diff --git a/.github/workflows/latest-changes.yml b/.github/workflows/latest-changes.yml
index 3bff707c0..b9e45ea62 100644
--- a/.github/workflows/latest-changes.yml
+++ b/.github/workflows/latest-changes.yml
@@ -24,7 +24,9 @@ jobs:
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
run: echo "$GITHUB_CONTEXT"
- - uses: actions/checkout@v6
+ # pin to actions/checkout@v5 for compatibility with latest-changes
+ # Ref: https://github.com/actions/checkout/issues/2313
+ - uses: actions/checkout@v5
with:
# To allow latest-changes to commit to the main branch
token: ${{ secrets.FASTAPI_LATEST_CHANGES }}
@@ -34,7 +36,7 @@ jobs:
if: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled == 'true' }}
with:
limit-access-to-actor: true
- - uses: tiangolo/latest-changes@0.4.0
+ - uses: tiangolo/latest-changes@0.4.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
latest_changes_file: docs/en/docs/release-notes.md
diff --git a/README.md b/README.md
index 9864fa1ef..a42cedae6 100644
--- a/README.md
+++ b/README.md
@@ -40,7 +40,7 @@ The key features are:
* **Robust**: Get production-ready code. With automatic interactive documentation.
* **Standards-based**: Based on (and fully compatible with) the open standards for APIs: OpenAPI (previously known as Swagger) and JSON Schema.
-* estimation based on tests on an internal development team, building production applications.
+* estimation based on tests conducted by an internal development team, building production applications.
## Sponsors
@@ -61,6 +61,7 @@ The key features are:
+
diff --git a/docs/de/docs/_llm-test.md b/docs/de/docs/_llm-test.md
index 72846ef06..3a95f42e8 100644
--- a/docs/de/docs/_llm-test.md
+++ b/docs/de/docs/_llm-test.md
@@ -443,7 +443,7 @@ Für einige sprachspezifische Anweisungen, siehe z. B. den Abschnitt `### Headin
* die Workload
* das Deployment
-* bereitstellen
+* deployen
* das SDK
* das Software Development Kit
diff --git a/docs/de/docs/advanced/advanced-dependencies.md b/docs/de/docs/advanced/advanced-dependencies.md
index 2254dcf53..e60df2883 100644
--- a/docs/de/docs/advanced/advanced-dependencies.md
+++ b/docs/de/docs/advanced/advanced-dependencies.md
@@ -144,7 +144,7 @@ Dies wurde in Version 0.110.0 geändert, um unbehandelten Speicherverbrauch durc
### Hintergrundtasks und Abhängigkeiten mit `yield`, Technische Details { #background-tasks-and-dependencies-with-yield-technical-details }
-Vor FastAPI 0.106.0 war das Werfen von Exceptions nach `yield` nicht möglich, der Exit-Code in Abhängigkeiten mit `yield` wurde ausgeführt, nachdem die Response gesendet wurde, sodass [Exceptionhandler](../handling-errors.md#install-custom-exception-handlers){.internal-link target=_blank} bereits ausgeführt worden wären.
+Vor FastAPI 0.106.0 war das Werfen von Exceptions nach `yield` nicht möglich, der Exit-Code in Abhängigkeiten mit `yield` wurde ausgeführt, nachdem die Response gesendet wurde, sodass [Exceptionhandler](../tutorial/handling-errors.md#install-custom-exception-handlers){.internal-link target=_blank} bereits ausgeführt worden wären.
Dies war so designt, hauptsächlich um die Verwendung derselben von Abhängigkeiten „geyieldeten“ Objekte in Hintergrundtasks zu ermöglichen, da der Exit-Code erst ausgeführt wurde, nachdem die Hintergrundtasks abgeschlossen waren.
diff --git a/docs/de/docs/advanced/behind-a-proxy.md b/docs/de/docs/advanced/behind-a-proxy.md
index 036916cbe..183d0beee 100644
--- a/docs/de/docs/advanced/behind-a-proxy.md
+++ b/docs/de/docs/advanced/behind-a-proxy.md
@@ -64,7 +64,7 @@ Wenn Sie mehr über HTTPS erfahren möchten, lesen Sie den Leitfaden [Über HTTP
///
-### Wie Proxy-Forwarded-Header funktionieren
+### Wie Proxy-Forwarded-Header funktionieren { #how-proxy-forwarded-headers-work }
Hier ist eine visuelle Darstellung, wie der **Proxy** weitergeleitete Header zwischen dem Client und dem **Anwendungsserver** hinzufügt:
@@ -228,7 +228,7 @@ Die Übergabe des `root_path` an `FastAPI` wäre das Äquivalent zur Übergabe d
Beachten Sie, dass der Server (Uvicorn) diesen `root_path` für nichts anderes verwendet als für die Weitergabe an die Anwendung.
-Aber wenn Sie mit Ihrem Browser auf http://127.0.0.1:8000/app gehen, sehen Sie die normale Response:
+Aber wenn Sie mit Ihrem Browser auf http://127.0.0.1:8000/app gehen, sehen Sie die normale Response:
```JSON
{
@@ -443,6 +443,14 @@ Die Dokumentationsoberfläche interagiert mit dem von Ihnen ausgewählten Server
///
+/// note | Technische Details
+
+Die Eigenschaft `servers` in der OpenAPI-Spezifikation ist optional.
+
+Wenn Sie den Parameter `servers` nicht angeben und `root_path` den Wert `/` hat, wird die Eigenschaft `servers` im generierten OpenAPI-Schema standardmäßig vollständig weggelassen, was dem Äquivalent eines einzelnen Servers mit einem `url`-Wert von `/` entspricht.
+
+///
+
### Den automatischen Server von `root_path` deaktivieren { #disable-automatic-server-from-root-path }
Wenn Sie nicht möchten, dass **FastAPI** einen automatischen Server inkludiert, welcher `root_path` verwendet, können Sie den Parameter `root_path_in_servers=False` verwenden:
diff --git a/docs/de/docs/deployment/cloud.md b/docs/de/docs/deployment/cloud.md
index ca1ba3b3b..ad3ff76db 100644
--- a/docs/de/docs/deployment/cloud.md
+++ b/docs/de/docs/deployment/cloud.md
@@ -1,16 +1,24 @@
-# FastAPI bei Cloudanbietern bereitstellen { #deploy-fastapi-on-cloud-providers }
+# FastAPI bei Cloudanbietern deployen { #deploy-fastapi-on-cloud-providers }
Sie können praktisch **jeden Cloudanbieter** verwenden, um Ihre FastAPI-Anwendung bereitzustellen.
-In den meisten Fällen bieten die großen Cloudanbieter Anleitungen zum Bereitstellen von FastAPI an.
+In den meisten Fällen bieten die großen Cloudanbieter Anleitungen zum Deployment von FastAPI an.
+
+## FastAPI Cloud { #fastapi-cloud }
+
+**FastAPI Cloud** wurde vom selben Autor und Team hinter **FastAPI** entwickelt.
+
+Es vereinfacht den Prozess des **Erstellens**, **Deployens** und **Zugreifens** auf eine API mit minimalem Aufwand.
+
+Es bringt die gleiche **Developer-Experience** beim Erstellen von Apps mit FastAPI auch zum **Deployment** in der Cloud. 🎉
+
+FastAPI Cloud ist der Hauptsponsor und Finanzierungsgeber für die *FastAPI and friends* Open-Source-Projekte. ✨
## Cloudanbieter – Sponsoren { #cloud-providers-sponsors }
-Einige Cloudanbieter ✨ [**sponsern FastAPI**](../help-fastapi.md#sponsor-the-author){.internal-link target=_blank} ✨, dies stellt die kontinuierliche und gesunde **Entwicklung** von FastAPI und seinem **Ökosystem** sicher.
+Einige andere Cloudanbieter ✨ [**sponsern FastAPI**](../help-fastapi.md#sponsor-the-author){.internal-link target=_blank} ✨ ebenfalls. 🙇
-Und es zeigt ihr wahres Engagement für FastAPI und seine **Community** (Sie), da sie Ihnen nicht nur einen **guten Service** bieten möchten, sondern auch sicherstellen möchten, dass Sie ein **gutes und gesundes Framework**, FastAPI, haben. 🙇
-
-Vielleicht möchten Sie deren Dienste ausprobieren und deren Anleitungen folgen:
+Sie könnten diese ebenfalls in Betracht ziehen, deren Anleitungen folgen und ihre Dienste ausprobieren:
* Render
* Railway
diff --git a/docs/de/docs/deployment/concepts.md b/docs/de/docs/deployment/concepts.md
index ef0f458a7..dde922805 100644
--- a/docs/de/docs/deployment/concepts.md
+++ b/docs/de/docs/deployment/concepts.md
@@ -1,6 +1,6 @@
# Deployment-Konzepte { #deployments-concepts }
-Bei dem Deployment – der Bereitstellung – einer **FastAPI**-Anwendung, oder eigentlich jeder Art von Web-API, gibt es mehrere Konzepte, die Sie wahrscheinlich interessieren, und mithilfe der Sie die **am besten geeignete** Methode zur **Bereitstellung Ihrer Anwendung** finden können.
+Bei dem Deployment – der Bereitstellung – einer **FastAPI**-Anwendung, oder eigentlich jeder Art von Web-API, gibt es mehrere Konzepte, die Sie wahrscheinlich interessieren, und mithilfe der Sie die **am besten geeignete** Methode zum **Deployment Ihrer Anwendung** finden können.
Einige wichtige Konzepte sind:
@@ -15,11 +15,11 @@ Wir werden sehen, wie diese sich auf das **Deployment** auswirken.
Letztendlich besteht das ultimative Ziel darin, **Ihre API-Clients** auf **sichere** Weise zu versorgen, um **Unterbrechungen** zu vermeiden und die **Rechenressourcen** (z. B. entfernte Server/virtuelle Maschinen) so effizient wie möglich zu nutzen. 🚀
-Ich erzähle Ihnen hier etwas mehr über diese **Konzepte**, was Ihnen hoffentlich die **Intuition** gibt, die Sie benötigen, um zu entscheiden, wie Sie Ihre API in sehr unterschiedlichen Umgebungen bereitstellen, möglicherweise sogar in **zukünftigen**, die jetzt noch nicht existieren.
+Ich erzähle Ihnen hier etwas mehr über diese **Konzepte**, was Ihnen hoffentlich die **Intuition** gibt, die Sie benötigen, um zu entscheiden, wie Sie Ihre API in sehr unterschiedlichen Umgebungen deployen, möglicherweise sogar in **zukünftigen**, die jetzt noch nicht existieren.
-Durch die Berücksichtigung dieser Konzepte können Sie die beste Variante der Bereitstellung **Ihrer eigenen APIs** **evaluieren und konzipieren**.
+Durch die Berücksichtigung dieser Konzepte können Sie die beste Variante des Deployments **Ihrer eigenen APIs** **evaluieren und konzipieren**.
-In den nächsten Kapiteln werde ich Ihnen mehr **konkrete Rezepte** für die Bereitstellung von FastAPI-Anwendungen geben.
+In den nächsten Kapiteln werde ich Ihnen mehr **konkrete Rezepte** für das Deployment von FastAPI-Anwendungen geben.
Aber schauen wir uns zunächst einmal diese grundlegenden **konzeptionellen Ideen** an. Diese Konzepte gelten auch für jede andere Art von Web-API. 💡
@@ -271,7 +271,7 @@ In diesem Fall müssen Sie sich darüber keine Sorgen machen. 🤷
### Beispiele für Strategien für Vorab-Schritte { #examples-of-previous-steps-strategies }
-Es hängt **stark** davon ab, wie Sie **Ihr System bereitstellen**, und hängt wahrscheinlich mit der Art und Weise zusammen, wie Sie Programme starten, Neustarts durchführen, usw.
+Es hängt **stark** davon ab, wie Sie **Ihr System deployen**, und hängt wahrscheinlich mit der Art und Weise zusammen, wie Sie Programme starten, Neustarts durchführen, usw.
Hier sind einige mögliche Ideen:
@@ -307,7 +307,7 @@ Sie können einfache Tools wie `htop` verwenden, um die in Ihrem Server verwende
## Zusammenfassung { #recap }
-Sie haben hier einige der wichtigsten Konzepte gelesen, die Sie wahrscheinlich berücksichtigen müssen, wenn Sie entscheiden, wie Sie Ihre Anwendung bereitstellen:
+Sie haben hier einige der wichtigsten Konzepte gelesen, die Sie wahrscheinlich berücksichtigen müssen, wenn Sie entscheiden, wie Sie Ihre Anwendung deployen:
* Sicherheit – HTTPS
* Beim Hochfahren ausführen
diff --git a/docs/de/docs/deployment/docker.md b/docs/de/docs/deployment/docker.md
index 52ac99913..d4b74635d 100644
--- a/docs/de/docs/deployment/docker.md
+++ b/docs/de/docs/deployment/docker.md
@@ -1,6 +1,6 @@
# FastAPI in Containern – Docker { #fastapi-in-containers-docker }
-Beim Deployment von FastAPI-Anwendungen besteht ein gängiger Ansatz darin, ein **Linux-Containerimage** zu erstellen. Normalerweise erfolgt dies mit **Docker**. Sie können dieses Containerimage dann auf eine von mehreren möglichen Arten bereitstellen.
+Beim Deployment von FastAPI-Anwendungen besteht ein gängiger Ansatz darin, ein **Linux-Containerimage** zu erstellen. Normalerweise erfolgt dies mit **Docker**. Sie können dieses Containerimage dann auf eine von mehreren möglichen Arten deployen.
Die Verwendung von Linux-Containern bietet mehrere Vorteile, darunter **Sicherheit**, **Replizierbarkeit**, **Einfachheit** und andere.
@@ -40,7 +40,7 @@ Linux-Container werden mit demselben Linux-Kernel des Hosts (Maschine, virtuelle
Auf diese Weise verbrauchen Container **wenig Ressourcen**, eine Menge vergleichbar mit der direkten Ausführung der Prozesse (eine virtuelle Maschine würde viel mehr verbrauchen).
-Container verfügen außerdem über ihre eigenen **isoliert** laufenden Prozesse (üblicherweise nur einen Prozess), über ihr eigenes Dateisystem und ihr eigenes Netzwerk, was die Bereitstellung, Sicherheit, Entwicklung usw. vereinfacht.
+Container verfügen außerdem über ihre eigenen **isoliert** laufenden Prozesse (üblicherweise nur einen Prozess), über ihr eigenes Dateisystem und ihr eigenes Netzwerk, was Deployment, Sicherheit, Entwicklung usw. vereinfacht.
## Was ist ein Containerimage { #what-is-a-container-image }
@@ -598,7 +598,7 @@ Zum Beispiel:
* Mit einem **Kubernetes**-Cluster
* Mit einem Docker Swarm Mode-Cluster
* Mit einem anderen Tool wie Nomad
-* Mit einem Cloud-Dienst, der Ihr Containerimage nimmt und es bereitstellt
+* Mit einem Cloud-Dienst, der Ihr Containerimage nimmt und es deployt
## Docker-Image mit `uv` { #docker-image-with-uv }
diff --git a/docs/de/docs/deployment/fastapicloud.md b/docs/de/docs/deployment/fastapicloud.md
new file mode 100644
index 000000000..18c3bb8a4
--- /dev/null
+++ b/docs/de/docs/deployment/fastapicloud.md
@@ -0,0 +1,65 @@
+# FastAPI Cloud { #fastapi-cloud }
+
+Sie können Ihre FastAPI-App in der FastAPI Cloud mit **einem einzigen Befehl** deployen – tragen Sie sich in die Warteliste ein, falls noch nicht geschehen. 🚀
+
+## Anmelden { #login }
+
+Stellen Sie sicher, dass Sie bereits ein **FastAPI-Cloud-Konto** haben (wir haben Sie von der Warteliste eingeladen 😉).
+
+Melden Sie sich dann an:
+
+
+
+```console
+$ fastapi login
+
+You are logged in to FastAPI Cloud 🚀
+```
+
+
+
+## Deployen { #deploy }
+
+Stellen Sie Ihre App jetzt mit **einem einzigen Befehl** bereit:
+
+
+
+```console
+$ fastapi deploy
+
+Deploying to FastAPI Cloud...
+
+✅ Deployment successful!
+
+🐔 Ready the chicken! Your app is ready at https://myapp.fastapicloud.dev
+```
+
+
+
+Das war’s! Jetzt können Sie Ihre App unter dieser URL aufrufen. ✨
+
+## Über FastAPI Cloud { #about-fastapi-cloud }
+
+**FastAPI Cloud** wird vom gleichen Autor und Team hinter **FastAPI** entwickelt.
+
+Es vereinfacht den Prozess des **Erstellens**, **Deployens** und **Nutzens** einer API mit minimalem Aufwand.
+
+Es bringt die gleiche **Developer-Experience** beim Erstellen von Apps mit FastAPI auch zum **Deployment** in der Cloud. 🎉
+
+Es kümmert sich außerdem um das meiste, was beim Deployen einer App nötig ist, zum Beispiel:
+
+* HTTPS
+* Replikation, mit Autoscaling basierend auf Requests
+* usw.
+
+FastAPI Cloud ist Hauptsponsor und Finanzierer der Open-Source-Projekte *FastAPI and friends*. ✨
+
+## Bei anderen Cloudanbietern deployen { #deploy-to-other-cloud-providers }
+
+FastAPI ist Open Source und basiert auf Standards. Sie können FastAPI-Apps bei jedem Cloudanbieter Ihrer Wahl deployen.
+
+Folgen Sie den Anleitungen Ihres Cloudanbieters, um dort FastAPI-Apps zu deployen. 🤓
+
+## Auf den eigenen Server deployen { #deploy-your-own-server }
+
+Ich werde Ihnen später in diesem **Deployment-Leitfaden** auch alle Details zeigen, sodass Sie verstehen, was passiert, was geschehen muss und wie Sie FastAPI-Apps selbst deployen können, auch auf Ihre eigenen Server. 🤓
diff --git a/docs/de/docs/deployment/index.md b/docs/de/docs/deployment/index.md
index 65c76edce..cb3e53746 100644
--- a/docs/de/docs/deployment/index.md
+++ b/docs/de/docs/deployment/index.md
@@ -14,7 +14,9 @@ Das steht im Gegensatz zu den **Entwicklungsphasen**, in denen Sie ständig den
Es gibt mehrere Möglichkeiten, dies zu tun, abhängig von Ihrem spezifischen Anwendungsfall und den von Ihnen verwendeten Tools.
