Home > Mobile >  FastAPI - Unable to get auth token from middleware's Request object
FastAPI - Unable to get auth token from middleware's Request object

Time:12-26

Following Starlette documentation (FastAPI uses Starlette for middlewares), response.headers["Authorization"] should allow me to get the bearer token, but I get a KeyError saying no such attribute exists.

When I print response.headers, I get MutableHeaders({'content-length': '14', 'content-type': 'application/json'}).

Why is the authorization attribute not in the header despite of making a request with an auth header?

@app.middleware("http")
async def validate_access_token(request: Request, call_next):
    response = await call_next(request)
    access_token = response.headers["Authorization"].split()
    is_valid_signature = jwt.decode(access_token[1], key=SECRET, algorithms=CRYPT_ALGO)
    
    if is_valid_signature:
        return response
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED, 
            detail='Invalid access token'
        )

CodePudding user response:

You are trying to retrieve the Authorization header from the Respone instead of the Request object (as you mentioned in the title of your question). Hence, you should instead use:

access_token = request.headers['Authorization']
               ^^^^^^^

or

access_token = request.headers.get('Authorization')

Additionally, instead of a middleware, it might be better to use Dependencies, along with FastAPI's OAuth2PasswordBearer (you can find the implementation here), similar to this answer (which demonstrates how to achieve authentication using the third-party package FastAPI_Login - have a look at the relevant implementation here).

  • Related