Skip to main content

Extended FastAPI OAuth2PasswordRequestForm

So, to register a user, I needed some additional fields that were not in the standard form:

@router.post("/sign-up/", response_model=TokensScheme)
async def sign_up(form_data: OAuth2PasswordRequestForm = Depends(),
                  email: str = Body(),
                  first_name: str | None = Body(default=None),
                  second_name: str | None = Body(default=None),
                  session: Session = Depends(get_db)):
    repository = UsersRepository(session)

    repository.create(
        User(
            email=email,
            username=form_data.username,
            password=get_password_hash(form_data.password),
            first_name=first_name,
            second_name=second_name,
            is_active=False,
        )
    )

    return sign_in(form_data, session)

This route successfully fulfills its task, however, I did not really like adding fields in this way and I decided to extend the standard form as follows:

class UserBaseScheme(BaseModel):
    email: str
    username: str
    first_name: str | None
    second_name: str | None


class UserCreateScheme(UserBaseScheme):
    password: str


class OAuth2ExtendedForm(OAuth2PasswordRequestForm,
                         UserCreateScheme):
    pass


@router.post("/sign-up/", response_model=TokensScheme)
async def sign_up(form_data: OAuth2ExtendedForm = Depends(),
                  session: Session = Depends(get_db)):
    repository = UsersRepository(session)

    repository.create(
        User(
            email=form_data.email,
            username=form_data.username,
            password=get_password_hash(form_data.password),
            first_name=form_data.first_name,
            second_name=form_data.second_name,
            is_active=False,
        )
    )

    return sign_in(form_data, session)

I don't know if it's a good idea to mix Pydantic model and form, but it doesn't work:

ValueError: "OAuth2ExtendedForm" object has no field "grant_type"

I tried to tried to remove inheritance from UserCreateScheme and enter the fields I need directly into the new form, as in this question:

class OAuth2ExtendedForm(OAuth2PasswordRequestForm):
    email: str
    first_name: str | None
    second_name: str | None

It works, but it absolutely ignores the new attributes, they just don't exist in the form.

The question is: is this some mistake of mine, FastAPI's internal security? Is it possible to expand this form at all? Thanks in advance.

EDIT:

I tried different combinations, maybe I really made a mistake somewhere.

So, as Daniil Fajnberg said, it would be nice to provide some example:

from fastapi import FastAPI, Depends
from fastapi.security import OAuth2PasswordRequestForm
from pydantic import BaseModel

app = FastAPI()


class UserBaseScheme(BaseModel):
    email: str
    username: str
    first_name: str | None
    second_name: str | None


class UserCreateScheme(UserBaseScheme):
    password: str


class OAuth2ExtendedFormManual(OAuth2PasswordRequestForm):
    email: str


class OAuth2ExtendedFormGrantType(OAuth2PasswordRequestForm):
    email: str
    grant_type: str


class OAuth2ExtendedFormInherit(OAuth2PasswordRequestForm,
                                UserCreateScheme):
    pass


"""
    Trying to send this as a form-data to all routes: 
    1. {'username': 'boo', 'password': 'boo', 'email': 'boo@gmail.com}
    2. {'username': 'boo', 'password': 'boo', 'email': 'boo@gmail.com, 'grant_type': 'password'}
    
    In both cases I can't get the expected result.
"""


@app.post("/sign-up-standard/")
async def sign_up(form_data: OAuth2PasswordRequestForm = Depends()):
    print(form_data.__dict__)
    # 1, 2 -> {
    #   'grant_type': None | 'password',
    #   'username': 'boo',
    #   'password': 'boo',
    #   'scopes': [],
    #   'client_id': None,
    #   'client_secret': None
    # }
    # Where is an email field?


@app.post("/sign-up-extended-manual/")
async def sign_up(form_data: OAuth2ExtendedFormManual = Depends()):
    print(form_data.__dict__)
    # 1, 2 -> {
    #   'grant_type': None | 'password',
    #   'username': 'boo',
    #   'password': 'boo',
    #   'scopes': [],
    #   'client_id': None,
    #   'client_secret': None
    # }
    # Where is an email field?


@app.post("/sign-up-extended-manual-grant-type/")
async def sign_up(form_data: OAuth2ExtendedFormGrantType = Depends()):
    print(form_data.__dict__)
    # 1, 2 -> {
    #   'grant_type': None | 'password',
    #   'username': 'boo',
    #   'password': 'boo',
    #   'scopes': [],
    #   'client_id': None,
    #   'client_secret': None
    # }
    # Where is an email field?


