我正在尝试在FastAPI的中间件中验证令牌,但这似乎是不可能的。我认为中间件需要进行下一步调用,尽管这并非必需。我无法找到任何好的解决方案,在这个Python-FastAPI后端一次性处理令牌。感谢任何帮助。
@app.middleware("http")
async def add_middleware_here(request: Request, call_next):
token = request.headers["Authorization"]
try:
verification_of_token = verify_token(token)
if verification_of_token:
response = await call_next(request)
return response
except InvalidSignatureError as er:
raise HTTPException(status_code=401)
你需要返回一个响应。我将向您展示如何使其工作:
from fastapi.responses import JSONResponse
@app.middleware("http")
async def add_middleware_here(request: Request, call_next):
token = request.headers["Authorization"]
try:
verification_of_token = verify_token(token)
if verification_of_token:
response = await call_next(request)
return response
else:
return JSONResponse(status_code=403) # or 401
except InvalidSignatureError as er:
return JSONResponse(status_code=401)
注意:使用此中间件意味着您的API上没有登录路由(用于生成令牌)。
此外,您应该考虑使用这个依赖项: https://fastapi.tiangolo.com/tutorial/security/simple-oauth2/
另一件事是您可以使用fastapi.status来设置状态码。
from fastapi.responses import JSONResponse
@app.middleware("http")
async def errors_handling(request: Request, call_next):
try:
return await call_next(request)
except Exception as exc:
return JSONResponse(status_code=500, content={'reason': str(exc)})