-Sie könnten mithilfe einer Kombination von Tools selbst **einen Server bereitstellen**, Sie könnten einen **Cloud-Dienst** nutzen, der einen Teil der Arbeit für Sie erledigt, oder andere mögliche Optionen.
+Sie könnten mithilfe einer Kombination von Tools selbst **einen Server deployen**, Sie könnten einen **Cloud-Dienst** nutzen, der einen Teil der Arbeit für Sie erledigt, oder andere mögliche Optionen.
+
+Zum Beispiel haben wir, das Team hinter FastAPI, **FastAPI Cloud** entwickelt, um das Deployment von FastAPI-Apps in der Cloud so reibungslos wie möglich zu gestalten, mit derselben Developer-Experience wie beim Arbeiten mit FastAPI.
Ich zeige Ihnen einige der wichtigsten Konzepte, die Sie beim Deployment einer **FastAPI**-Anwendung wahrscheinlich berücksichtigen sollten (obwohl das meiste davon auch für jede andere Art von Webanwendung gilt).
diff --git a/docs/de/docs/deployment/server-workers.md b/docs/de/docs/deployment/server-workers.md
index 169ed822b..7b68f1b1a 100644
--- a/docs/de/docs/deployment/server-workers.md
+++ b/docs/de/docs/deployment/server-workers.md
@@ -11,7 +11,7 @@ Schauen wir uns die Deployment-Konzepte von früher noch einmal an:
Bis zu diesem Punkt, in allen Tutorials in der Dokumentation, haben Sie wahrscheinlich ein **Serverprogramm** ausgeführt, zum Beispiel mit dem `fastapi`-Befehl, der Uvicorn startet, und einen **einzelnen Prozess** ausführt.
-Wenn Sie Anwendungen bereitstellen, möchten Sie wahrscheinlich eine gewisse **Replikation von Prozessen**, um **mehrere Kerne** zu nutzen und mehr Requests bearbeiten zu können.
+Wenn Sie Anwendungen deployen, möchten Sie wahrscheinlich eine gewisse **Replikation von Prozessen**, um **mehrere Kerne** zu nutzen und mehr Requests bearbeiten zu können.
Wie Sie im vorherigen Kapitel über [Deployment-Konzepte](concepts.md){.internal-link target=_blank} gesehen haben, gibt es mehrere Strategien, die Sie anwenden können.
diff --git a/docs/de/docs/fastapi-cli.md b/docs/de/docs/fastapi-cli.md
index ab9c8373e..86a797a9e 100644
--- a/docs/de/docs/fastapi-cli.md
+++ b/docs/de/docs/fastapi-cli.md
@@ -66,7 +66,7 @@ Das Ausführen von `fastapi run` startet FastAPI standardmäßig im Produktionsm
Standardmäßig ist **Autoreload** deaktiviert. Es horcht auch auf der IP-Adresse `0.0.0.0`, was alle verfügbaren IP-Adressen bedeutet, so wird es öffentlich zugänglich für jeden, der mit der Maschine kommunizieren kann. So würden Sie es normalerweise in der Produktion ausführen, beispielsweise in einem Container.
-In den meisten Fällen würden (und sollten) Sie einen „Terminierungsproxy“ haben, der HTTPS für Sie verwaltet. Dies hängt davon ab, wie Sie Ihre Anwendung bereitstellen. Ihr Anbieter könnte dies für Sie erledigen, oder Sie müssen es selbst einrichten.
+In den meisten Fällen würden (und sollten) Sie einen „Terminierungsproxy“ haben, der HTTPS für Sie verwaltet. Dies hängt davon ab, wie Sie Ihre Anwendung deployen. Ihr Anbieter könnte dies für Sie erledigen, oder Sie müssen es selbst einrichten.
/// tip | Tipp
diff --git a/docs/de/docs/how-to/authentication-error-status-code.md b/docs/de/docs/how-to/authentication-error-status-code.md
new file mode 100644
index 000000000..c743b54d9
--- /dev/null
+++ b/docs/de/docs/how-to/authentication-error-status-code.md
@@ -0,0 +1,17 @@
+# Alte 403-Authentifizierungsfehler-Statuscodes verwenden { #use-old-403-authentication-error-status-codes }
+
+Vor FastAPI-Version `0.122.0` verwendeten die integrierten Sicherheits-Utilities den HTTP-Statuscode `403 Forbidden`, wenn sie dem Client nach einer fehlgeschlagenen Authentifizierung einen Fehler zurückgaben.
+
+Ab FastAPI-Version `0.122.0` verwenden sie den passenderen HTTP-Statuscode `401 Unauthorized` und geben in der Response einen sinnvollen `WWW-Authenticate`-Header zurück, gemäß den HTTP-Spezifikationen, RFC 7235, RFC 9110.
+
+Aber falls Ihre Clients aus irgendeinem Grund vom alten Verhalten abhängen, können Sie darauf zurückgreifen, indem Sie in Ihren Sicherheitsklassen die Methode `make_not_authenticated_error` überschreiben.
+
+Sie können beispielsweise eine Unterklasse von `HTTPBearer` erstellen, die einen Fehler `403 Forbidden` zurückgibt, statt des Default-`401 Unauthorized`-Fehlers:
+
+{* ../../docs_src/authentication_error_status_code/tutorial001_an_py39.py hl[9:13] *}
+
+/// tip | Tipp
+
+Beachten Sie, dass die Funktion die Exception-Instanz zurückgibt; sie wirft sie nicht. Das Werfen erfolgt im restlichen internen Code.
+
+///
diff --git a/docs/de/docs/index.md b/docs/de/docs/index.md
index 4be65071b..efa34652c 100644
--- a/docs/de/docs/index.md
+++ b/docs/de/docs/index.md
@@ -46,20 +46,26 @@ Seine Schlüssel-Merkmale sind:
* **Robust**: Erhalten Sie produktionsreifen Code. Mit automatischer, interaktiver Dokumentation.
* **Standards-basiert**: Basierend auf (und vollständig kompatibel mit) den offenen Standards für APIs: OpenAPI (früher bekannt als Swagger) und JSON Schema.
-* Schätzung basierend auf Tests in einem internen Entwicklungsteam, das Produktionsanwendungen erstellt.
+* Schätzung basierend auf Tests, die von einem internen Entwicklungsteam durchgeführt wurden, das Produktionsanwendungen erstellt.
## Sponsoren { #sponsors }
-{% if sponsors %}
+### Keystone-Sponsor
+
+{% for sponsor in sponsors.keystone -%}
+
+{% endfor -%}
+
+### Gold- und Silber-Sponsoren
+
{% for sponsor in sponsors.gold -%}
{% endfor -%}
{%- for sponsor in sponsors.silver -%}
{% endfor %}
-{% endif %}
@@ -444,6 +450,58 @@ Für ein vollständigeres Beispiel, mit weiteren Funktionen, siehe das FastAPI Cloud deployen, treten Sie der Warteliste bei, falls noch nicht geschehen. 🚀
+
+Wenn Sie bereits ein **FastAPI Cloud**-Konto haben (wir haben Sie von der Warteliste eingeladen 😉), können Sie Ihre Anwendung mit einem einzigen Befehl deployen.
+
+Stellen Sie vor dem Deployen sicher, dass Sie eingeloggt sind:
+
+
+
+```console
+$ fastapi login
+
+You are logged in to FastAPI Cloud 🚀
+```
+
+
+
+Stellen Sie dann Ihre App bereit:
+
+
+
+```console
+$ fastapi deploy
+
+Deploying to FastAPI Cloud...
+
+✅ Deployment successful!
+
+🐔 Ready the chicken! Your app is ready at https://myapp.fastapicloud.dev
+```
+
+
+
+Das war’s! Jetzt können Sie unter dieser URL auf Ihre App zugreifen. ✨
+
+#### Über FastAPI Cloud { #about-fastapi-cloud }
+
+**FastAPI Cloud** wird vom selben Autor und Team hinter **FastAPI** entwickelt.
+
+Es vereinfacht den Prozess des **Erstellens**, **Deployens** und **Zugreifens** auf eine API mit minimalem Aufwand.
+
+Es bringt die gleiche **Developer-Experience** beim Erstellen von Apps mit FastAPI auch zum **Deployment** in der Cloud. 🎉
+
+FastAPI Cloud ist der Hauptsponsor und Finanzierer der „FastAPI and friends“ Open-Source-Projekte. ✨
+
+#### Bei anderen Cloudanbietern deployen { #deploy-to-other-cloud-providers }
+
+FastAPI ist Open Source und basiert auf Standards. Sie können FastAPI-Apps bei jedem Cloudanbieter Ihrer Wahl deployen.
+
+Folgen Sie den Anleitungen Ihres Cloudanbieters, um FastAPI-Apps dort bereitzustellen. 🤓
+
## Performanz { #performance }
Unabhängige TechEmpower-Benchmarks zeigen **FastAPI**-Anwendungen, die unter Uvicorn laufen, als eines der schnellsten verfügbaren Python-Frameworks, nur hinter Starlette und Uvicorn selbst (intern von FastAPI verwendet). (*)
diff --git a/docs/de/docs/project-generation.md b/docs/de/docs/project-generation.md
index e6da4949c..f830f0f4d 100644
--- a/docs/de/docs/project-generation.md
+++ b/docs/de/docs/project-generation.md
@@ -25,4 +25,4 @@ GitHub-Repository: FastAPI Cloud deployen, treten Sie der Warteliste bei, falls Sie es noch nicht getan haben. 🚀
+
+Wenn Sie bereits ein **FastAPI Cloud**-Konto haben (wir haben Sie von der Warteliste eingeladen 😉), können Sie Ihre Anwendung mit einem Befehl deployen.
+
+Vor dem Deployen, stellen Sie sicher, dass Sie eingeloggt sind:
+
+
+
+```console
+$ fastapi login
+
+You are logged in to FastAPI Cloud 🚀
+```
+
+
+
+Dann stellen Sie Ihre App bereit:
+
+
+
+```console
+$ fastapi deploy
+
+Deploying to FastAPI Cloud...
+
+✅ Deployment successful!
+
+🐔 Ready the chicken! Your app is ready at https://myapp.fastapicloud.dev
+```
+
+
+
+Das war's! Jetzt können Sie Ihre App unter dieser URL aufrufen. ✨
+
## Zusammenfassung, Schritt für Schritt { #recap-step-by-step }
### Schritt 1: `FastAPI` importieren { #step-1-import-fastapi }
@@ -314,6 +350,26 @@ Sie können auch Pydantic-Modelle zurückgeben (dazu später mehr).
Es gibt viele andere Objekte und Modelle, die automatisch zu JSON konvertiert werden (einschließlich ORMs, usw.). Versuchen Sie, Ihre Lieblingsobjekte zu verwenden. Es ist sehr wahrscheinlich, dass sie bereits unterstützt werden.
+### Schritt 6: Deployen { #step-6-deploy-it }
+
+Stellen Sie Ihre App in der **FastAPI Cloud** mit einem Befehl bereit: `fastapi deploy`. 🎉
+
+#### Über FastAPI Cloud { #about-fastapi-cloud }
+
+**FastAPI Cloud** wird vom selben Autor und Team hinter **FastAPI** entwickelt.
+
+Es vereinfacht den Prozess des Erstellens, Deployens und des Zugriffs auf eine API mit minimalem Aufwand.
+
+Es bringt die gleiche **Developer-Experience** beim Erstellen von Apps mit FastAPI auch zum **Deployment** in der Cloud. 🎉
+
+FastAPI Cloud ist der Hauptsponsor und Finanzierer der „FastAPI and friends“ Open-Source-Projekte. ✨
+
+#### Zu anderen Cloudanbietern deployen { #deploy-to-other-cloud-providers }
+
+FastAPI ist Open Source und basiert auf Standards. Sie können FastAPI-Apps bei jedem Cloudanbieter Ihrer Wahl deployen.
+
+Folgen Sie den Anleitungen Ihres Cloudanbieters, um dort FastAPI-Apps bereitzustellen. 🤓
+
## Zusammenfassung { #recap }
* Importieren Sie `FastAPI`.
@@ -321,3 +377,4 @@ Es gibt viele andere Objekte und Modelle, die automatisch zu JSON konvertiert we
* Schreiben Sie einen **Pfadoperation-Dekorator** unter Verwendung von Dekoratoren wie `@app.get("/")`.
* Definieren Sie eine **Pfadoperation-Funktion**, zum Beispiel `def root(): ...`.
* Starten Sie den Entwicklungsserver mit dem Befehl `fastapi dev`.
+* Optional: Ihre App mit `fastapi deploy` deployen.
diff --git a/docs/de/docs/tutorial/sql-databases.md b/docs/de/docs/tutorial/sql-databases.md
index cf9731aee..3af4ecdfc 100644
--- a/docs/de/docs/tutorial/sql-databases.md
+++ b/docs/de/docs/tutorial/sql-databases.md
@@ -65,7 +65,7 @@ Es gibt ein paar Unterschiede:
* `Field(primary_key=True)` sagt SQLModel, dass die `id` der **Primärschlüssel** in der SQL-Datenbank ist (Sie können mehr über SQL-Primärschlüssel in der SQLModel-Dokumentation erfahren).
- Durch das Festlegen des Typs als `int | None` wird SQLModel wissen, dass diese Spalte ein `INTEGER` in der SQL-Datenbank sein sollte und dass sie `NULLABLE` sein sollte.
+ **Hinweis:** Wir verwenden für das Primärschlüsselfeld `int | None`, damit wir im Python-Code *ein Objekt ohne `id` erstellen* können (`id=None`), in der Annahme, dass die Datenbank sie *beim Speichern generiert*. SQLModel versteht, dass die Datenbank die `id` bereitstellt, und *definiert die Spalte im Datenbankschema als ein Nicht-Null-`INTEGER`*. Siehe die SQLModel-Dokumentation zu Primärschlüsseln für Details.
* `Field(index=True)` sagt SQLModel, dass es einen **SQL-Index** für diese Spalte erstellen soll, was schnelleres Suchen in der Datenbank ermöglicht, wenn Daten mittels dieser Spalte gefiltert werden.
diff --git a/docs/de/docs/virtual-environments.md b/docs/de/docs/virtual-environments.md
index 497f1b44d..11da496c5 100644
--- a/docs/de/docs/virtual-environments.md
+++ b/docs/de/docs/virtual-environments.md
@@ -242,6 +242,26 @@ $ python -m pip install --upgrade pip
+/// tip | Tipp
+
+Manchmal kann beim Versuch, `pip` zu aktualisieren, der Fehler **`No module named pip`** auftreten.
+
+Wenn das passiert, installieren und aktualisieren Sie `pip` mit dem folgenden Befehl:
+
+
+
+```console
+$ python -m ensurepip --upgrade
+
+---> 100%
+```
+
+
+
+Dieser Befehl installiert `pip`, falls es noch nicht installiert ist, und stellt außerdem sicher, dass die installierte Version von `pip` mindestens so aktuell ist wie die in `ensurepip` verfügbare.
+
+///
+
## `.gitignore` hinzufügen { #add-gitignore }
Wenn Sie **Git** verwenden (was Sie sollten), fügen Sie eine `.gitignore`-Datei hinzu, um alles in Ihrem `.venv` von Git auszuschließen.
