fastapi-auth-middleware icon indicating copy to clipboard operation
fastapi-auth-middleware copied to clipboard
verified publisher icon code-specialist

EndPoint requires x or y scope

Open dhernandezgt opened this issue 1 year ago • 0 comments

there are user with admin role, manager role and operator role, some endpoint are accessible if user is admin or manager which different response and other endpoint are exclusively for manager role however the admin can also access it.

poweruser endpoint is a condition were user has x and y roles and there is not a condition where @requires("admin" or "poweruser") can access with either user have x scope or y scope.

@app.get('/poweruser')  # Sample endpoint (secured)
@requires(["admin", "poweruser"])  # Requires the roles 'admin' and 'poweruser' (Will fail)
def poweruser(request: Request):
    return request.user  # Returns the user object that is injected into the request. The FastAPIUser in this case

can it have a develope for it please.

dhernandezgt avatar Mar 11 '24 05:03 dhernandezgt