Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docs: Add guard example to JWT docs #3189

Open
BVengo opened this issue Mar 11, 2024 · 2 comments
Open

Docs: Add guard example to JWT docs #3189

BVengo opened this issue Mar 11, 2024 · 2 comments
Labels
Documentation 📚 This is related to documentation Good First Issue This is good for newcomers to take on Help Wanted 🆘 This is good for people to work on

Comments

@BVengo
Copy link

BVengo commented Mar 11, 2024
edited by polar-sh bot

Summary

Currently in the JWT docs there are a few references regarding how to access the 'User' object during and after being authenticated. These boil down to:

a) queried using the token
b) directly from the request (which can be easily assumed to be attached via retrieve_user_handler prior to going to the api path)

However there are other instances where user details need to be extracted from the connection object (such as in role-based guards).

def admin_guard(connection: ASGIConnection, _: BaseRouteHandler) -> None:
    if not connection.user.is_admin:
        raies NotAuthorizedException()

A gap in knowledge between the page on JWTs and guards is that it's not made entirely clear how user gets attached to connection. I would like to suggest that an example guard is added to the JWT docs with a comment explaining that the Auth object automatically attaches it for you based on the object returned from retrieve_user_handler.

It also isn't made abundantly clear that the TypeVar provided to the Auth object directly corresponds to the retrieve_user_handler. For a little while, I was actually setting the TypeVar based on my login response and wondering why it wasn't working. A silly mistake in hindsight, but I believe a simple comment could have saved me from it!

Note

While we are open for sponsoring on GitHub Sponsors and
OpenCollective, we also utilize Polar.sh to engage in pledge-based sponsorship.

Check out all issues funded or available for funding on our Polar.sh dashboard

  • If you would like to see an issue prioritized, make a pledge towards it!
  • We receive the pledge once the issue is completed & verified
  • This, along with engagement in the community, helps us know which features are a priority to our users.
Fund with Polar
@BVengo BVengo added the Documentation 📚 This is related to documentation label Mar 11, 2024
@JacobCoffee
Copy link
Member

Thanks @BVengo!

Would you like to open a PR to fix? No biggie if not, just inviting to contribute :)

@BVengo
Copy link
Author

BVengo commented Mar 13, 2024

Would love to when I get the next chance, but won't complain if someone beats me :)

Appreciate the big focus on making contributions accessible for everyone in this project.

@JacobCoffee JacobCoffee added Help Wanted 🆘 This is good for people to work on Good First Issue This is good for newcomers to take on labels Mar 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Documentation 📚 This is related to documentation Good First Issue This is good for newcomers to take on Help Wanted 🆘 This is good for people to work on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@BVengo @JacobCoffee