diff --git a/docs/de/llm-prompt.md b/docs/de/llm-prompt.md
index df202d2ff..5df904ac7 100644
--- a/docs/de/llm-prompt.md
+++ b/docs/de/llm-prompt.md
@@ -255,6 +255,7 @@ Below is a list of English terms and their preferred German translations, separa
* «the default value»: «der Defaultwert»
* «the default value»: NOT «der Standardwert»
* «the default declaration»: «die Default-Deklaration»
+* «the deployment»: «das Deployment»
* «the dict»: «das Dict»
* «the dictionary»: «das Dictionary»
* «the enumeration»: «die Enumeration»
@@ -316,6 +317,7 @@ Below is a list of English terms and their preferred German translations, separa
* «the worker process»: «der Workerprozess»
* «the worker process»: NOT «der Arbeiterprozess»
* «to commit»: «committen»
+* «to deploy» (in the cloud): «deployen»
* «to modify»: «ändern»
* «to serve» (an application): «bereitstellen»
* «to serve» (a response): «ausliefern»
diff --git a/docs/en/data/contributors.yml b/docs/en/data/contributors.yml
index 592c79af0..163dc68e3 100644
--- a/docs/en/data/contributors.yml
+++ b/docs/en/data/contributors.yml
@@ -1,21 +1,21 @@
tiangolo:
login: tiangolo
- count: 794
+ count: 808
avatarUrl: https://avatars.githubusercontent.com/u/1326112?u=cb5d06e73a9e1998141b1641aa88e443c6717651&v=4
url: https://github.com/tiangolo
dependabot:
login: dependabot
- count: 126
+ count: 130
avatarUrl: https://avatars.githubusercontent.com/in/29110?v=4
url: https://github.com/apps/dependabot
alejsdev:
login: alejsdev
count: 52
- avatarUrl: https://avatars.githubusercontent.com/u/90076947?u=447d12a1b347f466b35378bee4c7104cc9b2c571&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/90076947?u=85ceac49fb87138aebe8d663912e359447329090&v=4
url: https://github.com/alejsdev
pre-commit-ci:
login: pre-commit-ci
- count: 49
+ count: 50
avatarUrl: https://avatars.githubusercontent.com/in/68672?v=4
url: https://github.com/apps/pre-commit-ci
github-actions:
@@ -28,31 +28,31 @@ Kludex:
count: 25
avatarUrl: https://avatars.githubusercontent.com/u/7353520?u=df8a3f06ba8f55ae1967a3e2d5ed882903a4e330&v=4
url: https://github.com/Kludex
+YuriiMotov:
+ login: YuriiMotov
+ count: 20
+ avatarUrl: https://avatars.githubusercontent.com/u/109919500?u=b9b13d598dddfab529a52d264df80a900bfe7060&v=4
+ url: https://github.com/YuriiMotov
dmontagu:
login: dmontagu
count: 17
avatarUrl: https://avatars.githubusercontent.com/u/35119617?u=540f30c937a6450812628b9592a1dfe91bbe148e&v=4
url: https://github.com/dmontagu
-YuriiMotov:
- login: YuriiMotov
- count: 15
- avatarUrl: https://avatars.githubusercontent.com/u/109919500?u=b9b13d598dddfab529a52d264df80a900bfe7060&v=4
- url: https://github.com/YuriiMotov
nilslindemann:
login: nilslindemann
- count: 14
+ count: 15
avatarUrl: https://avatars.githubusercontent.com/u/6892179?u=1dca6a22195d6cd1ab20737c0e19a4c55d639472&v=4
url: https://github.com/nilslindemann
+svlandeg:
+ login: svlandeg
+ count: 14
+ avatarUrl: https://avatars.githubusercontent.com/u/8796347?u=556c97650c27021911b0b9447ec55e75987b0e8a&v=4
+ url: https://github.com/svlandeg
euri10:
login: euri10
count: 13
avatarUrl: https://avatars.githubusercontent.com/u/1104190?u=321a2e953e6645a7d09b732786c7a8061e0f8a8b&v=4
url: https://github.com/euri10
-svlandeg:
- login: svlandeg
- count: 13
- avatarUrl: https://avatars.githubusercontent.com/u/8796347?u=556c97650c27021911b0b9447ec55e75987b0e8a&v=4
- url: https://github.com/svlandeg
kantandane:
login: kantandane
count: 13
@@ -103,6 +103,11 @@ waynerv:
count: 5
avatarUrl: https://avatars.githubusercontent.com/u/39515546?u=ec35139777597cdbbbddda29bf8b9d4396b429a9&v=4
url: https://github.com/waynerv
+musicinmybrain:
+ login: musicinmybrain
+ count: 5
+ avatarUrl: https://avatars.githubusercontent.com/u/6898909?u=9010312053e7141383b9bdf538036c7f37fbaba0&v=4
+ url: https://github.com/musicinmybrain
krishnamadhavan:
login: krishnamadhavan
count: 5
@@ -133,11 +138,6 @@ iudeen:
count: 4
avatarUrl: https://avatars.githubusercontent.com/u/10519440?u=f09cdd745e5bf16138f29b42732dd57c7f02bee1&v=4
url: https://github.com/iudeen
-musicinmybrain:
- login: musicinmybrain
- count: 4
- avatarUrl: https://avatars.githubusercontent.com/u/6898909?u=9010312053e7141383b9bdf538036c7f37fbaba0&v=4
- url: https://github.com/musicinmybrain
philipokiokio:
login: philipokiokio
count: 4
@@ -483,6 +483,11 @@ nzig:
count: 2
avatarUrl: https://avatars.githubusercontent.com/u/7372858?u=e769add36ed73c778cdb136eb10bf96b1e119671&v=4
url: https://github.com/nzig
+kristjanvalur:
+ login: kristjanvalur
+ count: 2
+ avatarUrl: https://avatars.githubusercontent.com/u/6009543?u=1419f20bbfff8f031be8cb470962e7e62de2595e&v=4
+ url: https://github.com/kristjanvalur
yezz123:
login: yezz123
count: 2
diff --git a/docs/en/data/github_sponsors.yml b/docs/en/data/github_sponsors.yml
index 3d8ecdb7a..24780603d 100644
--- a/docs/en/data/github_sponsors.yml
+++ b/docs/en/data/github_sponsors.yml
@@ -23,9 +23,6 @@ sponsors:
- login: railwayapp
avatarUrl: https://avatars.githubusercontent.com/u/66716858?v=4
url: https://github.com/railwayapp
- - login: scalar
- avatarUrl: https://avatars.githubusercontent.com/u/301879?v=4
- url: https://github.com/scalar
- - login: dribia
avatarUrl: https://avatars.githubusercontent.com/u/41189616?v=4
url: https://github.com/dribia
@@ -44,25 +41,25 @@ sponsors:
- login: permitio
avatarUrl: https://avatars.githubusercontent.com/u/71775833?v=4
url: https://github.com/permitio
-- - login: BoostryJP
- avatarUrl: https://avatars.githubusercontent.com/u/57932412?v=4
- url: https://github.com/BoostryJP
- - login: mercedes-benz
- avatarUrl: https://avatars.githubusercontent.com/u/34240465?v=4
- url: https://github.com/mercedes-benz
- - login: Ponte-Energy-Partners
+- - login: Ponte-Energy-Partners
avatarUrl: https://avatars.githubusercontent.com/u/114745848?v=4
url: https://github.com/Ponte-Energy-Partners
- login: LambdaTest-Inc
avatarUrl: https://avatars.githubusercontent.com/u/171592363?u=96606606a45fa170427206199014f2a5a2a4920b&v=4
url: https://github.com/LambdaTest-Inc
+ - login: BoostryJP
+ avatarUrl: https://avatars.githubusercontent.com/u/57932412?v=4
+ url: https://github.com/BoostryJP
- login: requestly
avatarUrl: https://avatars.githubusercontent.com/u/12287519?v=4
url: https://github.com/requestly
- login: acsone
avatarUrl: https://avatars.githubusercontent.com/u/7601056?v=4
url: https://github.com/acsone
-- - login: Trivie
+- - login: scalar
+ avatarUrl: https://avatars.githubusercontent.com/u/301879?v=4
+ url: https://github.com/scalar
+ - login: Trivie
avatarUrl: https://avatars.githubusercontent.com/u/8161763?v=4
url: https://github.com/Trivie
- - login: takashi-yoneya
@@ -71,42 +68,30 @@ sponsors:
- login: Doist
avatarUrl: https://avatars.githubusercontent.com/u/2565372?v=4
url: https://github.com/Doist
+ - login: bholagabbar
+ avatarUrl: https://avatars.githubusercontent.com/u/11693595?v=4
+ url: https://github.com/bholagabbar
- - login: mainframeindustries
avatarUrl: https://avatars.githubusercontent.com/u/55092103?v=4
url: https://github.com/mainframeindustries
- - login: alixlahuec
avatarUrl: https://avatars.githubusercontent.com/u/29543316?u=44357eb2a93bccf30fb9d389b8befe94a3d00985&v=4
url: https://github.com/alixlahuec
- - login: Partho
- avatarUrl: https://avatars.githubusercontent.com/u/2034301?u=ce195ac36835cca0cdfe6dd6e897bd38873a1524&v=4
- url: https://github.com/Partho
- - login: primer-io
avatarUrl: https://avatars.githubusercontent.com/u/62146168?v=4
url: https://github.com/primer-io
- - login: xsalagarcia
- avatarUrl: https://avatars.githubusercontent.com/u/66035908?v=4
- url: https://github.com/xsalagarcia
- - login: upciti
avatarUrl: https://avatars.githubusercontent.com/u/43346262?v=4
url: https://github.com/upciti
- - login: GonnaFlyMethod
- avatarUrl: https://avatars.githubusercontent.com/u/60840539?u=edf70b373fd4f1a83d3eb7c6802f4b6addb572cf&v=4
- url: https://github.com/GonnaFlyMethod
- login: ChargeStorm
avatarUrl: https://avatars.githubusercontent.com/u/26000165?v=4
url: https://github.com/ChargeStorm
- - login: DanielYang59
- avatarUrl: https://avatars.githubusercontent.com/u/80093591?u=63873f701c7c74aac83c906800a1dddc0bc8c92f&v=4
- url: https://github.com/DanielYang59
- login: nilslindemann
avatarUrl: https://avatars.githubusercontent.com/u/6892179?u=1dca6a22195d6cd1ab20737c0e19a4c55d639472&v=4
url: https://github.com/nilslindemann
- - login: samuelcolvin
avatarUrl: https://avatars.githubusercontent.com/u/4039449?u=42eb3b833047c8c4b4f647a031eaef148c16d93f&v=4
url: https://github.com/samuelcolvin
- - login: vincentkoc
- avatarUrl: https://avatars.githubusercontent.com/u/25068?u=fbd5b2d51142daa4bdbc21e21953a3b8b8188a4a&v=4
- url: https://github.com/vincentkoc
- login: otosky
avatarUrl: https://avatars.githubusercontent.com/u/42260747?u=69d089387c743d89427aa4ad8740cfb34045a9e0&v=4
url: https://github.com/otosky
@@ -137,9 +122,6 @@ sponsors:
- login: jugeeem
avatarUrl: https://avatars.githubusercontent.com/u/116043716?u=ae590d79c38ac79c91b9c5caa6887d061e865a3d&v=4
url: https://github.com/jugeeem
- - login: connorpark24
- avatarUrl: https://avatars.githubusercontent.com/u/142128990?u=09b84a4beb1f629b77287a837bcf3729785cdd89&v=4
- url: https://github.com/connorpark24
- login: patsatsia
avatarUrl: https://avatars.githubusercontent.com/u/61111267?u=3271b85f7a37b479c8d0ae0a235182e83c166edf&v=4
url: https://github.com/patsatsia
@@ -155,9 +137,9 @@ sponsors:
- login: kaoru0310
avatarUrl: https://avatars.githubusercontent.com/u/80977929?u=1b61d10142b490e56af932ddf08a390fae8ee94f&v=4
url: https://github.com/kaoru0310
- - login: DelfinaCare
- avatarUrl: https://avatars.githubusercontent.com/u/83734439?v=4
- url: https://github.com/DelfinaCare
+ - login: jstanden
+ avatarUrl: https://avatars.githubusercontent.com/u/63288?u=c3658d57d2862c607a0e19c2101c3c51876e36ad&v=4
+ url: https://github.com/jstanden
- login: knallgelb
avatarUrl: https://avatars.githubusercontent.com/u/2358812?u=c48cb6362b309d74cbf144bd6ad3aed3eb443e82&v=4
url: https://github.com/knallgelb
@@ -191,9 +173,6 @@ sponsors:
- login: oliverxchen
avatarUrl: https://avatars.githubusercontent.com/u/4471774?u=534191f25e32eeaadda22dfab4b0a428733d5489&v=4
url: https://github.com/oliverxchen
- - login: jstanden
- avatarUrl: https://avatars.githubusercontent.com/u/63288?u=c3658d57d2862c607a0e19c2101c3c51876e36ad&v=4
- url: https://github.com/jstanden
- login: paulcwatts
avatarUrl: https://avatars.githubusercontent.com/u/150269?u=1819e145d573b44f0ad74b87206d21cd60331d4e&v=4
url: https://github.com/paulcwatts
@@ -233,9 +212,6 @@ sponsors:
- login: mjohnsey
avatarUrl: https://avatars.githubusercontent.com/u/16784016?u=38fad2e6b411244560b3af99c5f5a4751bc81865&v=4
url: https://github.com/mjohnsey
- - login: enguy-hub
- avatarUrl: https://avatars.githubusercontent.com/u/16822912?u=2c45f9e7f427b2f2f3b023d7fdb0d44764c92ae8&v=4
- url: https://github.com/enguy-hub
- login: ashi-agrawal
avatarUrl: https://avatars.githubusercontent.com/u/17105294?u=99c7a854035e5398d8e7b674f2d42baae6c957f8&v=4
url: https://github.com/ashi-agrawal
@@ -260,10 +236,7 @@ sponsors:
- - login: manoelpqueiroz
avatarUrl: https://avatars.githubusercontent.com/u/23669137?u=b12e84b28a84369ab5b30bd5a79e5788df5a0756&v=4
url: https://github.com/manoelpqueiroz
-- - login: ceb10n
- avatarUrl: https://avatars.githubusercontent.com/u/235213?u=edcce471814a1eba9f0cdaa4cd0de18921a940a6&v=4
- url: https://github.com/ceb10n
- - login: pawamoy
+- - login: pawamoy
avatarUrl: https://avatars.githubusercontent.com/u/3999221?u=b030e4c89df2f3a36bc4710b925bdeb6745c9856&v=4
url: https://github.com/pawamoy
- login: siavashyj
@@ -281,9 +254,9 @@ sponsors:
- login: hgalytoby
avatarUrl: https://avatars.githubusercontent.com/u/50397689?u=6cc9028f3db63f8f60ad21c17b1ce4b88c4e2e60&v=4
url: https://github.com/hgalytoby
- - login: johnl28
- avatarUrl: https://avatars.githubusercontent.com/u/54412955?u=47dd06082d1c39caa90c752eb55566e4f3813957&v=4
- url: https://github.com/johnl28
+ - login: nisutec
+ avatarUrl: https://avatars.githubusercontent.com/u/25281462?u=e562484c451fdfc59053163f64405f8eb262b8b0&v=4
+ url: https://github.com/nisutec
- login: hoenie-ams
avatarUrl: https://avatars.githubusercontent.com/u/25708487?u=cda07434f0509ac728d9edf5e681117c0f6b818b&v=4
url: https://github.com/hoenie-ams
@@ -299,21 +272,24 @@ sponsors:
- login: petercool
avatarUrl: https://avatars.githubusercontent.com/u/37613029?u=75aa8c6729e6e8f85a300561c4dbeef9d65c8797&v=4
url: https://github.com/petercool
+ - login: johnl28
+ avatarUrl: https://avatars.githubusercontent.com/u/54412955?u=47dd06082d1c39caa90c752eb55566e4f3813957&v=4
+ url: https://github.com/johnl28
- login: PunRabbit
avatarUrl: https://avatars.githubusercontent.com/u/70463212?u=1a835cfbc99295a60c8282f6aa6199d1b42241a5&v=4
url: https://github.com/PunRabbit
- login: PelicanQ
avatarUrl: https://avatars.githubusercontent.com/u/77930606?v=4
url: https://github.com/PelicanQ
+ - login: WillHogan
+ avatarUrl: https://avatars.githubusercontent.com/u/1661551?u=8a80356e3e7d5a417157aba7ea565dabc8678327&v=4
+ url: https://github.com/WillHogan
- login: my3
avatarUrl: https://avatars.githubusercontent.com/u/1825270?v=4
url: https://github.com/my3
- login: danielunderwood
avatarUrl: https://avatars.githubusercontent.com/u/4472301?v=4
url: https://github.com/danielunderwood
- - login: rangulvers
- avatarUrl: https://avatars.githubusercontent.com/u/5235430?u=e254d4af4ace5a05fa58372ae677c7d26f0d5a53&v=4
- url: https://github.com/rangulvers
- login: ddanier
avatarUrl: https://avatars.githubusercontent.com/u/113563?u=ed1dc79de72f93bd78581f88ebc6952b62f472da&v=4
url: https://github.com/ddanier
@@ -323,15 +299,21 @@ sponsors:
- login: slafs
avatarUrl: https://avatars.githubusercontent.com/u/210173?v=4
url: https://github.com/slafs
+ - login: ceb10n
+ avatarUrl: https://avatars.githubusercontent.com/u/235213?u=edcce471814a1eba9f0cdaa4cd0de18921a940a6&v=4
+ url: https://github.com/ceb10n
- login: tochikuji
avatarUrl: https://avatars.githubusercontent.com/u/851759?v=4
url: https://github.com/tochikuji
- login: miguelgr
avatarUrl: https://avatars.githubusercontent.com/u/1484589?u=54556072b8136efa12ae3b6902032ea2a39ace4b&v=4
url: https://github.com/miguelgr
- - login: WillHogan
- avatarUrl: https://avatars.githubusercontent.com/u/1661551?u=8a80356e3e7d5a417157aba7ea565dabc8678327&v=4
- url: https://github.com/WillHogan
+ - login: xncbf
+ avatarUrl: https://avatars.githubusercontent.com/u/9462045?u=a80a7bb349555b277645632ed66639ff43400614&v=4
+ url: https://github.com/xncbf
+ - login: DMantis
+ avatarUrl: https://avatars.githubusercontent.com/u/9536869?u=652dd0d49717803c0cbcbf44f7740e53cf2d4892&v=4
+ url: https://github.com/DMantis
- login: hard-coders
avatarUrl: https://avatars.githubusercontent.com/u/9651103?u=95db33927bbff1ed1c07efddeb97ac2ff33068ed&v=4
url: https://github.com/hard-coders
@@ -347,9 +329,9 @@ sponsors:
- login: joshuatz
avatarUrl: https://avatars.githubusercontent.com/u/17817563?u=f1bf05b690d1fc164218f0b420cdd3acb7913e21&v=4
url: https://github.com/joshuatz
- - login: nisutec
- avatarUrl: https://avatars.githubusercontent.com/u/25281462?u=e562484c451fdfc59053163f64405f8eb262b8b0&v=4
- url: https://github.com/nisutec
+ - login: rangulvers
+ avatarUrl: https://avatars.githubusercontent.com/u/5235430?u=e254d4af4ace5a05fa58372ae677c7d26f0d5a53&v=4
+ url: https://github.com/rangulvers
- login: sdevkota
avatarUrl: https://avatars.githubusercontent.com/u/5250987?u=4ed9a120c89805a8aefda1cbdc0cf6512e64d1b4&v=4
url: https://github.com/sdevkota
@@ -368,19 +350,7 @@ sponsors:
- login: moonape1226
avatarUrl: https://avatars.githubusercontent.com/u/8532038?u=d9f8b855a429fff9397c3833c2ff83849ebf989d&v=4
url: https://github.com/moonape1226
- - login: xncbf
- avatarUrl: https://avatars.githubusercontent.com/u/9462045?u=a80a7bb349555b277645632ed66639ff43400614&v=4
- url: https://github.com/xncbf
- - login: DMantis
- avatarUrl: https://avatars.githubusercontent.com/u/9536869?u=652dd0d49717803c0cbcbf44f7740e53cf2d4892&v=4
- url: https://github.com/DMantis
-- - login: morzan1001
- avatarUrl: https://avatars.githubusercontent.com/u/47593005?u=c30ab7230f82a12a9b938dcb54f84a996931409a&v=4
- url: https://github.com/morzan1001
- - login: larsyngvelundin
- avatarUrl: https://avatars.githubusercontent.com/u/34173819?u=74958599695bf83ac9f1addd935a51548a10c6b0&v=4