@app.post("/sign-up-extended-inherit/")
async def sign_up(form_data: OAuth2ExtendedFormInherit = Depends()):
    print(form_data.__dict__)
    # 1, 2 -> File "pydantic\main.py", line 358, in pydantic.main.BaseModel.__setattr__
    # ValueError: "OAuth2ExtendedFormInherit" object has no field "grant_type"

EDIT 2:

Ok, it works like a standard:

class OAuth2ExtendedForm(OAuth2PasswordRequestForm):
    pass

This doesn't work:

class OAuth2ExtendedForm(OAuth2PasswordRequestForm):
    def __init__(self,
                 email: str = Form(),
                 first_name: str | None = Form(None),
                 second_name: str | None = Form(None)):
        super().__init__()
        self.email = email
        self.first_name = first_name
        self.second_name = second_name

# It does not process fields
self.scopes = scope.split() # in constructor
AttributeError: 'Form' object has no attribute 'split'

It's terrible, but it works exactly as I need it:

class OAuth2ExtendedForm(OAuth2PasswordRequestForm):
    def __init__(self,
                 email: str = Form(),
                 first_name: str | None = Form(None),
                 second_name: str | None = Form(None),
                 grant_type: str = Form(default=None, regex="password"),
                 username: str = Form(),
                 password: str = Form(),
                 scope: str = Form(default=""),
                 client_id: Optional[str] = Form(default=None),
                 client_secret: Optional[str] = Form(default=None)
                 ):
        super().__init__(grant_type=grant_type, 
                         username=username, 
                         password=password,
                         scope=scope, 
                         client_id=client_id, 
                         client_secret=client_secret)
        
        self.email = email
        self.first_name = first_name
        self.second_name = second_name

I also try use kwargs, but Pydantic said this:

{
    "detail": [
        {
            "loc": [
                "query",
                "kwargs"
            ],
            "msg": "field required",
            "type": "value_error.missing"
        }
    ]
}


source https://stackoverflow.com/questions/75188072/extended-fastapi-oauth2passwordrequestform

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

ValueError: X has 10 features, but LinearRegression is expecting 1 features as input

So, I am trying to predict the model but its throwing error like it has 10 features but it expacts only 1. So I am confused can anyone help me with it? more importantly its not working for me when my friend runs it. It works perfectly fine dose anyone know the reason about it? cv = KFold(n_splits = 10) all_loss = [] for i in range(9): # 1st for loop over polynomial orders poly_order = i X_train = make_polynomial(x, poly_order) loss_at_order = [] # initiate a set to collect loss for CV for train_index, test_index in cv.split(X_train): print('TRAIN:', train_index, 'TEST:', test_index) X_train_cv, X_test_cv = X_train[train_index], X_test[test_index] t_train_cv, t_test_cv = t[train_index], t[test_index] reg.fit(X_train_cv, t_train_cv) loss_at_order.append(np.mean((t_test_cv - reg.predict(X_test_cv))**2)) # collect loss at fold all_loss.append(np.mean(loss_at_order)) # collect loss at order plt.plot(np.log(al...
Post a Comment
Read more

Sorting large arrays of big numeric stings

I was solving bigSorting() problem from hackerrank: Consider an array of numeric strings where each string is a positive number with anywhere from to digits. Sort the array's elements in non-decreasing, or ascending order of their integer values and return the sorted array. I know it works as follows: def bigSorting(unsorted): return sorted(unsorted, key=int) But I didnt guess this approach earlier. Initially I tried below: def bigSorting(unsorted): int_unsorted = [int(i) for i in unsorted] int_sorted = sorted(int_unsorted) return [str(i) for i in int_sorted] However, for some of the test cases, it was showing time limit exceeded. Why is it so? PS: I dont know exactly what those test cases were as hacker rank does not reveal all test cases. source https://stackoverflow.com/questions/73007397/sorting-large-arrays-of-big-numeric-stings
Post a Comment
Read more

How to load Javascript with imported modules?

I am trying to import modules from tensorflowjs, and below is my code. test.html <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Document</title </head> <body> <script src="https://cdn.jsdelivr.net/npm/@tensorflow/tfjs@2.0.0/dist/tf.min.js"></script> <script type="module" src="./test.js"></script> </body> </html> test.js import * as tf from "./node_modules/@tensorflow/tfjs"; import {loadGraphModel} from "./node_modules/@tensorflow/tfjs-converter"; const MODEL_URL = './model.json'; const model = await loadGraphModel(MODEL_URL); const cat = document.getElementById('cat'); model.execute(tf.browser.fromPixels(cat)); Besides, I run the server using python -m http.server in my command prompt(Windows 10), and this is the error prompt in the console log of my browser: Failed to loa...
Post a Comment
Read more