GithubHelp home page GithubHelp logo

Comments (5)

frankie567 avatar frankie567 commented on May 26, 2024

Not sure if it's a bug. Could you provide the requests you are doing to /logout? I'm especially interested in the Authorization and Cookie headers.

from fastapi-users.

AndreMPCosta avatar AndreMPCosta commented on May 26, 2024

@frankie567

Here are the headers from the logout request:

{'accept': 'application/json',
 'accept-encoding': 'gzip, deflate, br',
 'cache-control': 'no-cache',
 'connection': 'keep-alive',
 'content-length': '0',
 'cookie': 'access_token=cTp7fEr8aimRK1-rvTr3PDtFXuNX4I-ZrjNbeD2AqU8',
 'host': 'localhost:8000',
 'postman-token': '129ed49e-0f6f-464d-be12-67ce7da6459f',
 'user-agent': 'PostmanRuntime/7.33.0'}

INFO:     127.0.0.1:56298 - "POST /api/v1/auth/jwt/dashboard/logout HTTP/1.1" 401 Unauthorized

from fastapi-users.

frankie567 avatar frankie567 commented on May 26, 2024

I'm wondering if it could come from a route priority collision (i.e. the auth_backend_mobile router may take precedence here). Could you try to disable the auth_backend_mobile router (only the router, the rest can stay) and try again?

# Comment this
#api_router.include_router(
#    fastapi_users.get_auth_router(auth_backend_mobile), prefix=jwt_url, tags=["auth"]
#)

api_router.include_router(
    fastapi_users.get_auth_router(auth_backend_dashboard), prefix=f"{jwt_url}/dashboard", tags=["auth"]
)

from fastapi-users.

AndreMPCosta avatar AndreMPCosta commented on May 26, 2024

That was the first thing I've done, but I just retried doing it again, and got the same results unfortunately.

The only two routes available:
image

{'accept': 'application/json',
 'accept-encoding': 'gzip, deflate, br',
 'cache-control': 'no-cache',
 'connection': 'keep-alive',
 'content-length': '0',
 'cookie': 'access_token=-DCzaUhIqZVdtidmrjZtoLDx8q2mcqkd1znDd2_VjqM',
 'host': 'localhost:8000',
 'postman-token': '9d1af03d-44b6-41b3-af3e-49dbbfc3f201',
 'user-agent': 'PostmanRuntime/7.33.0'}
INFO:     127.0.0.1:62858 - "POST /api/v1/auth/jwt/dashboard/logout HTTP/1.1" 401 Unauthorized

I am also extending the AuthenticationBackend class:

class DashBoardAuthenticationBackend(AuthenticationBackend):
    async def login(
            self, strategy: Strategy[models.UP, models.ID], user: models.UP
    ) -> Response:
        if not user.is_researcher and not user.is_superuser:
            raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED)
        token = await strategy.write_token(user)
        return await self.transport.get_login_response(token)

But I think it should not affect any of this behavior, login works as intended.

Even though I am not using the database_bearer strategy on any route now, the print that I have added on the Authenticator, still gives the database_bearer when I try to logout.
What I don't understand is that the login works as expected and the logout does not.

from fastapi-users.

AndreMPCosta avatar AndreMPCosta commented on May 26, 2024

@frankie567 I finally figured it out, the problem is on my end:

api_router.include_router(
    fastapi_users.get_auth_router(auth_backend_mobile), prefix=jwt_url, tags=["auth"]
)

api_router.include_router(
    fastapi_users.get_auth_router(auth_backend_dashboard), prefix=f"{jwt_url}/dashboard", tags=["auth"]
)

It should be:

api_router.include_router(
    fastapi_users.get_auth_router(auth_backend_mobile), prefix=jwt_url, tags=["auth"]
)

api_router.include_router(
    fastapi_users_dashboard.get_auth_router(auth_backend_dashboard), prefix=f"{jwt_url}/dashboard", tags=["auth"]
)

Because:

fastapi_users = FastAPIUsers[User, PydanticObjectId](get_user_manager, [auth_backend_mobile])
fastapi_users_dashboard = FastAPIUsers[User, PydanticObjectId](get_user_manager, [auth_backend_dashboard])

Sorry about the confusion. The current user dependency was being used from the auth_backend_mobile instead of the dashboard.

from fastapi-users.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.