- url: https://github.com/larsyngvelundin
- - login: andrecorumba
+- - login: andrecorumba
avatarUrl: https://avatars.githubusercontent.com/u/37807517?u=9b9be3b41da9bda60957da9ef37b50dbf65baa61&v=4
url: https://github.com/andrecorumba
- login: KOZ39
@@ -389,21 +359,30 @@ sponsors:
- login: rwxd
avatarUrl: https://avatars.githubusercontent.com/u/40308458?u=cd04a39e3655923be4f25c2ba8a5a07b3da3230a&v=4
url: https://github.com/rwxd
+ - login: morzan1001
+ avatarUrl: https://avatars.githubusercontent.com/u/47593005?u=c30ab7230f82a12a9b938dcb54f84a996931409a&v=4
+ url: https://github.com/morzan1001
+ - login: Olegt0rr
+ avatarUrl: https://avatars.githubusercontent.com/u/25399456?u=3e87b5239a2f4600975ba13be73054f8567c6060&v=4
+ url: https://github.com/Olegt0rr
+ - login: dinoz0rg
+ avatarUrl: https://avatars.githubusercontent.com/u/32940067?u=739cda1eb123a2dd5e1db45c361396f239e23f8b&v=4
+ url: https://github.com/dinoz0rg
+ - login: larsyngvelundin
+ avatarUrl: https://avatars.githubusercontent.com/u/34173819?u=74958599695bf83ac9f1addd935a51548a10c6b0&v=4
+ url: https://github.com/larsyngvelundin
- login: hippoley
avatarUrl: https://avatars.githubusercontent.com/u/135493401?u=1164ef48a645a7c12664fabc1638fbb7e1c459b0&v=4
url: https://github.com/hippoley
+ - login: 4anklee
+ avatarUrl: https://avatars.githubusercontent.com/u/144109238?u=a79c0d581b2a3d8f3897e7ef4c012640a6c1eb3a&v=4
+ url: https://github.com/4anklee
- login: CoderDeltaLAN
avatarUrl: https://avatars.githubusercontent.com/u/152043745?u=4ff541efffb7d134e60c5fcf2dd1e343f90bb782&v=4
url: https://github.com/CoderDeltaLAN
- - login: chris1ding1
- avatarUrl: https://avatars.githubusercontent.com/u/194386334?u=5500604b50e35ed8a5aeb82ce34aa5d3ee3f88c7&v=4
- url: https://github.com/chris1ding1
- login: onestn
avatarUrl: https://avatars.githubusercontent.com/u/62360849?u=746dd21c34e7e06eefb11b03e8bb01aaae3c2a4f&v=4
url: https://github.com/onestn
- - login: Rubinskiy
- avatarUrl: https://avatars.githubusercontent.com/u/62457878?u=f2e35ed3d196a99cfadb5a29a91950342af07e34&v=4
- url: https://github.com/Rubinskiy
- login: nayasinghania
avatarUrl: https://avatars.githubusercontent.com/u/74111380?u=752e99a5e139389fdc0a0677122adc08438eb076&v=4
url: https://github.com/nayasinghania
@@ -413,9 +392,6 @@ sponsors:
- login: andreagrandi
avatarUrl: https://avatars.githubusercontent.com/u/636391?u=13d90cb8ec313593a5b71fbd4e33b78d6da736f5&v=4
url: https://github.com/andreagrandi
- - login: Olegt0rr
- avatarUrl: https://avatars.githubusercontent.com/u/25399456?u=3e87b5239a2f4600975ba13be73054f8567c6060&v=4
- url: https://github.com/Olegt0rr
- login: msserpa
avatarUrl: https://avatars.githubusercontent.com/u/6334934?u=82c4489eb1559d88d2990d60001901b14f722bbb&v=4
url: https://github.com/msserpa
diff --git a/docs/en/data/sponsors.yml b/docs/en/data/sponsors.yml
index b8cc31dbe..50b114530 100644
--- a/docs/en/data/sponsors.yml
+++ b/docs/en/data/sponsors.yml
@@ -33,6 +33,9 @@ gold:
- url: https://serpapi.com/?utm_source=fastapi_website
title: "SerpApi: Web Search API"
img: https://fastapi.tiangolo.com/img/sponsors/serpapi.png
+ - url: https://www.greptile.com/?utm_source=fastapi&utm_medium=sponsorship&utm_campaign=fastapi_sponsor_page
+ title: "Greptile: The AI Code Reviewer"
+ img: https://fastapi.tiangolo.com/img/sponsors/greptile.png
silver:
- url: https://databento.com/?utm_source=fastapi&utm_medium=sponsor&utm_content=display
title: Pay as you go for market data
diff --git a/docs/en/data/sponsors_badge.yml b/docs/en/data/sponsors_badge.yml
index 14f55805c..d648be5fc 100644
--- a/docs/en/data/sponsors_badge.yml
+++ b/docs/en/data/sponsors_badge.yml
@@ -47,3 +47,4 @@ logins:
- railwayapp
- subtotal
- requestly
+ - greptileai
diff --git a/docs/en/data/topic_repos.yml b/docs/en/data/topic_repos.yml
index 1bb6fd70d..cb7e3c033 100644
--- a/docs/en/data/topic_repos.yml
+++ b/docs/en/data/topic_repos.yml
@@ -1,368 +1,388 @@
- name: full-stack-fastapi-template
html_url: https://github.com/fastapi/full-stack-fastapi-template
- stars: 38779
+ stars: 39475
owner_login: fastapi
owner_html_url: https://github.com/fastapi
- name: Hello-Python
html_url: https://github.com/mouredev/Hello-Python
- stars: 32726
+ stars: 33090
owner_login: mouredev
owner_html_url: https://github.com/mouredev
- name: serve
html_url: https://github.com/jina-ai/serve
- stars: 21779
+ stars: 21798
owner_login: jina-ai
owner_html_url: https://github.com/jina-ai
- name: HivisionIDPhotos
html_url: https://github.com/Zeyi-Lin/HivisionIDPhotos
- stars: 20028
+ stars: 20258
owner_login: Zeyi-Lin
owner_html_url: https://github.com/Zeyi-Lin
- name: sqlmodel
html_url: https://github.com/fastapi/sqlmodel
- stars: 17038
+ stars: 17212
owner_login: fastapi
owner_html_url: https://github.com/fastapi
- name: Douyin_TikTok_Download_API
html_url: https://github.com/Evil0ctal/Douyin_TikTok_Download_API
- stars: 14786
+ stars: 15145
owner_login: Evil0ctal
owner_html_url: https://github.com/Evil0ctal
- name: fastapi-best-practices
html_url: https://github.com/zhanymkanov/fastapi-best-practices
- stars: 13968
+ stars: 14644
owner_login: zhanymkanov
owner_html_url: https://github.com/zhanymkanov
- name: machine-learning-zoomcamp
html_url: https://github.com/DataTalksClub/machine-learning-zoomcamp
- stars: 12171
+ stars: 12320
owner_login: DataTalksClub
owner_html_url: https://github.com/DataTalksClub
- name: fastapi_mcp
html_url: https://github.com/tadata-org/fastapi_mcp
- stars: 10976
+ stars: 11174
owner_login: tadata-org
owner_html_url: https://github.com/tadata-org
-- name: awesome-fastapi
- html_url: https://github.com/mjhea0/awesome-fastapi
- stars: 10618
- owner_login: mjhea0
- owner_html_url: https://github.com/mjhea0
- name: SurfSense
html_url: https://github.com/MODSetter/SurfSense
- stars: 10243
+ stars: 10858
owner_login: MODSetter
owner_html_url: https://github.com/MODSetter
+- name: awesome-fastapi
+ html_url: https://github.com/mjhea0/awesome-fastapi
+ stars: 10758
+ owner_login: mjhea0
+ owner_html_url: https://github.com/mjhea0
- name: XHS-Downloader
html_url: https://github.com/JoeanAmier/XHS-Downloader
- stars: 9062
+ stars: 9313
owner_login: JoeanAmier
owner_html_url: https://github.com/JoeanAmier
- name: FastUI
html_url: https://github.com/pydantic/FastUI
- stars: 8892
+ stars: 8915
owner_login: pydantic
owner_html_url: https://github.com/pydantic
- name: polar
html_url: https://github.com/polarsource/polar
- stars: 8084
+ stars: 8339
owner_login: polarsource
owner_html_url: https://github.com/polarsource
- name: FileCodeBox
html_url: https://github.com/vastsa/FileCodeBox
- stars: 7494
+ stars: 7721
owner_login: vastsa
owner_html_url: https://github.com/vastsa
- name: nonebot2
html_url: https://github.com/nonebot/nonebot2
- stars: 7128
+ stars: 7170
owner_login: nonebot
owner_html_url: https://github.com/nonebot
- name: hatchet
html_url: https://github.com/hatchet-dev/hatchet
- stars: 6155
+ stars: 6253
owner_login: hatchet-dev
owner_html_url: https://github.com/hatchet-dev
-- name: serge
- html_url: https://github.com/serge-chat/serge
- stars: 5754
- owner_login: serge-chat
- owner_html_url: https://github.com/serge-chat
- name: fastapi-users
html_url: https://github.com/fastapi-users/fastapi-users
- stars: 5683
+ stars: 5849
owner_login: fastapi-users
owner_html_url: https://github.com/fastapi-users
+- name: serge
+ html_url: https://github.com/serge-chat/serge
+ stars: 5756
+ owner_login: serge-chat
+ owner_html_url: https://github.com/serge-chat
- name: strawberry
html_url: https://github.com/strawberry-graphql/strawberry
- stars: 4452
+ stars: 4569
owner_login: strawberry-graphql
owner_html_url: https://github.com/strawberry-graphql
- name: chatgpt-web-share
html_url: https://github.com/chatpire/chatgpt-web-share
- stars: 4296
+ stars: 4294
owner_login: chatpire
owner_html_url: https://github.com/chatpire
- name: poem
html_url: https://github.com/poem-web/poem
- stars: 4235
+ stars: 4276
owner_login: poem-web
owner_html_url: https://github.com/poem-web
- name: dynaconf
html_url: https://github.com/dynaconf/dynaconf
- stars: 4174
+ stars: 4202
owner_login: dynaconf
owner_html_url: https://github.com/dynaconf
- name: atrilabs-engine
html_url: https://github.com/Atri-Labs/atrilabs-engine
- stars: 4094
+ stars: 4093
owner_login: Atri-Labs
owner_html_url: https://github.com/Atri-Labs
- name: Kokoro-FastAPI
html_url: https://github.com/remsky/Kokoro-FastAPI
- stars: 3875
+ stars: 4019
owner_login: remsky
owner_html_url: https://github.com/remsky
- name: logfire
html_url: https://github.com/pydantic/logfire
- stars: 3717
+ stars: 3805
owner_login: pydantic
owner_html_url: https://github.com/pydantic
- name: LitServe
html_url: https://github.com/Lightning-AI/LitServe
- stars: 3615
+ stars: 3719
owner_login: Lightning-AI
owner_html_url: https://github.com/Lightning-AI
+- name: fastapi-admin
+ html_url: https://github.com/fastapi-admin/fastapi-admin
+ stars: 3632
+ owner_login: fastapi-admin
+ owner_html_url: https://github.com/fastapi-admin
- name: datamodel-code-generator
html_url: https://github.com/koxudaxi/datamodel-code-generator
- stars: 3554
+ stars: 3609
owner_login: koxudaxi
owner_html_url: https://github.com/koxudaxi
- name: huma
html_url: https://github.com/danielgtaylor/huma
- stars: 3521
+ stars: 3603
owner_login: danielgtaylor
owner_html_url: https://github.com/danielgtaylor
-- name: fastapi-admin
- html_url: https://github.com/fastapi-admin/fastapi-admin
- stars: 3497
- owner_login: fastapi-admin
- owner_html_url: https://github.com/fastapi-admin
- name: farfalle
html_url: https://github.com/rashadphz/farfalle
- stars: 3476
+ stars: 3490
owner_login: rashadphz
owner_html_url: https://github.com/rashadphz
- name: tracecat
html_url: https://github.com/TracecatHQ/tracecat
- stars: 3310
+ stars: 3379
owner_login: TracecatHQ
owner_html_url: https://github.com/TracecatHQ
- name: opyrator
html_url: https://github.com/ml-tooling/opyrator
- stars: 3134
+ stars: 3135
owner_login: ml-tooling
owner_html_url: https://github.com/ml-tooling
- name: docarray
html_url: https://github.com/docarray/docarray
- stars: 3108
+ stars: 3114
owner_login: docarray
owner_html_url: https://github.com/docarray
+- name: devpush
+ html_url: https://github.com/hunvreus/devpush
+ stars: 3097
+ owner_login: hunvreus
+ owner_html_url: https://github.com/hunvreus
- name: fastapi-realworld-example-app
html_url: https://github.com/nsidnev/fastapi-realworld-example-app
- stars: 2945
+ stars: 3050
owner_login: nsidnev
owner_html_url: https://github.com/nsidnev
- name: uvicorn-gunicorn-fastapi-docker
html_url: https://github.com/tiangolo/uvicorn-gunicorn-fastapi-docker
- stars: 2809
+ stars: 2911
owner_login: tiangolo
owner_html_url: https://github.com/tiangolo
-- name: devpush
- html_url: https://github.com/hunvreus/devpush
- stars: 2784
- owner_login: hunvreus
- owner_html_url: https://github.com/hunvreus
- name: mcp-context-forge
html_url: https://github.com/IBM/mcp-context-forge
- stars: 2763
+ stars: 2899
owner_login: IBM
owner_html_url: https://github.com/IBM
- name: best-of-web-python
html_url: https://github.com/ml-tooling/best-of-web-python
- stars: 2630
+ stars: 2648
owner_login: ml-tooling
owner_html_url: https://github.com/ml-tooling
-- name: fastapi-react
- html_url: https://github.com/Buuntu/fastapi-react
- stars: 2464
- owner_login: Buuntu
- owner_html_url: https://github.com/Buuntu
- name: FastAPI-template
html_url: https://github.com/s3rius/FastAPI-template
- stars: 2453
+ stars: 2637
owner_login: s3rius
owner_html_url: https://github.com/s3rius
-- name: RasaGPT
- html_url: https://github.com/paulpierre/RasaGPT
- stars: 2444
- owner_login: paulpierre
- owner_html_url: https://github.com/paulpierre
-- name: sqladmin
- html_url: https://github.com/aminalaee/sqladmin
- stars: 2423
- owner_login: aminalaee
- owner_html_url: https://github.com/aminalaee
-- name: nextpy
- html_url: https://github.com/dot-agent/nextpy
- stars: 2325
- owner_login: dot-agent
- owner_html_url: https://github.com/dot-agent
-- name: supabase-py
- html_url: https://github.com/supabase/supabase-py
- stars: 2292
- owner_login: supabase
- owner_html_url: https://github.com/supabase
-- name: 30-Days-of-Python
- html_url: https://github.com/codingforentrepreneurs/30-Days-of-Python
- stars: 2214
- owner_login: codingforentrepreneurs
- owner_html_url: https://github.com/codingforentrepreneurs
+- name: YC-Killer
+ html_url: https://github.com/sahibzada-allahyar/YC-Killer
+ stars: 2599
+ owner_login: sahibzada-allahyar
+ owner_html_url: https://github.com/sahibzada-allahyar
+- name: fastapi-react
+ html_url: https://github.com/Buuntu/fastapi-react
+ stars: 2569
+ owner_login: Buuntu
+ owner_html_url: https://github.com/Buuntu
- name: Yuxi-Know
html_url: https://github.com/xerrors/Yuxi-Know
- stars: 2212
+ stars: 2563
owner_login: xerrors
owner_html_url: https://github.com/xerrors
-- name: langserve
- html_url: https://github.com/langchain-ai/langserve
- stars: 2191
- owner_login: langchain-ai
- owner_html_url: https://github.com/langchain-ai
+- name: sqladmin
+ html_url: https://github.com/aminalaee/sqladmin
+ stars: 2558
+ owner_login: aminalaee
+ owner_html_url: https://github.com/aminalaee
+- name: RasaGPT
+ html_url: https://github.com/paulpierre/RasaGPT
+ stars: 2451
+ owner_login: paulpierre
+ owner_html_url: https://github.com/paulpierre
+- name: supabase-py
+ html_url: https://github.com/supabase/supabase-py
+ stars: 2344
+ owner_login: supabase
+ owner_html_url: https://github.com/supabase
+- name: nextpy
+ html_url: https://github.com/dot-agent/nextpy
+ stars: 2335
+ owner_login: dot-agent
+ owner_html_url: https://github.com/dot-agent
- name: fastapi-utils
html_url: https://github.com/fastapiutils/fastapi-utils
- stars: 2185
+ stars: 2291
owner_login: fastapiutils
owner_html_url: https://github.com/fastapiutils
+- name: 30-Days-of-Python
+ html_url: https://github.com/codingforentrepreneurs/30-Days-of-Python
+ stars: 2220
+ owner_login: codingforentrepreneurs
+ owner_html_url: https://github.com/codingforentrepreneurs
+- name: langserve
+ html_url: https://github.com/langchain-ai/langserve
+ stars: 2215
+ owner_login: langchain-ai
+ owner_html_url: https://github.com/langchain-ai
- name: solara
html_url: https://github.com/widgetti/solara
- stars: 2111
+ stars: 2122
owner_login: widgetti
owner_html_url: https://github.com/widgetti
- name: mangum
html_url: https://github.com/Kludex/mangum
- stars: 2011
+ stars: 2029
owner_login: Kludex
owner_html_url: https://github.com/Kludex
- name: agentkit
html_url: https://github.com/BCG-X-Official/agentkit
- stars: 1826
+ stars: 1912
owner_login: BCG-X-Official
owner_html_url: https://github.com/BCG-X-Official
-- name: python-week-2022
- html_url: https://github.com/rochacbruno/python-week-2022
- stars: 1815
- owner_login: rochacbruno
- owner_html_url: https://github.com/rochacbruno
- name: manage-fastapi
html_url: https://github.com/ycd/manage-fastapi
- stars: 1787
+ stars: 1885
owner_login: ycd
owner_html_url: https://github.com/ycd
-- name: ormar
- html_url: https://github.com/collerek/ormar
- stars: 1780
- owner_login: collerek
- owner_html_url: https://github.com/collerek
-- name: vue-fastapi-admin
- html_url: https://github.com/mizhexiaoxiao/vue-fastapi-admin
- stars: 1758
- owner_login: mizhexiaoxiao
- owner_html_url: https://github.com/mizhexiaoxiao
- name: openapi-python-client
html_url: https://github.com/openapi-generators/openapi-python-client
- stars: 1731
+ stars: 1862
owner_login: openapi-generators
owner_html_url: https://github.com/openapi-generators
- name: piccolo
html_url: https://github.com/piccolo-orm/piccolo
- stars: 1711
+ stars: 1836
owner_login: piccolo-orm
owner_html_url: https://github.com/piccolo-orm
-- name: fastapi-cache
- html_url: https://github.com/long2ice/fastapi-cache
- stars: 1677
- owner_login: long2ice
- owner_html_url: https://github.com/long2ice
+- name: vue-fastapi-admin
+ html_url: https://github.com/mizhexiaoxiao/vue-fastapi-admin
+ stars: 1831
+ owner_login: mizhexiaoxiao
+ owner_html_url: https://github.com/mizhexiaoxiao
+- name: python-week-2022
+ html_url: https://github.com/rochacbruno/python-week-2022
+ stars: 1817
+ owner_login: rochacbruno
+ owner_html_url: https://github.com/rochacbruno
- name: slowapi
