
| 55 | + (unauthorized) if present and invalid. |
| 56 | + |
| 57 | +``def auth_jwt_authenticated_partner() -> Partner`` |
| 58 | + |
| 59 | + Obtain the authenticated partner corresponding to the provided JWT |
| 60 | + token, according to the partner strategy defined on the ``auth_jwt`` |
| 61 | + validator. Raise a 401 (unauthorized) if the partner could not be |
| 62 | + determined for any reason. |
| 63 | + |
| 64 | + This is function suitable and intended to override |
| 65 | + ``odoo.addons.fastapi.dependencies.authenticated_partner_impl``. |
| 66 | + |
| 67 | + The partner record returned by this function is bound to an |
| 68 | + environment that uses the Odoo user obtained from the user strategy |
| 69 | + defined on the ``auth_jwt`` validator. When used |
| 70 | + ``authenticated_partner_impl`` this in turn ensures that |
| 71 | + ``odoo.addons.fastapi.dependencies.authenticated_partner_env`` is |
| 72 | + also bound to the correct Odoo user. |
| 73 | + |
| 74 | +``def auth_jwt_optionally_authenticated_partner() -> Partner`` |
| 75 | + |
| 76 | + Same as ``auth_jwt_partner`` except it returns an empty recordset |
| 77 | + bound to the ``public`` user if the ``Authorization`` header and |
| 78 | + cookie are absent, or if the JWT validator could not find the partner |
| 79 | + and declares that the partner is not required. |
| 80 | + |
| 81 | +``def auth_jwt_authenticated_odoo_env() -> Environment`` |
| 82 | + |
| 83 | + Return an Odoo environment using the the Odoo user obtained from the |
| 84 | + user strategy defined on the ``auth_jwt`` validator, if the request |
| 85 | + could be authenticated using a JWT validator. Raise a 401 |
| 86 | + (unauthorized) otherwise. |
| 87 | + |
| 88 | + This is function suitable and intended to override |
| 89 | + ``odoo.addons.fastapi.dependencies.authenticated_odoo_env_impl``. |
| 90 | + |
| 91 | +``def auth_jwt_default_validator_name() -> str | None`` |
| 92 | + |
| 93 | + Return the name of the default JWT validator to use. |
| 94 | + |
| 95 | + The default implementation returns ``None`` meaning only one active |
| 96 | + JWT validator is allowed. This dependency is meant to be overridden. |
| 97 | + |
| 98 | +``def auth_jwt_http_header_authorization() -> str | None`` |
| 99 | + |
| 100 | + By default, return the credentials part of the ``Authorization`` |
| 101 | + header, or ``None`` if absent. This dependency is meant to be |
| 102 | + overridden, in particular with |
| 103 | + ``fastapi.security.OAuth2AuthorizationCodeBearer`` to let swagger |
| 104 | + handle OAuth2 authorization (such override is only necessary for |
| 105 | + comfort when using the swagger interface). |
| 106 | + |
| 107 | +Bug Tracker |
| 108 | +=========== |
| 109 | + |
| 110 | +Bugs are tracked on `GitHub Issues <https://github.com/OCA/rest-framework/issues>`_. |
| 111 | +In case of trouble, please check there if your issue has already been reported. |
| 112 | +If you spotted it first, help us to smash it by providing a detailed and welcomed |
| 113 | +`feedback <https://github.com/OCA/rest-framework/issues/new?body=module:%20fastapi_auth_jwt%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_. |
| 114 | + |
| 115 | +Do not contact contributors directly about support or help with technical issues. |
| 116 | + |
| 117 | +Credits |
| 118 | +======= |
| 119 | + |
| 120 | +Authors |
| 121 | +------- |
| 122 | + |
| 123 | +* ACSONE SA/NV |
| 124 | + |
| 125 | +Maintainers |
| 126 | +----------- |
| 127 | + |
| 128 | +This module is maintained by the OCA. |
| 129 | + |
| 130 | +.. image:: https://odoo-community.org/logo.png |
| 131 | + :alt: Odoo Community Association |
| 132 | + :target: https://odoo-community.org |
| 133 | + |
| 134 | +OCA, or the Odoo Community Association, is a nonprofit organization whose |
| 135 | +mission is to support the collaborative development of Odoo features and |
| 136 | +promote its widespread use. |
| 137 | + |
| 138 | +.. |maintainer-sbidoul| image:: https://github.com/sbidoul.png?size=40px |
| 139 | + :target: https://github.com/sbidoul |
| 140 | + :alt: sbidoul |
| 141 | + |
| 142 | +Current `maintainer <https://odoo-community.org/page/maintainer-role>`__: |
| 143 | + |
| 144 | +|maintainer-sbidoul| |
| 145 | + |
| 146 | +This module is part of the `OCA/rest-framework <https://github.com/OCA/rest-framework/tree/18.0/fastapi_auth_jwt>`_ project on GitHub. |
| 147 | + |
| 148 | +You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute. |
0 commit comments