Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proper error handling in authentication middleware #2

Merged
merged 1 commit into from
Feb 26, 2022
Merged

proper error handling in authentication middleware #2

merged 1 commit into from
Feb 26, 2022

Conversation

JonasScholl
Copy link
Collaborator

When an error in an starlette AuthenticationBackend occurs, a AuthenticationError must be raised, other exceptions may produce errors like: 'RuntimeError: Caught handled exception, but response already started.' (see starlette documentation)

This PR:

  • catches all exceptions that occur in the verify_authorization_header callback and convert them into an AuthenticationError
  • adds an optional error handler callback for specifically catching auth errors and returning a custom response (since this is already offered by the AuthenticationBackend implentation from starlette)
  • does some type hint improvements, I couldn't resist 😂

@codecov
Copy link

codecov bot commented Feb 25, 2022
edited
Loading

Codecov Report

Merging #2 (7a6893a) into main (db8521f) will not change coverage.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff            @@
##              main        #2   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines           30        34    +4     
=========================================
+ Hits            30        34    +4
Impacted Files Coverage Δ
fastapi_auth_middleware/middleware.py 100.00% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update db8521f...7a6893a. Read the comment docs.

yannicschroeer
yannicschroeer approved these changes Feb 25, 2022
View reviewed changes
Copy link
Collaborator

@yannicschroeer yannicschroeer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👌

yannicschroeer
yannicschroeer reviewed Feb 25, 2022
View reviewed changes
tests/test_basic.py
@@ -20,10 +23,14 @@ def verify_authorization_header_basic_admin_scope(auth_header: str):
return scopes, user


def raise_exception_in_verify_authorization_header(_):
raise Exception('some auth error occured')
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think this is explicit enough? 😄

@yannicschroeer yannicschroeer merged commit 3d9f222 into main Feb 26, 2022
@yannicschroeer yannicschroeer deleted the auth-middleware-error-handling branch February 26, 2022 09:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yannicschroeer yannicschroeer yannicschroeer approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JonasScholl @yannicschroeer