html_url: https://github.com/laurentS/slowapi
- stars: 1669
+ stars: 1798
owner_login: laurentS
owner_html_url: https://github.com/laurentS
-- name: langchain-serve
- html_url: https://github.com/jina-ai/langchain-serve
- stars: 1632
- owner_login: jina-ai
- owner_html_url: https://github.com/jina-ai
+- name: fastapi-cache
+ html_url: https://github.com/long2ice/fastapi-cache
+ stars: 1789
+ owner_login: long2ice
+ owner_html_url: https://github.com/long2ice
+- name: ormar
+ html_url: https://github.com/collerek/ormar
+ stars: 1783
+ owner_login: collerek
+ owner_html_url: https://github.com/collerek
- name: termpair
html_url: https://github.com/cs01/termpair
- stars: 1621
+ stars: 1716
owner_login: cs01
owner_html_url: https://github.com/cs01
- name: FastAPI-boilerplate
html_url: https://github.com/benavlabs/FastAPI-boilerplate
- stars: 1596
+ stars: 1660
owner_login: benavlabs
owner_html_url: https://github.com/benavlabs
-- name: coronavirus-tracker-api
- html_url: https://github.com/ExpDev07/coronavirus-tracker-api
- stars: 1573
- owner_login: ExpDev07
- owner_html_url: https://github.com/ExpDev07
-- name: fastapi-crudrouter
- html_url: https://github.com/awtkns/fastapi-crudrouter
- stars: 1553
- owner_login: awtkns
- owner_html_url: https://github.com/awtkns
+- name: fastapi-langgraph-agent-production-ready-template
+ html_url: https://github.com/wassim249/fastapi-langgraph-agent-production-ready-template
+ stars: 1638
+ owner_login: wassim249
+ owner_html_url: https://github.com/wassim249
+- name: langchain-serve
+ html_url: https://github.com/jina-ai/langchain-serve
+ stars: 1635
+ owner_login: jina-ai
+ owner_html_url: https://github.com/jina-ai
- name: awesome-fastapi-projects
html_url: https://github.com/Kludex/awesome-fastapi-projects
- stars: 1485
+ stars: 1589
owner_login: Kludex
owner_html_url: https://github.com/Kludex
- name: fastapi-pagination
html_url: https://github.com/uriyyo/fastapi-pagination
- stars: 1473
+ stars: 1585
owner_login: uriyyo
owner_html_url: https://github.com/uriyyo
+- name: coronavirus-tracker-api
+ html_url: https://github.com/ExpDev07/coronavirus-tracker-api
+ stars: 1574
+ owner_login: ExpDev07
+ owner_html_url: https://github.com/ExpDev07
+- name: fastapi-crudrouter
+ html_url: https://github.com/awtkns/fastapi-crudrouter
+ stars: 1559
+ owner_login: awtkns
+ owner_html_url: https://github.com/awtkns
- name: bracket
html_url: https://github.com/evroon/bracket
- stars: 1470
+ stars: 1489
owner_login: evroon
owner_html_url: https://github.com/evroon
-- name: fastapi-langgraph-agent-production-ready-template
- html_url: https://github.com/wassim249/fastapi-langgraph-agent-production-ready-template
- stars: 1456
- owner_login: wassim249
- owner_html_url: https://github.com/wassim249
+- name: fastapi-amis-admin
+ html_url: https://github.com/amisadmin/fastapi-amis-admin
+ stars: 1475
+ owner_login: amisadmin
+ owner_html_url: https://github.com/amisadmin
- name: fastapi-boilerplate
html_url: https://github.com/teamhide/fastapi-boilerplate
- stars: 1424
+ stars: 1436
owner_login: teamhide
owner_html_url: https://github.com/teamhide
- name: awesome-python-resources
html_url: https://github.com/DjangoEx/awesome-python-resources
- stars: 1420
+ stars: 1426
owner_login: DjangoEx
owner_html_url: https://github.com/DjangoEx
-- name: fastapi-amis-admin
- html_url: https://github.com/amisadmin/fastapi-amis-admin
- stars: 1363
- owner_login: amisadmin
- owner_html_url: https://github.com/amisadmin
- name: fastcrud
html_url: https://github.com/benavlabs/fastcrud
- stars: 1362
+ stars: 1414
owner_login: benavlabs
owner_html_url: https://github.com/benavlabs
+- name: prometheus-fastapi-instrumentator
+ html_url: https://github.com/trallnag/prometheus-fastapi-instrumentator
+ stars: 1388
+ owner_login: trallnag
+ owner_html_url: https://github.com/trallnag
+- name: fastapi_best_architecture
+ html_url: https://github.com/fastapi-practices/fastapi_best_architecture
+ stars: 1378
+ owner_login: fastapi-practices
+ owner_html_url: https://github.com/fastapi-practices
+- name: fastapi-code-generator
+ html_url: https://github.com/koxudaxi/fastapi-code-generator
+ stars: 1375
+ owner_login: koxudaxi
+ owner_html_url: https://github.com/koxudaxi
- name: budgetml
html_url: https://github.com/ebhy/budgetml
stars: 1345
@@ -370,126 +390,106 @@
owner_html_url: https://github.com/ebhy
- name: fastapi-tutorial
html_url: https://github.com/liaogx/fastapi-tutorial
- stars: 1315
+ stars: 1327
owner_login: liaogx
owner_html_url: https://github.com/liaogx
-- name: fastapi_best_architecture
- html_url: https://github.com/fastapi-practices/fastapi_best_architecture
- stars: 1311
- owner_login: fastapi-practices
- owner_html_url: https://github.com/fastapi-practices
-- name: fastapi-code-generator
- html_url: https://github.com/koxudaxi/fastapi-code-generator
- stars: 1270
- owner_login: koxudaxi
- owner_html_url: https://github.com/koxudaxi
-- name: prometheus-fastapi-instrumentator
- html_url: https://github.com/trallnag/prometheus-fastapi-instrumentator
- stars: 1264
- owner_login: trallnag
- owner_html_url: https://github.com/trallnag
+- name: fastapi-alembic-sqlmodel-async
+ html_url: https://github.com/jonra1993/fastapi-alembic-sqlmodel-async
+ stars: 1259
+ owner_login: jonra1993
+ owner_html_url: https://github.com/jonra1993
+- name: fastapi-scaff
+ html_url: https://github.com/atpuxiner/fastapi-scaff
+ stars: 1255
+ owner_login: atpuxiner
+ owner_html_url: https://github.com/atpuxiner
- name: bedrock-chat
html_url: https://github.com/aws-samples/bedrock-chat
- stars: 1243
+ stars: 1254
owner_login: aws-samples
owner_html_url: https://github.com/aws-samples
- name: bolt-python
html_url: https://github.com/slackapi/bolt-python
- stars: 1238
+ stars: 1253
owner_login: slackapi
owner_html_url: https://github.com/slackapi
- name: fastapi_production_template
html_url: https://github.com/zhanymkanov/fastapi_production_template
- stars: 1209
+ stars: 1217
owner_login: zhanymkanov
owner_html_url: https://github.com/zhanymkanov
-- name: fastapi-scaff
- html_url: https://github.com/atpuxiner/fastapi-scaff
- stars: 1200
- owner_login: atpuxiner
- owner_html_url: https://github.com/atpuxiner
- name: langchain-extract
html_url: https://github.com/langchain-ai/langchain-extract
- stars: 1173
+ stars: 1176
owner_login: langchain-ai
owner_html_url: https://github.com/langchain-ai
-- name: fastapi-alembic-sqlmodel-async
- html_url: https://github.com/jonra1993/fastapi-alembic-sqlmodel-async
- stars: 1162
- owner_login: jonra1993
- owner_html_url: https://github.com/jonra1993
-- name: odmantic
- html_url: https://github.com/art049/odmantic
- stars: 1137
- owner_login: art049
- owner_html_url: https://github.com/art049
- name: restish
html_url: https://github.com/rest-sh/restish
- stars: 1129
+ stars: 1140
owner_login: rest-sh
owner_html_url: https://github.com/rest-sh
-- name: kubetorch
- html_url: https://github.com/run-house/kubetorch
- stars: 1065
- owner_login: run-house
- owner_html_url: https://github.com/run-house
-- name: flock
- html_url: https://github.com/Onelevenvy/flock
- stars: 1039
- owner_login: Onelevenvy
- owner_html_url: https://github.com/Onelevenvy
+- name: odmantic
+ html_url: https://github.com/art049/odmantic
+ stars: 1138
+ owner_login: art049
+ owner_html_url: https://github.com/art049
- name: authx
html_url: https://github.com/yezz123/authx
- stars: 1017
+ stars: 1119
owner_login: yezz123
owner_html_url: https://github.com/yezz123
-- name: autollm
- html_url: https://github.com/viddexa/autollm
- stars: 997
- owner_login: viddexa
- owner_html_url: https://github.com/viddexa
-- name: lanarky
- html_url: https://github.com/ajndkr/lanarky
- stars: 993
- owner_login: ajndkr
- owner_html_url: https://github.com/ajndkr
-- name: RuoYi-Vue3-FastAPI
- html_url: https://github.com/insistence/RuoYi-Vue3-FastAPI
- stars: 974
- owner_login: insistence
- owner_html_url: https://github.com/insistence
-- name: aktools
- html_url: https://github.com/akfamily/aktools
- stars: 972
- owner_login: akfamily
- owner_html_url: https://github.com/akfamily
-- name: titiler
- html_url: https://github.com/developmentseed/titiler
- stars: 965
- owner_login: developmentseed
- owner_html_url: https://github.com/developmentseed
-- name: secure
- html_url: https://github.com/TypeError/secure
- stars: 953
- owner_login: TypeError
- owner_html_url: https://github.com/TypeError
-- name: energy-forecasting
- html_url: https://github.com/iusztinpaul/energy-forecasting
- stars: 949
- owner_login: iusztinpaul
- owner_html_url: https://github.com/iusztinpaul
-- name: every-pdf
- html_url: https://github.com/DDULDDUCK/every-pdf
- stars: 942
- owner_login: DDULDDUCK
- owner_html_url: https://github.com/DDULDDUCK
-- name: langcorn
- html_url: https://github.com/msoedov/langcorn
- stars: 933
- owner_login: msoedov
- owner_html_url: https://github.com/msoedov
+- name: NoteDiscovery
+ html_url: https://github.com/gamosoft/NoteDiscovery
+ stars: 1107
+ owner_login: gamosoft
+ owner_html_url: https://github.com/gamosoft
+- name: flock
+ html_url: https://github.com/Onelevenvy/flock
+ stars: 1055
+ owner_login: Onelevenvy
+ owner_html_url: https://github.com/Onelevenvy
- name: fastapi-observability
html_url: https://github.com/blueswen/fastapi-observability
- stars: 923
+ stars: 1038
owner_login: blueswen
owner_html_url: https://github.com/blueswen
+- name: aktools
+ html_url: https://github.com/akfamily/aktools
+ stars: 1027
+ owner_login: akfamily
+ owner_html_url: https://github.com/akfamily
+- name: RuoYi-Vue3-FastAPI
+ html_url: https://github.com/insistence/RuoYi-Vue3-FastAPI
+ stars: 1016
+ owner_login: insistence
+ owner_html_url: https://github.com/insistence
+- name: autollm
+ html_url: https://github.com/viddexa/autollm
+ stars: 1002
+ owner_login: viddexa
+ owner_html_url: https://github.com/viddexa
+- name: titiler
+ html_url: https://github.com/developmentseed/titiler
+ stars: 999
+ owner_login: developmentseed
+ owner_html_url: https://github.com/developmentseed
+- name: lanarky
+ html_url: https://github.com/ajndkr/lanarky
+ stars: 994
+ owner_login: ajndkr
+ owner_html_url: https://github.com/ajndkr
+- name: every-pdf
+ html_url: https://github.com/DDULDDUCK/every-pdf
+ stars: 985
+ owner_login: DDULDDUCK
+ owner_html_url: https://github.com/DDULDDUCK
+- name: enterprise-deep-research
+ html_url: https://github.com/SalesforceAIResearch/enterprise-deep-research
+ stars: 973
+ owner_login: SalesforceAIResearch
+ owner_html_url: https://github.com/SalesforceAIResearch
+- name: fastapi-mail
+ html_url: https://github.com/sabuhish/fastapi-mail
+ stars: 964
+ owner_login: sabuhish
+ owner_html_url: https://github.com/sabuhish
diff --git a/docs/en/data/translation_reviewers.yml b/docs/en/data/translation_reviewers.yml
index 45aa55e5e..c3d3d0388 100644
--- a/docs/en/data/translation_reviewers.yml
+++ b/docs/en/data/translation_reviewers.yml
@@ -75,7 +75,7 @@ mattwang44:
url: https://github.com/mattwang44
tiangolo:
login: tiangolo
- count: 55
+ count: 56
avatarUrl: https://avatars.githubusercontent.com/u/1326112?u=cb5d06e73a9e1998141b1641aa88e443c6717651&v=4
url: https://github.com/tiangolo
Laineyzhang55:
@@ -136,7 +136,7 @@ JavierSanchezCastro:
alejsdev:
login: alejsdev
count: 37
- avatarUrl: https://avatars.githubusercontent.com/u/90076947?u=447d12a1b347f466b35378bee4c7104cc9b2c571&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/90076947?u=85ceac49fb87138aebe8d663912e359447329090&v=4
url: https://github.com/alejsdev
stlucasgarcia:
login: stlucasgarcia
@@ -436,7 +436,7 @@ jburckel:
peidrao:
login: peidrao
count: 13
- avatarUrl: https://avatars.githubusercontent.com/u/32584628?u=64c634bb10381905038ff7faf3c8c3df47fb799a&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/32584628?u=979c62398e16ff000cc0faa028e028efd679887c&v=4
url: https://github.com/peidrao
impocode:
login: impocode
@@ -1006,7 +1006,7 @@ takacs:
anton2yakovlev:
login: anton2yakovlev
count: 5
- avatarUrl: https://avatars.githubusercontent.com/u/44229180?u=bdd445ba99074b378e7298d23c4bf6d707d2c282&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/44229180?u=ac245e57bc834ff80f08ca8128000bb650a77a3d&v=4
url: https://github.com/anton2yakovlev
ILoveSorasakiHina:
login: ILoveSorasakiHina
@@ -1161,7 +1161,7 @@ cookie-byte217:
AbolfazlKameli:
login: AbolfazlKameli
count: 4
- avatarUrl: https://avatars.githubusercontent.com/u/120686133?u=e41743da3c1820efafc59c5870cacd4f4425334c&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/120686133?u=af8f025278cce0d489007071254e4055df60b78c&v=4
url: https://github.com/AbolfazlKameli
tyronedamasceno:
login: tyronedamasceno
@@ -1196,7 +1196,7 @@ Xaraxx:
Suyoung789:
login: Suyoung789
count: 3
- avatarUrl: https://avatars.githubusercontent.com/u/31277231?u=744bd3e641413e19bfad6b06a90bb0887c3f9332&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/31277231?u=1591aaf651eb860017231a36590050e154c026b6&v=4
url: https://github.com/Suyoung789
akagaeng:
login: akagaeng
@@ -1806,7 +1806,7 @@ MrL8199:
ivintoiu:
login: ivintoiu
count: 2
- avatarUrl: https://avatars.githubusercontent.com/u/1853336?u=b537c905ad08b69993de8796fb235c8d4d47f039&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/1853336?u=e3de5fd0ab17efc12256b4295285b504ca281440&v=4
url: https://github.com/ivintoiu
TechnoService2:
login: TechnoService2
@@ -1841,7 +1841,7 @@ NavesSapnis:
eqsdxr:
login: eqsdxr
count: 2
- avatarUrl: https://avatars.githubusercontent.com/u/157279130?u=d7aaffb29f542b647cf0f6b0e05722490863658a&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/157279130?u=7927dc0366995334f9a18c3204a41d3a34d6d96f&v=4
url: https://github.com/eqsdxr
syedasamina56:
login: syedasamina56
diff --git a/docs/en/data/translators.yml b/docs/en/data/translators.yml
index a4b87e1bf..c66eff4d4 100644
--- a/docs/en/data/translators.yml
+++ b/docs/en/data/translators.yml
@@ -1,6 +1,6 @@
nilslindemann:
login: nilslindemann
- count: 124
+ count: 125
avatarUrl: https://avatars.githubusercontent.com/u/6892179?u=1dca6a22195d6cd1ab20737c0e19a4c55d639472&v=4
url: https://github.com/nilslindemann
jaystone776:
@@ -8,16 +8,16 @@ jaystone776:
count: 46
avatarUrl: https://avatars.githubusercontent.com/u/11191137?u=299205a95e9b6817a43144a48b643346a5aac5cc&v=4
url: https://github.com/jaystone776
+ceb10n:
+ login: ceb10n
+ count: 29
+ avatarUrl: https://avatars.githubusercontent.com/u/235213?u=edcce471814a1eba9f0cdaa4cd0de18921a940a6&v=4
+ url: https://github.com/ceb10n
valentinDruzhinin:
login: valentinDruzhinin
count: 29
avatarUrl: https://avatars.githubusercontent.com/u/12831905?u=aae1ebc675c91e8fa582df4fcc4fc4128106344d&v=4
url: https://github.com/valentinDruzhinin
-ceb10n:
- login: ceb10n
- count: 27
- avatarUrl: https://avatars.githubusercontent.com/u/235213?u=edcce471814a1eba9f0cdaa4cd0de18921a940a6&v=4
- url: https://github.com/ceb10n
tokusumi:
login: tokusumi
count: 23
@@ -286,7 +286,7 @@ hsuanchi:
alejsdev:
login: alejsdev
count: 3
- avatarUrl: https://avatars.githubusercontent.com/u/90076947?u=447d12a1b347f466b35378bee4c7104cc9b2c571&v=4
+ avatarUrl: https://avatars.githubusercontent.com/u/90076947?u=85ceac49fb87138aebe8d663912e359447329090&v=4
url: https://github.com/alejsdev
riroan:
login: riroan
@@ -358,6 +358,11 @@ ruzia:
count: 3
avatarUrl: https://avatars.githubusercontent.com/u/24503?v=4
url: https://github.com/ruzia
+YuriiMotov:
+ login: YuriiMotov
+ count: 3
+ avatarUrl: https://avatars.githubusercontent.com/u/109919500?u=b9b13d598dddfab529a52d264df80a900bfe7060&v=4
+ url: https://github.com/YuriiMotov
izaguerreiro:
login: izaguerreiro
count: 2
@@ -543,8 +548,3 @@ EdmilsonRodrigues:
count: 2
avatarUrl: https://avatars.githubusercontent.com/u/62777025?u=217d6f3cd6cc750bb8818a3af7726c8d74eb7c2d&v=4
url: https://github.com/EdmilsonRodrigues
-YuriiMotov:
- login: YuriiMotov
- count: 2
- avatarUrl: https://avatars.githubusercontent.com/u/109919500?u=b9b13d598dddfab529a52d264df80a900bfe7060&v=4
- url: https://github.com/YuriiMotov
diff --git a/docs/en/docs/advanced/behind-a-proxy.md b/docs/en/docs/advanced/behind-a-proxy.md
index f692a28e8..f4dbd4560 100644
--- a/docs/en/docs/advanced/behind-a-proxy.md
+++ b/docs/en/docs/advanced/behind-a-proxy.md
@@ -443,6 +443,14 @@ The docs UI will interact with the server that you select.
