Skip to content

Dependencies

fastauth.api.deps.require_auth async 

require_auth(user=Depends(get_current_user)) -> UserData

FastAPI dependency that enforces authentication.

Reads the access token from the Authorization: Bearer header or the configured access-token cookie (FastAuthConfig.cookie_name_access). Returns the current user record on success.

Example 
from fastapi import Depends
from fastauth.api.deps import require_auth
from fastauth.types import UserData

@app.get("/profile")
async def profile(user: UserData = Depends(require_auth)):
    return {"email": user["email"]}

Raises:

Type Description
HTTPException(401)

If no valid access token is present or the token is expired / malformed.

fastauth.api.deps.require_role 

require_role(role_name: str) -> Any

Return a FastAPI dependency that enforces a specific RBAC role.

The requesting user must be authenticated and have role_name assigned. RBAC must be configured — i.e. role_adapter must be set on the :class:~fastauth.app.FastAuth instance.

Parameters:

Name Type Description Default
role_name str

The role the user must hold (e.g. "admin").

 required
Example 
from fastauth.api.deps import require_role

@app.get("/admin")
async def admin_area(user: UserData = Depends(require_role("admin"))):
    return {"message": "Welcome, admin"}

Raises:

Type Description
HTTPException(401)

If the user is not authenticated.
HTTPException(403)

If the user does not hold role_name.
HTTPException(500)

If RBAC is not configured on the FastAuth instance.

fastauth.api.deps.require_permission 

require_permission(permission: str) -> Any

Return a FastAPI dependency that enforces a specific RBAC permission.

Checks that the authenticated user holds at least one role that includes permission. RBAC must be configured on the :class:~fastauth.app.FastAuth instance.

Parameters:

Name Type Description Default
permission str

The permission string to check (e.g. "reports:read").

 required
Example 
from fastauth.api.deps import require_permission

@app.get("/reports")
async def reports(user: UserData = Depends(require_permission("reports:read"))):
    return {"message": "Here are your reports"}

Raises:

Type Description
HTTPException(401)

If the user is not authenticated.
HTTPException(403)

If the user lacks permission.
HTTPException(500)

If RBAC is not configured on the FastAuth instance.