2025-10-02 02:04:19 +02:00
|
|
|
# Authentication
|
|
|
|
|
|
|
|
|
|
OhMyAPI comes bundled with a builtin authentication app.
|
|
|
|
|
Simply add `ohmyapi_auth` to your `INSTALLED_APPS` and configure a `JWT_SECRET`.
|
|
|
|
|
|
|
|
|
|
## Enable Auth App
|
|
|
|
|
|
|
|
|
|
`settings.py`:
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
INSTALLED_APPS = [
|
|
|
|
|
"ohmyapi_auth",
|
|
|
|
|
...
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
JWT_SECRET = "t0ps3cr3t"
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Remember to `makemigrations` and `migrate` to create the necessary database tables.
|
|
|
|
|
|
|
|
|
|
```
|
|
|
|
|
ohmyapi makemigrations
|
|
|
|
|
ohmyapi migrate
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
## Permissions
|
|
|
|
|
|
|
|
|
|
With the `ohmyapi_auth` app comes everything you need to implement API-level permissions.
|
|
|
|
|
Use FastAPI's `Depends` pattern in combination with either the provided or custom permissions.
|
|
|
|
|
|
|
|
|
|
```python
|
|
|
|
|
from ohmyapi.router import APIRouter, Depends
|
|
|
|
|
|
|
|
|
|
from ohmyapi_auth import (
|
|
|
|
|
models as auth,
|
|
|
|
|
permissions,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
router = APIRouter()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@router.get("/")
|
2025-10-11 13:12:48 +02:00
|
|
|
def get(user: auth.User = Depends(permissions.require_authenticated)):
|
2025-10-02 02:04:19 +02:00
|
|
|
...
|
|
|
|
|
```
|