///
+/// note | Technical Details
+
+The `servers` property in the OpenAPI specification is optional.
+
+If you don't specify the `servers` parameter and `root_path` is equal to `/`, the `servers` property in the generated OpenAPI schema will be omitted entirely by default, which is the equivalent of a single server with a `url` value of `/`.
+
+///
+
### Disable automatic server from `root_path` { #disable-automatic-server-from-root-path }
If you don't want **FastAPI** to include an automatic server using the `root_path`, you can use the parameter `root_path_in_servers=False`:
diff --git a/docs/en/docs/css/custom.css b/docs/en/docs/css/custom.css
index 8849d8741..87111ff64 100644
--- a/docs/en/docs/css/custom.css
+++ b/docs/en/docs/css/custom.css
@@ -1,9 +1,16 @@
/* Fira Code, including characters used by Rich output, like the "heavy right-pointing angle bracket ornament", not included in Google Fonts */
@import url(https://cdn.jsdelivr.net/npm/firacode@6.2.0/distr/fira_code.css);
+/* Noto Color Emoji for emoji support with the same font everywhere */
+@import url(https://fonts.googleapis.com/css2?family=Noto+Color+Emoji&display=swap);
/* Override default code font in Material for MkDocs to Fira Code */
:root {
- --md-code-font: "Fira Code", monospace;
+ --md-code-font: "Fira Code", monospace, "Noto Color Emoji";
+}
+
+/* Override default regular font in Material for MkDocs to include Noto Color Emoji */
+:root {
+ --md-text-font: "Roboto", "Noto Color Emoji";
}
.termynal-comment {
diff --git a/docs/en/docs/how-to/authentication-error-status-code.md b/docs/en/docs/how-to/authentication-error-status-code.md
new file mode 100644
index 000000000..f9433e5dd
--- /dev/null
+++ b/docs/en/docs/how-to/authentication-error-status-code.md
@@ -0,0 +1,17 @@
+# Use Old 403 Authentication Error Status Codes { #use-old-403-authentication-error-status-codes }
+
+Before FastAPI version `0.122.0`, when the integrated security utilities returned an error to the client after a failed authentication, they used the HTTP status code `403 Forbidden`.
+
+Starting with FastAPI version `0.122.0`, they use the more appropriate HTTP status code `401 Unauthorized`, and return a sensible `WWW-Authenticate` header in the response, following the HTTP specifications, RFC 7235, RFC 9110.
+
+But if for some reason your clients depend on the old behavior, you can revert to it by overriding the method `make_not_authenticated_error` in your security classes.
+
+For example, you can create a subclass of `HTTPBearer` that returns a `403 Forbidden` error instead of the default `401 Unauthorized` error:
+
+{* ../../docs_src/authentication_error_status_code/tutorial001_an_py39.py hl[9:13] *}
+
+/// tip
+
+Notice that the function returns the exception instance, it doesn't raise it. The raising is done in the rest of the internal code.
+
+///
diff --git a/docs/en/docs/img/sponsors/greptile-banner.png b/docs/en/docs/img/sponsors/greptile-banner.png
new file mode 100644
index 000000000..e0909b39d
Binary files /dev/null and b/docs/en/docs/img/sponsors/greptile-banner.png differ
diff --git a/docs/en/docs/img/sponsors/greptile.png b/docs/en/docs/img/sponsors/greptile.png
new file mode 100644
index 000000000..ae3d78cbd
Binary files /dev/null and b/docs/en/docs/img/sponsors/greptile.png differ
diff --git a/docs/en/docs/index.md b/docs/en/docs/index.md
index 8a79b26a6..df03b7675 100644
--- a/docs/en/docs/index.md
+++ b/docs/en/docs/index.md
@@ -46,7 +46,7 @@ The key features are:
* **Robust**: Get production-ready code. With automatic interactive documentation.
* **Standards-based**: Based on (and fully compatible with) the open standards for APIs: OpenAPI (previously known as Swagger) and JSON Schema.
-* estimation based on tests on an internal development team, building production applications.
+* estimation based on tests conducted by an internal development team, building production applications.
## Sponsors { #sponsors }
diff --git a/docs/en/docs/release-notes.md b/docs/en/docs/release-notes.md
index 4a01df4b8..ed39da111 100644
--- a/docs/en/docs/release-notes.md
+++ b/docs/en/docs/release-notes.md
@@ -7,8 +7,134 @@ hide:
## Latest Changes
+## 0.123.9
+
+### Fixes
+
+* 🐛 Fix OAuth2 scopes in OpenAPI in extra corner cases, parent dependency with scopes, sub-dependency security scheme without scopes. PR [#14459](https://github.com/fastapi/fastapi/pull/14459) by [@tiangolo](https://github.com/tiangolo).
+
+## 0.123.8
+
+### Fixes
+
+* 🐛 Fix OpenAPI security scheme OAuth2 scopes declaration, deduplicate security schemes with different scopes. PR [#14455](https://github.com/fastapi/fastapi/pull/14455) by [@tiangolo](https://github.com/tiangolo).
+
+## 0.123.7
+
+### Fixes
+
+* 🐛 Fix evaluating stringified annotations in Python 3.10. PR [#11355](https://github.com/fastapi/fastapi/pull/11355) by [@chaen](https://github.com/chaen).
+
+## 0.123.6
+
+### Fixes
+
+* 🐛 Fix support for functools wraps and partial combined, for async and regular functions and classes in path operations and dependencies. PR [#14448](https://github.com/fastapi/fastapi/pull/14448) by [@tiangolo](https://github.com/tiangolo).
+
+## 0.123.5
+
+### Features
+
+* ✨ Allow using dependables with `functools.partial()`. PR [#9753](https://github.com/fastapi/fastapi/pull/9753) by [@lieryan](https://github.com/lieryan).
+* ✨ Add support for wrapped functions (e.g. `@functools.wraps()`) used with forward references. PR [#5077](https://github.com/fastapi/fastapi/pull/5077) by [@lucaswiman](https://github.com/lucaswiman).
+* ✨ Handle wrapped dependencies. PR [#9555](https://github.com/fastapi/fastapi/pull/9555) by [@phy1729](https://github.com/phy1729).
+
+### Fixes
+
+* 🐛 Fix optional sequence handling with new union syntax from Python 3.10. PR [#14430](https://github.com/fastapi/fastapi/pull/14430) by [@Viicos](https://github.com/Viicos).
+
+### Refactors
+
+* 🔥 Remove dangling extra condiitonal no longer needed. PR [#14435](https://github.com/fastapi/fastapi/pull/14435) by [@tiangolo](https://github.com/tiangolo).
+* ♻️ Refactor internals, update `is_coroutine` check to reuse internal supported variants (unwrap, check class). PR [#14434](https://github.com/fastapi/fastapi/pull/14434) by [@tiangolo](https://github.com/tiangolo).
+
+### Translations
+
+* 🌐 Sync German docs. PR [#14367](https://github.com/fastapi/fastapi/pull/14367) by [@nilslindemann](https://github.com/nilslindemann).
+
+## 0.123.4
+
+### Fixes
+
+* 🐛 Fix OpenAPI schema support for computed fields when using `separate_input_output_schemas=False`. PR [#13207](https://github.com/fastapi/fastapi/pull/13207) by [@vgrafe](https://github.com/vgrafe).
+
+### Docs
+
+* 📝 Fix docstring of `servers` parameter. PR [#14405](https://github.com/fastapi/fastapi/pull/14405) by [@YuriiMotov](https://github.com/YuriiMotov).
+
+## 0.123.3
+
+### Fixes
+
+* 🐛 Fix Query\Header\Cookie parameter model alias. PR [#14360](https://github.com/fastapi/fastapi/pull/14360) by [@YuriiMotov](https://github.com/YuriiMotov).
+* 🐛 Fix optional sequence handling in `serialize sequence value` with Pydantic V2. PR [#14297](https://github.com/fastapi/fastapi/pull/14297) by [@YuriiMotov](https://github.com/YuriiMotov).
+
+## 0.123.2
+
+### Fixes
+
+* 🐛 Fix unformatted `{type_}` in FastAPIError. PR [#14416](https://github.com/fastapi/fastapi/pull/14416) by [@Just-Helpful](https://github.com/Just-Helpful).
+* 🐛 Fix parsing extra non-body parameter list. PR [#14356](https://github.com/fastapi/fastapi/pull/14356) by [@YuriiMotov](https://github.com/YuriiMotov).
+* 🐛 Fix parsing extra `Form` parameter list. PR [#14303](https://github.com/fastapi/fastapi/pull/14303) by [@YuriiMotov](https://github.com/YuriiMotov).
+* 🐛 Fix support for form values with empty strings interpreted as missing (`None` if that's the default), for compatibility with HTML forms. PR [#13537](https://github.com/fastapi/fastapi/pull/13537) by [@MarinPostma](https://github.com/MarinPostma).
+
+### Docs
+
+* 📝 Add tip on how to install `pip` in case of `No module named pip` error in `virtual-environments.md`. PR [#14211](https://github.com/fastapi/fastapi/pull/14211) by [@zadevhub](https://github.com/zadevhub).
+* 📝 Update Primary Key notes for the SQL databases tutorial to avoid confusion. PR [#14120](https://github.com/fastapi/fastapi/pull/14120) by [@FlaviusRaducu](https://github.com/FlaviusRaducu).
+* 📝 Clarify estimation note in documentation. PR [#14070](https://github.com/fastapi/fastapi/pull/14070) by [@SaisakthiM](https://github.com/SaisakthiM).
+
+## 0.123.1
+
+### Fixes
+
+* 🐛 Avoid accessing non-existing "$ref" key for Pydantic v2 compat remapping. PR [#14361](https://github.com/fastapi/fastapi/pull/14361) by [@svlandeg](https://github.com/svlandeg).
+* 🐛 Fix `TypeError` when encoding a decimal with a `NaN` or `Infinity` value. PR [#12935](https://github.com/fastapi/fastapi/pull/12935) by [@kentwelcome](https://github.com/kentwelcome).
+
### Internal
+* 🐛 Fix Windows UnicodeEncodeError in CLI test. PR [#14295](https://github.com/fastapi/fastapi/pull/14295) by [@hemanth-thirthahalli](https://github.com/hemanth-thirthahalli).
+* 🔧 Update sponsors: add Greptile. PR [#14429](https://github.com/fastapi/fastapi/pull/14429) by [@tiangolo](https://github.com/tiangolo).
+* 👥 Update FastAPI GitHub topic repositories. PR [#14426](https://github.com/fastapi/fastapi/pull/14426) by [@tiangolo](https://github.com/tiangolo).
+* ⬆ Bump markdown-include-variants from 0.0.6 to 0.0.7. PR [#14423](https://github.com/fastapi/fastapi/pull/14423) by [@YuriiMotov](https://github.com/YuriiMotov).
+* 👥 Update FastAPI People - Sponsors. PR [#14422](https://github.com/fastapi/fastapi/pull/14422) by [@tiangolo](https://github.com/tiangolo).
+* 👥 Update FastAPI People - Contributors and Translators. PR [#14420](https://github.com/fastapi/fastapi/pull/14420) by [@tiangolo](https://github.com/tiangolo).
+
+## 0.123.0
+
+### Fixes
+
+* 🐛 Cache dependencies that don't use scopes and don't have sub-dependencies with scopes. PR [#14419](https://github.com/fastapi/fastapi/pull/14419) by [@tiangolo](https://github.com/tiangolo).
+
+## 0.122.1
+
+### Fixes
+
+* 🐛 Fix hierarchical security scope propagation. PR [#5624](https://github.com/fastapi/fastapi/pull/5624) by [@kristjanvalur](https://github.com/kristjanvalur).
+
+### Docs
+
+* 💅 Update CSS to explicitly use emoji font. PR [#14415](https://github.com/fastapi/fastapi/pull/14415) by [@tiangolo](https://github.com/tiangolo).
+
+### Internal
+
+* ⬆ Bump markdown-include-variants from 0.0.5 to 0.0.6. PR [#14418](https://github.com/fastapi/fastapi/pull/14418) by [@YuriiMotov](https://github.com/YuriiMotov).
+
+## 0.122.0
+
+### Fixes
+
+* 🐛 Use `401` status code in security classes when credentials are missing. PR [#13786](https://github.com/fastapi/fastapi/pull/13786) by [@YuriiMotov](https://github.com/YuriiMotov).
+ * If your code depended on these classes raising the old (less correct) `403` status code, check the new docs about how to override the classes, to use the same old behavior: [Use Old 403 Authentication Error Status Codes](https://fastapi.tiangolo.com/how-to/authentication-error-status-code/).
+
+### Internal
+
+* 🔧 Configure labeler to exclude files that start from underscore for `lang-all` label. PR [#14213](https://github.com/fastapi/fastapi/pull/14213) by [@YuriiMotov](https://github.com/YuriiMotov).
+* 👷 Add pre-commit config with local script for permalinks. PR [#14398](https://github.com/fastapi/fastapi/pull/14398) by [@tiangolo](https://github.com/tiangolo).
+* 💄 Use font Fira Code to fix display of Rich panels in docs in Windows. PR [#14387](https://github.com/fastapi/fastapi/pull/14387) by [@tiangolo](https://github.com/tiangolo).
+* 👷 Add custom pre-commit CI. PR [#14397](https://github.com/fastapi/fastapi/pull/14397) by [@tiangolo](https://github.com/tiangolo).
+* ⬆ Bump actions/checkout from 5 to 6. PR [#14381](https://github.com/fastapi/fastapi/pull/14381) by [@dependabot[bot]](https://github.com/apps/dependabot).
+* 👷 Upgrade `latest-changes` GitHub Action and pin `actions/checkout@v5`. PR [#14403](https://github.com/fastapi/fastapi/pull/14403) by [@svlandeg](https://github.com/svlandeg).
* 🛠️ Add `add-permalinks` and `add-permalinks-page` to `scripts/docs.py`. PR [#14033](https://github.com/fastapi/fastapi/pull/14033) by [@YuriiMotov](https://github.com/YuriiMotov).
* 🔧 Upgrade Material for MkDocs and remove insiders. PR [#14375](https://github.com/fastapi/fastapi/pull/14375) by [@tiangolo](https://github.com/tiangolo).
diff --git a/docs/en/docs/tutorial/sql-databases.md b/docs/en/docs/tutorial/sql-databases.md
index cfa1c9073..b42e9ba2f 100644
--- a/docs/en/docs/tutorial/sql-databases.md
+++ b/docs/en/docs/tutorial/sql-databases.md
@@ -65,7 +65,7 @@ There are a few differences:
* `Field(primary_key=True)` tells SQLModel that the `id` is the **primary key** in the SQL database (you can learn more about SQL primary keys in the SQLModel docs).
- By having the type as `int | None`, SQLModel will know that this column should be an `INTEGER` in the SQL database and that it should be `NULLABLE`.
+ **Note:** We use `int | None` for the primary key field so that in Python code we can *create an object without an `id`* (`id=None`), assuming the database will *generate it when saving*. SQLModel understands that the database will provide the `id` and *defines the column as a non-null `INTEGER`* in the database schema. See SQLModel docs on primary keys for details.
* `Field(index=True)` tells SQLModel that it should create a **SQL index** for this column, that would allow faster lookups in the database when reading data filtered by this column.
diff --git a/docs/en/docs/virtual-environments.md b/docs/en/docs/virtual-environments.md
index e9b0a9fc4..c02e43ab9 100644
--- a/docs/en/docs/virtual-environments.md
+++ b/docs/en/docs/virtual-environments.md
@@ -242,6 +242,26 @@ $ python -m pip install --upgrade pip
+/// tip
+
+Sometimes, you might get a **`No module named pip`** error when trying to upgrade pip.
+
+If this happens, install and upgrade pip using the command below:
+
+
+
+```console
+$ python -m ensurepip --upgrade
+
+---> 100%
+```
+
+
+
+This command will install pip if it is not already installed and also ensures that the installed version of pip is at least as recent as the one available in `ensurepip`.
