Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

HTTP Basic authentication issue with FastAPI

See original GitHub issue

FastAPI HTTPBasic authentication appears to break when moving from hypercorn 0.14.1 to 0.14.2.

The HTTPBasic example from FastAPI:

from fastapi import Depends, FastAPI
from fastapi.security import HTTPBasic, HTTPBasicCredentials
  
app = FastAPI()

security = HTTPBasic()


@app.get("/users/me")
def read_current_user(credentials: HTTPBasicCredentials = Depends(security)):
    return {"username": credentials.username, "password": credentials.password}

works well with 0.14.1, i.e. status 200 is returned with the authenticating user, but with 0.14.2 status 401 is returned even when credentials are provided, ending you up in a login dialog loop. FastAPI version is 0.81.0

Issue Analytics

State:
Created a year ago
Comments:6 (6 by maintainers)

Top GitHub Comments

2reactions

pgjonescommented, Sep 4, 2022

Should now be fixed

1reaction

pgjonescommented, Sep 4, 2022

Yea, reverted in 68e832af53b55bcd7798eac1e84c974eb5753827. @thrau I think we need to discuss on https://github.com/django/asgiref/issues/246

Top Results From Across the Web

HTTP Basic Auth - FastAPI

In HTTP Basic Auth, the application expects a header that contains a username and a password. If it doesn't receive it, it returns...

How to use HTTP Basic Auth as separate FastAPI service?

Problem occurs when I try to move authorization to separate service and then use it within few other services with protected endpoints. I...

HTTP Basic auth does not correctly decode passwords if eg "Ä ...

I used the GitHub search to find a similar issue and didn't find it. I searched the FastAPI documentation, with the integrated search....

FastAPI — How to add basic and cookie authentication

fastapi-authz - PyPI

An authorization middleware for FastAPI that supports ACL, RBAC, ABAC, ... HTTP/1.1 403 Forbidden date: Mon, 01 Mar 2021 09:00:08 GMT server: uvicorn ......