+
+///
+
## Add `.gitignore` { #add-gitignore }
If you are using **Git** (you should), add a `.gitignore` file to exclude everything in your `.venv` from Git.
diff --git a/docs/en/mkdocs.yml b/docs/en/mkdocs.yml
index 8be832f11..fd346a3d3 100644
--- a/docs/en/mkdocs.yml
+++ b/docs/en/mkdocs.yml
@@ -215,6 +215,7 @@ nav:
- how-to/custom-docs-ui-assets.md
- how-to/configure-swagger-ui.md
- how-to/testing-database.md
+ - how-to/authentication-error-status-code.md
- Reference (Code API):
- reference/index.md
- reference/fastapi.md
diff --git a/docs/en/overrides/main.html b/docs/en/overrides/main.html
index 01d39817b..a37ebf0a4 100644
--- a/docs/en/overrides/main.html
+++ b/docs/en/overrides/main.html
@@ -93,6 +93,12 @@
+
{% endblock %}
diff --git a/docs_src/authentication_error_status_code/tutorial001_an.py b/docs_src/authentication_error_status_code/tutorial001_an.py
new file mode 100644
index 000000000..40678e858
--- /dev/null
+++ b/docs_src/authentication_error_status_code/tutorial001_an.py
@@ -0,0 +1,20 @@
+from fastapi import Depends, FastAPI, HTTPException, status
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+from typing_extensions import Annotated
+
+app = FastAPI()
+
+
+class HTTPBearer403(HTTPBearer):
+ def make_not_authenticated_error(self) -> HTTPException:
+ return HTTPException(
+ status_code=status.HTTP_403_FORBIDDEN, detail="Not authenticated"
+ )
+
+
+CredentialsDep = Annotated[HTTPAuthorizationCredentials, Depends(HTTPBearer403())]
+
+
+@app.get("/me")
+def read_me(credentials: CredentialsDep):
+ return {"message": "You are authenticated", "token": credentials.credentials}
diff --git a/docs_src/authentication_error_status_code/tutorial001_an_py39.py b/docs_src/authentication_error_status_code/tutorial001_an_py39.py
new file mode 100644
index 000000000..7bbc2f717
--- /dev/null
+++ b/docs_src/authentication_error_status_code/tutorial001_an_py39.py
@@ -0,0 +1,21 @@
+from typing import Annotated
+
+from fastapi import Depends, FastAPI, HTTPException, status
+from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
+
+app = FastAPI()
+
+
+class HTTPBearer403(HTTPBearer):
+ def make_not_authenticated_error(self) -> HTTPException:
+ return HTTPException(
+ status_code=status.HTTP_403_FORBIDDEN, detail="Not authenticated"
+ )
+
+
+CredentialsDep = Annotated[HTTPAuthorizationCredentials, Depends(HTTPBearer403())]
+
+
+@app.get("/me")
+def read_me(credentials: CredentialsDep):
+ return {"message": "You are authenticated", "token": credentials.credentials}
diff --git a/docs_src/security/tutorial003.py b/docs_src/security/tutorial003.py
index 4b324866f..ce7a71b68 100644
--- a/docs_src/security/tutorial003.py
+++ b/docs_src/security/tutorial003.py
@@ -60,7 +60,7 @@ async def get_current_user(token: str = Depends(oauth2_scheme)):
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
- detail="Invalid authentication credentials",
+ detail="Not authenticated",
headers={"WWW-Authenticate": "Bearer"},
)
return user
diff --git a/docs_src/security/tutorial003_an.py b/docs_src/security/tutorial003_an.py
index 8fb40dd4a..1b7056a20 100644
--- a/docs_src/security/tutorial003_an.py
+++ b/docs_src/security/tutorial003_an.py
@@ -61,7 +61,7 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
- detail="Invalid authentication credentials",
+ detail="Not authenticated",
headers={"WWW-Authenticate": "Bearer"},
)
return user
diff --git a/docs_src/security/tutorial003_an_py310.py b/docs_src/security/tutorial003_an_py310.py
index ced4a2fbc..4a2743f6f 100644
--- a/docs_src/security/tutorial003_an_py310.py
+++ b/docs_src/security/tutorial003_an_py310.py
@@ -60,7 +60,7 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
- detail="Invalid authentication credentials",
+ detail="Not authenticated",
headers={"WWW-Authenticate": "Bearer"},
)
return user
diff --git a/docs_src/security/tutorial003_an_py39.py b/docs_src/security/tutorial003_an_py39.py
index 068a3933e..b396210c8 100644
--- a/docs_src/security/tutorial003_an_py39.py
+++ b/docs_src/security/tutorial003_an_py39.py
@@ -60,7 +60,7 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)]):
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
- detail="Invalid authentication credentials",
+ detail="Not authenticated",
headers={"WWW-Authenticate": "Bearer"},
)
return user
diff --git a/docs_src/security/tutorial003_py310.py b/docs_src/security/tutorial003_py310.py
index af935e997..081259b31 100644
--- a/docs_src/security/tutorial003_py310.py
+++ b/docs_src/security/tutorial003_py310.py
@@ -58,7 +58,7 @@ async def get_current_user(token: str = Depends(oauth2_scheme)):
if not user:
raise HTTPException(
status_code=status.HTTP_401_UNAUTHORIZED,
- detail="Invalid authentication credentials",
+ detail="Not authenticated",
headers={"WWW-Authenticate": "Bearer"},
)
return user
diff --git a/fastapi/__init__.py b/fastapi/__init__.py
index 85a7ea7b5..dc5467b0f 100644
--- a/fastapi/__init__.py
+++ b/fastapi/__init__.py
@@ -1,6 +1,6 @@
"""FastAPI framework, high performance, easy to learn, fast to code, ready for production"""
-__version__ = "0.121.3"
+__version__ = "0.123.9"
from starlette import status as status
diff --git a/fastapi/_compat/v2.py b/fastapi/_compat/v2.py
index 5cd49343b..0faa7d5a8 100644
--- a/fastapi/_compat/v2.py
+++ b/fastapi/_compat/v2.py
@@ -17,7 +17,7 @@ from typing import (
from fastapi._compat import may_v1, shared
from fastapi.openapi.constants import REF_TEMPLATE
-from fastapi.types import IncEx, ModelNameMap
+from fastapi.types import IncEx, ModelNameMap, UnionType
from pydantic import BaseModel, TypeAdapter, create_model
from pydantic import PydanticSchemaGenerationError as PydanticSchemaGenerationError
from pydantic import PydanticUndefinedAnnotation as PydanticUndefinedAnnotation
@@ -180,8 +180,13 @@ def get_schema_from_model_field(
],
separate_input_output_schemas: bool = True,
) -> Dict[str, Any]:
+ computed_fields = field._type_adapter.core_schema.get("schema", {}).get(
+ "computed_fields", []
+ )
override_mode: Union[Literal["validation"], None] = (
- None if separate_input_output_schemas else "validation"
+ None
+ if (separate_input_output_schemas or len(computed_fields) > 0)
+ else "validation"
)
# This expects that GenerateJsonSchema was already used to generate the definitions
json_schema = field_mapping[(field, override_mode or field.mode)]
@@ -203,9 +208,14 @@ def get_definitions(
Dict[Tuple[ModelField, Literal["validation", "serialization"]], JsonSchemaValue],
Dict[str, Dict[str, Any]],
]:
+ has_computed_fields: bool = any(
+ field._type_adapter.core_schema.get("schema", {}).get("computed_fields", [])
+ for field in fields
+ )
+
schema_generator = GenerateJsonSchema(ref_template=REF_TEMPLATE)
override_mode: Union[Literal["validation"], None] = (
- None if separate_input_output_schemas else "validation"
+ None if (separate_input_output_schemas or has_computed_fields) else "validation"
)
validation_fields = [field for field in fields if field.mode == "validation"]
serialization_fields = [field for field in fields if field.mode == "serialization"]
@@ -304,7 +314,7 @@ def _remap_definitions_and_field_mappings(
old_name_to_new_name_map = {}
for field_key, schema in field_mapping.items():
model = field_key[0].type_
- if model not in model_name_map:
+ if model not in model_name_map or "$ref" not in schema:
continue
new_name = model_name_map[model]
old_name = schema["$ref"].split("/")[-1]
@@ -371,6 +381,13 @@ def copy_field_info(*, field_info: FieldInfo, annotation: Any) -> FieldInfo:
def serialize_sequence_value(*, field: ModelField, value: Any) -> Sequence[Any]:
origin_type = get_origin(field.field_info.annotation) or field.field_info.annotation
+ if origin_type is Union or origin_type is UnionType: # Handle optional sequences
+ union_args = get_args(field.field_info.annotation)
+ for union_arg in union_args:
+ if union_arg is type(None):
+ continue
+ origin_type = get_origin(union_arg) or union_arg
+ break
assert issubclass(origin_type, shared.sequence_types) # type: ignore[arg-type]
return shared.sequence_annotation_to_type[origin_type](value) # type: ignore[no-any-return]
diff --git a/fastapi/applications.py b/fastapi/applications.py
index 0a47699ae..02193312b 100644
--- a/fastapi/applications.py
+++ b/fastapi/applications.py
@@ -301,7 +301,12 @@ class FastAPI(Starlette):
browser tabs open). Or if you want to leave fixed the possible URLs.
If the servers `list` is not provided, or is an empty `list`, the
- default value would be a `dict` with a `url` value of `/`.
+ `servers` property in the generated OpenAPI will be:
+
+ * a `dict` with a `url` value of the application's mounting point
+ (`root_path`) if it's different from `/`.
+ * otherwise, the `servers` property will be omitted from the OpenAPI
+ schema.
Each item in the `list` is a `dict` containing:
diff --git a/fastapi/dependencies/models.py b/fastapi/dependencies/models.py
index d6359c0f5..af168a177 100644
--- a/fastapi/dependencies/models.py
+++ b/fastapi/dependencies/models.py
@@ -1,8 +1,8 @@
import inspect
import sys
from dataclasses import dataclass, field
-from functools import cached_property
-from typing import Any, Callable, List, Optional, Sequence, Union
+from functools import cached_property, partial
+from typing import Any, Callable, List, Optional, Union
from fastapi._compat import ModelField
from fastapi.security.base import SecurityBase
@@ -15,10 +15,17 @@ else: # pragma: no cover
from asyncio import iscoroutinefunction
-@dataclass
-class SecurityRequirement:
- security_scheme: SecurityBase
- scopes: Optional[Sequence[str]] = None
+def _unwrapped_call(call: Optional[Callable[..., Any]]) -> Any:
+ if call is None:
+ return call # pragma: no cover
+ unwrapped = inspect.unwrap(_impartial(call))
+ return unwrapped
+
+
+def _impartial(func: Callable[..., Any]) -> Callable[..., Any]:
+ while isinstance(func, partial):
+ func = func.func
+ return func
@dataclass
@@ -29,7 +36,6 @@ class Dependant:
cookie_params: List[ModelField] = field(default_factory=list)
body_params: List[ModelField] = field(default_factory=list)
dependencies: List["Dependant"] = field(default_factory=list)
- security_requirements: List[SecurityRequirement] = field(default_factory=list)
name: Optional[str] = None
call: Optional[Callable[..., Any]] = None
request_param_name: Optional[str] = None
@@ -38,41 +44,140 @@ class Dependant:
response_param_name: Optional[str] = None
background_tasks_param_name: Optional[str] = None
security_scopes_param_name: Optional[str] = None
- security_scopes: Optional[List[str]] = None
+ own_oauth_scopes: Optional[List[str]] = None
+ parent_oauth_scopes: Optional[List[str]] = None
use_cache: bool = True
path: Optional[str] = None
scope: Union[Literal["function", "request"], None] = None
+ @cached_property
+ def oauth_scopes(self) -> List[str]:
+ scopes = self.parent_oauth_scopes.copy() if self.parent_oauth_scopes else []
+ # This doesn't use a set to preserve order, just in case
+ for scope in self.own_oauth_scopes or []:
+ if scope not in scopes:
+ scopes.append(scope)
+ return scopes
+
@cached_property
def cache_key(self) -> DependencyCacheKey:
+ scopes_for_cache = (
+ tuple(sorted(set(self.oauth_scopes or []))) if self._uses_scopes else ()
+ )
return (
self.call,
- tuple(sorted(set(self.security_scopes or []))),
+ scopes_for_cache,
self.computed_scope or "",
)
@cached_property
- def is_gen_callable(self) -> bool:
- if inspect.isgeneratorfunction(self.call):
+ def _uses_scopes(self) -> bool:
+ if self.own_oauth_scopes:
return True
- dunder_call = getattr(self.call, "__call__", None) # noqa: B004
- return inspect.isgeneratorfunction(dunder_call)
+ if self.security_scopes_param_name is not None:
+ return True
+ if self._is_security_scheme:
+ return True
+ for sub_dep in self.dependencies:
+ if sub_dep._uses_scopes:
+ return True
+ return False
+
+ @cached_property
+ def _is_security_scheme(self) -> bool:
+ if self.call is None:
+ return False # pragma: no cover
+ unwrapped = _unwrapped_call(self.call)
+ return isinstance(unwrapped, SecurityBase)
+
+ # Mainly to get the type of SecurityBase, but it's the same self.call
+ @cached_property
+ def _security_scheme(self) -> SecurityBase:
+ unwrapped = _unwrapped_call(self.call)
+ assert isinstance(unwrapped, SecurityBase)
+ return unwrapped
+
+ @cached_property
+ def _security_dependencies(self) -> List["Dependant"]:
+ security_deps = [dep for dep in self.dependencies if dep._is_security_scheme]
+ return security_deps
+
+ @cached_property
+ def is_gen_callable(self) -> bool:
+ if self.call is None:
+ return False # pragma: no cover
+ if inspect.isgeneratorfunction(
+ _impartial(self.call)
+ ) or inspect.isgeneratorfunction(_unwrapped_call(self.call)):
+ return True
+ dunder_call = getattr(_impartial(self.call), "__call__", None) # noqa: B004
+ if dunder_call is None:
+ return False # pragma: no cover
+ if inspect.isgeneratorfunction(
+ _impartial(dunder_call)
+ ) or inspect.isgeneratorfunction(_unwrapped_call(dunder_call)):
+ return True
+ dunder_unwrapped_call = getattr(_unwrapped_call(self.call), "__call__", None) # noqa: B004
+ if dunder_unwrapped_call is None:
+ return False # pragma: no cover
+ if inspect.isgeneratorfunction(
+ _impartial(dunder_unwrapped_call)
+ ) or inspect.isgeneratorfunction(_unwrapped_call(dunder_unwrapped_call)):
+ return True
+ return False
@cached_property
def is_async_gen_callable(self) -> bool:
- if inspect.isasyncgenfunction(self.call):
+ if self.call is None:
+ return False # pragma: no cover
+ if inspect.isasyncgenfunction(
+ _impartial(self.call)
+ ) or inspect.isasyncgenfunction(_unwrapped_call(self.call)):
return True
- dunder_call = getattr(self.call, "__call__", None) # noqa: B004
- return inspect.isasyncgenfunction(dunder_call)
+ dunder_call = getattr(_impartial(self.call), "__call__", None) # noqa: B004
+ if dunder_call is None:
+ return False # pragma: no cover
+ if inspect.isasyncgenfunction(
+ _impartial(dunder_call)
+ ) or inspect.isasyncgenfunction(_unwrapped_call(dunder_call)):
+ return True
+ dunder_unwrapped_call = getattr(_unwrapped_call(self.call), "__call__", None) # noqa: B004
+ if dunder_unwrapped_call is None:
+ return False # pragma: no cover
+ if inspect.isasyncgenfunction(
+ _impartial(dunder_unwrapped_call)
+ ) or inspect.isasyncgenfunction(_unwrapped_call(dunder_unwrapped_call)):
+ return True
+ return False
@cached_property
def is_coroutine_callable(self) -> bool:
- if inspect.isroutine(self.call):
- return iscoroutinefunction(self.call)
- if inspect.isclass(self.call):
- return False
- dunder_call = getattr(self.call, "__call__", None) # noqa: B004
- return iscoroutinefunction(dunder_call)
+ if self.call is None:
+ return False # pragma: no cover
+ if inspect.isroutine(_impartial(self.call)) and iscoroutinefunction(
+ _impartial(self.call)
+ ):
+ return True
+ if inspect.isroutine(_unwrapped_call(self.call)) and iscoroutinefunction(
+ _unwrapped_call(self.call)
+ ):
+ return True
+ dunder_call = getattr(_impartial(self.call), "__call__", None) # noqa: B004
+ if dunder_call is None:
+ return False # pragma: no cover
+ if iscoroutinefunction(_impartial(dunder_call)) or iscoroutinefunction(
+ _unwrapped_call(dunder_call)
+ ):
+ return True
+ dunder_unwrapped_call = getattr(_unwrapped_call(self.call), "__call__", None) # noqa: B004
+ if dunder_unwrapped_call is None:
+ return False # pragma: no cover
+ if iscoroutinefunction(
+ _impartial(dunder_unwrapped_call)
+ ) or iscoroutinefunction(_unwrapped_call(dunder_unwrapped_call)):
+ return True
+ # if inspect.isclass(self.call): False, covered by default return
+ return False
@cached_property
def computed_scope(self) -> Union[str, None]:
diff --git a/fastapi/dependencies/utils.py b/fastapi/dependencies/utils.py
index 7733ba1a2..57b577263 100644
--- a/fastapi/dependencies/utils.py
+++ b/fastapi/dependencies/utils.py
@@ -1,5 +1,6 @@
import dataclasses
import inspect
+import sys
from contextlib import AsyncExitStack, contextmanager
from copy import copy, deepcopy
from dataclasses import dataclass
@@ -55,12 +56,10 @@ from fastapi.concurrency import (
contextmanager_in_threadpool,
)
from fastapi.datastructures import UploadFile as FastAPIUploadFile
-from fastapi.dependencies.models import Dependant, SecurityRequirement
+from fastapi.dependencies.models import Dependant
from fastapi.exceptions import DependencyScopeError
from fastapi.logger import logger
-from fastapi.security.base import SecurityBase
-from fastapi.security.oauth2 import OAuth2, SecurityScopes
-from fastapi.security.open_id_connect_url import OpenIdConnect
+from fastapi.security.oauth2 import SecurityScopes
from fastapi.types import DependencyCacheKey
from fastapi.utils import create_model_field, get_path_param_names
from pydantic import BaseModel
@@ -127,14 +126,14 @@ def get_parameterless_sub_dependant(*, depends: params.Depends, path: str) -> De
assert callable(depends.dependency), (
"A parameter-less dependency must have a callable dependency"
)
- use_security_scopes: List[str] = []
+ own_oauth_scopes: List[str] = []
if isinstance(depends, params.Security) and depends.scopes:
- use_security_scopes.extend(depends.scopes)
+ own_oauth_scopes.extend(depends.scopes)
return get_dependant(
path=path,
call=depends.dependency,
scope=depends.scope,
- security_scopes=use_security_scopes,
+ own_oauth_scopes=own_oauth_scopes,
)
@@ -143,10 +142,14 @@ def get_flat_dependant(
*,
skip_repeats: bool = False,
visited: Optional[List[DependencyCacheKey]] = None,
+ parent_oauth_scopes: Optional[List[str]] = None,
) -> Dependant:
if visited is None:
visited = []
visited.append(dependant.cache_key)
+ use_parent_oauth_scopes = (parent_oauth_scopes or []) + (
+ dependant.oauth_scopes or []
+ )
flat_dependant = Dependant(
path_params=dependant.path_params.copy(),
@@ -154,22 +157,37 @@ def get_flat_dependant(
header_params=dependant.header_params.copy(),
cookie_params=dependant.cookie_params.copy(),
body_params=dependant.body_params.copy(),
- security_requirements=dependant.security_requirements.copy(),
+ name=dependant.name,
+ call=dependant.call,
+ request_param_name=dependant.request_param_name,
+ websocket_param_name=dependant.websocket_param_name,
+ http_connection_param_name=dependant.http_connection_param_name,
+ response_param_name=dependant.response_param_name,
+ background_tasks_param_name=dependant.background_tasks_param_name,
+ security_scopes_param_name=dependant.security_scopes_param_name,
+ own_oauth_scopes=dependant.own_oauth_scopes,
+ parent_oauth_scopes=use_parent_oauth_scopes,
use_cache=dependant.use_cache,
path=dependant.path,
+ scope=dependant.scope,
)
for sub_dependant in dependant.dependencies:
if skip_repeats and sub_dependant.cache_key in visited:
continue
flat_sub = get_flat_dependant(
- sub_dependant, skip_repeats=skip_repeats, visited=visited
+ sub_dependant,
+ skip_repeats=skip_repeats,
+ visited=visited,
+ parent_oauth_scopes=flat_dependant.oauth_scopes,
)
+ flat_dependant.dependencies.append(flat_sub)
flat_dependant.path_params.extend(flat_sub.path_params)
flat_dependant.query_params.extend(flat_sub.query_params)
flat_dependant.header_params.extend(flat_sub.header_params)
flat_dependant.cookie_params.extend(flat_sub.cookie_params)
flat_dependant.body_params.extend(flat_sub.body_params)
- flat_dependant.security_requirements.extend(flat_sub.security_requirements)
+ flat_dependant.dependencies.extend(flat_sub.dependencies)
+
return flat_dependant
@@ -193,8 +211,12 @@ def get_flat_params(dependant: Dependant) -> List[ModelField]:
def get_typed_signature(call: Callable[..., Any]) -> inspect.Signature:
- signature = inspect.signature(call)
- globalns = getattr(call, "__globals__", {})
+ if sys.version_info >= (3, 10):
+ signature = inspect.signature(call, eval_str=True)
+ else:
+ signature = inspect.signature(call)
+ unwrapped = inspect.unwrap(call)
+ globalns = getattr(unwrapped, "__globals__", {})
typed_params = [
inspect.Parameter(
name=param.name,
@@ -218,13 +240,17 @@ def get_typed_annotation(annotation: Any, globalns: Dict[str, Any]) -> Any:
def get_typed_return_annotation(call: Callable[..., Any]) -> Any:
- signature = inspect.signature(call)
+ if sys.version_info >= (3, 10):
+ signature = inspect.signature(call, eval_str=True)
+ else:
+ signature = inspect.signature(call)
+ unwrapped = inspect.unwrap(call)
annotation = signature.return_annotation
if annotation is inspect.Signature.empty:
return None
- globalns = getattr(call, "__globals__", {})
+ globalns = getattr(unwrapped, "__globals__", {})
return get_typed_annotation(annotation, globalns)
@@ -233,7 +259,8 @@ def get_dependant(
path: str,
call: Callable[..., Any],
name: Optional[str] = None,
- security_scopes: Optional[List[str]] = None,
+ own_oauth_scopes: Optional[List[str]] = None,
+ parent_oauth_scopes: Optional[List[str]] = None,
use_cache: bool = True,
scope: Union[Literal["function", "request"], None] = None,
) -> Dependant:
@@ -241,21 +268,15 @@ def get_dependant(
call=call,
name=name,
path=path,
- security_scopes=security_scopes,
use_cache=use_cache,
scope=scope,
+ own_oauth_scopes=own_oauth_scopes,
+ parent_oauth_scopes=parent_oauth_scopes,
)
+ current_scopes = (parent_oauth_scopes or []) + (own_oauth_scopes or [])
path_param_names = get_path_param_names(path)
endpoint_signature = get_typed_signature(call)
signature_params = endpoint_signature.parameters
- if isinstance(call, SecurityBase):
- use_scopes: List[str] = []
- if isinstance(call, (OAuth2, OpenIdConnect)):
- use_scopes = security_scopes or use_scopes
- security_requirement = SecurityRequirement(
- security_scheme=call, scopes=use_scopes
- )
- dependant.security_requirements.append(security_requirement)
for param_name, param in signature_params.items():
is_path_param = param_name in path_param_names
param_details = analyze_param(
@@ -276,15 +297,16 @@ def get_dependant(
f'The dependency "{dependant.call.__name__}" has a scope of '
'"request", it cannot depend on dependencies with scope "function".'
)
- use_security_scopes = security_scopes or []
+ sub_own_oauth_scopes: List[str] = []
if isinstance(param_details.depends, params.Security):
if param_details.depends.scopes:
- use_security_scopes.extend(param_details.depends.scopes)
+ sub_own_oauth_scopes = list(param_details.depends.scopes)
sub_dependant = get_dependant(
path=path,
call=param_details.depends.dependency,
name=param_name,
- security_scopes=use_security_scopes,
+ own_oauth_scopes=sub_own_oauth_scopes,
+ parent_oauth_scopes=current_scopes,
use_cache=param_details.depends.use_cache,
scope=param_details.depends.scope,
)
@@ -547,10 +569,10 @@ async def _solve_generator(
*, dependant: Dependant, stack: AsyncExitStack, sub_values: Dict[str, Any]
) -> Any:
assert dependant.call
- if dependant.is_gen_callable:
- cm = contextmanager_in_threadpool(contextmanager(dependant.call)(**sub_values))
- elif dependant.is_async_gen_callable:
+ if dependant.is_async_gen_callable:
cm = asynccontextmanager(dependant.call)(**sub_values)
+ elif dependant.is_gen_callable:
+ cm = contextmanager_in_threadpool(contextmanager(dependant.call)(**sub_values))
return await stack.enter_async_context(cm)
@@ -610,7 +632,7 @@ async def solve_dependencies(
path=use_path,
call=call,
name=sub_dependant.name,
- security_scopes=sub_dependant.security_scopes,
+ parent_oauth_scopes=sub_dependant.oauth_scopes,
scope=sub_dependant.scope,
)
@@ -692,7 +714,7 @@ async def solve_dependencies(
values[dependant.response_param_name] = response
if dependant.security_scopes_param_name:
values[dependant.security_scopes_param_name] = SecurityScopes(
- scopes=dependant.security_scopes
+ scopes=dependant.oauth_scopes
)
return SolvedDependency(
values=values,
@@ -788,13 +810,19 @@ def request_params_to_args(
)
value = _get_multidict_value(field, received_params, alias=alias)
if value is not None:
- params_to_process[field.name] = value
+ params_to_process[field.alias] = value
processed_keys.add(alias or field.alias)
- processed_keys.add(field.name)
- for key, value in received_params.items():
+ for key in received_params.keys():
if key not in processed_keys:
- params_to_process[key] = value
+ if hasattr(received_params, "getlist"):
+ value = received_params.getlist(key)
+ if isinstance(value, list) and (len(value) == 1):
+ params_to_process[key] = value[0]
+ else:
+ params_to_process[key] = value
+ else:
+ params_to_process[key] = received_params.get(key)
if single_not_embedded_field:
field_info = first_field.field_info
@@ -911,9 +939,14 @@ async def _extract_form_body(
]
if value is not None:
values[field.alias] = value
- for key, value in received_body.items():
- if key not in values:
- values[key] = value
+ field_aliases = {field.alias for field in body_fields}
+ for key in received_body.keys():
+ if key not in field_aliases:
+ param_values = received_body.getlist(key)
+ if len(param_values) == 1:
+ values[key] = param_values[0]
+ else:
+ values[key] = param_values
return values
diff --git a/fastapi/encoders.py b/fastapi/encoders.py
index 6fc6228e1..793951089 100644
--- a/fastapi/encoders.py
+++ b/fastapi/encoders.py
@@ -34,14 +34,14 @@ def isoformat(o: Union[datetime.date, datetime.time]) -> str:
return o.isoformat()
-# Taken from Pydantic v1 as is
+# Adapted from Pydantic v1
# TODO: pv2 should this return strings instead?
def decimal_encoder(dec_value: Decimal) -> Union[int, float]:
"""
- Encodes a Decimal as int of there's no exponent, otherwise float
+ Encodes a Decimal as int if there's no exponent, otherwise float
This is useful when we use ConstrainedDecimal to represent Numeric(x,0)
- where a integer (but not int typed) is used. Encoding this as a float
+ where an integer (but not int typed) is used. Encoding this as a float
results in failed round-tripping between encode and parse.
Our Id type is a prime example of this.
@@ -50,8 +50,12 @@ def decimal_encoder(dec_value: Decimal) -> Union[int, float]:
>>> decimal_encoder(Decimal("1"))
1
+
+ >>> decimal_encoder(Decimal("NaN"))
+ nan
"""
- if dec_value.as_tuple().exponent >= 0: # type: ignore[operator]
+ exponent = dec_value.as_tuple().exponent
+ if isinstance(exponent, int) and exponent >= 0:
return int(dec_value)
else:
return float(dec_value)
diff --git a/fastapi/openapi/utils.py b/fastapi/openapi/utils.py
index dbc93d289..06c14861a 100644
--- a/fastapi/openapi/utils.py
+++ b/fastapi/openapi/utils.py
@@ -79,16 +79,25 @@ def get_openapi_security_definitions(
flat_dependant: Dependant,
) -> Tuple[Dict[str, Any], List[Dict[str, Any]]]:
security_definitions = {}
- operation_security = []
- for security_requirement in flat_dependant.security_requirements:
+ # Use a dict to merge scopes for same security scheme
+ operation_security_dict: Dict[str, List[str]] = {}
+ for security_dependency in flat_dependant._security_dependencies:
security_definition = jsonable_encoder(
- security_requirement.security_scheme.model,
+ security_dependency._security_scheme.model,
by_alias=True,
exclude_none=True,
)
- security_name = security_requirement.security_scheme.scheme_name
+ security_name = security_dependency._security_scheme.scheme_name
security_definitions[security_name] = security_definition
- operation_security.append({security_name: security_requirement.scopes})
+ # Merge scopes for the same security scheme
+ if security_name not in operation_security_dict:
+ operation_security_dict[security_name] = []
+ for scope in security_dependency.oauth_scopes or []:
+ if scope not in operation_security_dict[security_name]:
+ operation_security_dict[security_name].append(scope)
+ operation_security = [
+ {name: scopes} for name, scopes in operation_security_dict.items()
+ ]
return security_definitions, operation_security
diff --git a/fastapi/routing.py b/fastapi/routing.py
index a8e12eb60..c10175b16 100644
--- a/fastapi/routing.py
+++ b/fastapi/routing.py
@@ -3,7 +3,6 @@ import email.message
import functools
import inspect
import json
-import sys
from contextlib import AsyncExitStack, asynccontextmanager
from enum import Enum, IntEnum
from typing import (
@@ -79,11 +78,6 @@ from starlette.types import AppType, ASGIApp, Lifespan, Receive, Scope, Send
from starlette.websockets import WebSocket
from typing_extensions import Annotated, deprecated
-if sys.version_info >= (3, 13): # pragma: no cover
- from inspect import iscoroutinefunction
-else: # pragma: no cover
- from asyncio import iscoroutinefunction
-
# Copy of starlette.routing.request_response modified to include the
# dependencies' AsyncExitStack
@@ -308,7 +302,7 @@ def get_request_handler(
embed_body_fields: bool = False,
) -> Callable[[Request], Coroutine[Any, Any, Response]]:
assert dependant.call is not None, "dependant.call must be a function"
- is_coroutine = iscoroutinefunction(dependant.call)
+ is_coroutine = dependant.is_coroutine_callable
is_body_form = body_field and isinstance(
body_field.field_info, (params.Form, temp_pydantic_v1_params.Form)
)
diff --git a/fastapi/security/api_key.py b/fastapi/security/api_key.py
index 496c815a7..81c7be10d 100644
--- a/fastapi/security/api_key.py
+++ b/fastapi/security/api_key.py
@@ -1,22 +1,52 @@
-from typing import Optional
+from typing import Optional, Union
from annotated_doc import Doc
from fastapi.openapi.models import APIKey, APIKeyIn
from fastapi.security.base import SecurityBase
from starlette.exceptions import HTTPException
from starlette.requests import Request
-from starlette.status import HTTP_403_FORBIDDEN
+from starlette.status import HTTP_401_UNAUTHORIZED
from typing_extensions import Annotated
class APIKeyBase(SecurityBase):
- @staticmethod
- def check_api_key(api_key: Optional[str], auto_error: bool) -> Optional[str]:
+ def __init__(
+ self,
+ location: APIKeyIn,
+ name: str,
+ description: Union[str, None],
+ scheme_name: Union[str, None],
+ auto_error: bool,
+ ):
+ self.auto_error = auto_error
+
+ self.model: APIKey = APIKey(
+ **{"in": location},
+ name=name,
+ description=description,
+ )
+ self.scheme_name = scheme_name or self.__class__.__name__
+
+ def make_not_authenticated_error(self) -> HTTPException:
+ """
+ The WWW-Authenticate header is not standardized for API Key authentication but
+ the HTTP specification requires that an error of 401 "Unauthorized" must
+ include a WWW-Authenticate header.
+
+ Ref: https://datatracker.ietf.org/doc/html/rfc9110#name-401-unauthorized
+
+ For this, this method sends a custom challenge `APIKey`.
+ """
+ return HTTPException(
+ status_code=HTTP_401_UNAUTHORIZED,
+ detail="Not authenticated",
+ headers={"WWW-Authenticate": "APIKey"},
+ )
+
+ def check_api_key(self, api_key: Optional[str]) -> Optional[str]:
if not api_key:
- if auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
- )
+ if self.auto_error:
+ raise self.make_not_authenticated_error()
return None
return api_key
@@ -100,17 +130,17 @@ class APIKeyQuery(APIKeyBase):
),
] = True,
):
- self.model: APIKey = APIKey(
- **{"in": APIKeyIn.query},
+ super().__init__(
+ location=APIKeyIn.query,
name=name,
+ scheme_name=scheme_name,
description=description,
+ auto_error=auto_error,
)
- self.scheme_name = scheme_name or self.__class__.__name__
- self.auto_error = auto_error
async def __call__(self, request: Request) -> Optional[str]:
api_key = request.query_params.get(self.model.name)
- return self.check_api_key(api_key, self.auto_error)
+ return self.check_api_key(api_key)
class APIKeyHeader(APIKeyBase):
@@ -188,17 +218,17 @@ class APIKeyHeader(APIKeyBase):
),
] = True,
):
- self.model: APIKey = APIKey(
- **{"in": APIKeyIn.header},
+ super().__init__(
+ location=APIKeyIn.header,
name=name,
+ scheme_name=scheme_name,
description=description,
+ auto_error=auto_error,
)
- self.scheme_name = scheme_name or self.__class__.__name__
- self.auto_error = auto_error
async def __call__(self, request: Request) -> Optional[str]:
api_key = request.headers.get(self.model.name)
- return self.check_api_key(api_key, self.auto_error)
+ return self.check_api_key(api_key)
class APIKeyCookie(APIKeyBase):
@@ -276,14 +306,14 @@ class APIKeyCookie(APIKeyBase):
),
] = True,
):
- self.model: APIKey = APIKey(
- **{"in": APIKeyIn.cookie},
+ super().__init__(
+ location=APIKeyIn.cookie,
name=name,
+ scheme_name=scheme_name,
description=description,
+ auto_error=auto_error,
)
- self.scheme_name = scheme_name or self.__class__.__name__
- self.auto_error = auto_error
async def __call__(self, request: Request) -> Optional[str]:
api_key = request.cookies.get(self.model.name)
- return self.check_api_key(api_key, self.auto_error)
+ return self.check_api_key(api_key)
diff --git a/fastapi/security/http.py b/fastapi/security/http.py
index 3a5985650..0d1bbba3a 100644
--- a/fastapi/security/http.py
+++ b/fastapi/security/http.py
@@ -1,6 +1,6 @@
import binascii
from base64 import b64decode
-from typing import Optional
+from typing import Dict, Optional
from annotated_doc import Doc
from fastapi.exceptions import HTTPException
@@ -10,7 +10,7 @@ from fastapi.security.base import SecurityBase
from fastapi.security.utils import get_authorization_scheme_param
from pydantic import BaseModel
from starlette.requests import Request
-from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN
+from starlette.status import HTTP_401_UNAUTHORIZED
from typing_extensions import Annotated
@@ -76,10 +76,22 @@ class HTTPBase(SecurityBase):
description: Optional[str] = None,
auto_error: bool = True,
):
- self.model = HTTPBaseModel(scheme=scheme, description=description)
+ self.model: HTTPBaseModel = HTTPBaseModel(
+ scheme=scheme, description=description
+ )
self.scheme_name = scheme_name or self.__class__.__name__
self.auto_error = auto_error
+ def make_authenticate_headers(self) -> Dict[str, str]:
+ return {"WWW-Authenticate": f"{self.model.scheme.title()}"}
+
+ def make_not_authenticated_error(self) -> HTTPException:
+ return HTTPException(
+ status_code=HTTP_401_UNAUTHORIZED,
+ detail="Not authenticated",
+ headers=self.make_authenticate_headers(),
+ )
+
async def __call__(
self, request: Request
) -> Optional[HTTPAuthorizationCredentials]:
@@ -87,9 +99,7 @@ class HTTPBase(SecurityBase):
scheme, credentials = get_authorization_scheme_param(authorization)
if not (authorization and scheme and credentials):
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
- )
+ raise self.make_not_authenticated_error()
else:
return None
return HTTPAuthorizationCredentials(scheme=scheme, credentials=credentials)
@@ -99,6 +109,8 @@ class HTTPBasic(HTTPBase):
"""
HTTP Basic authentication.
+ Ref: https://datatracker.ietf.org/doc/html/rfc7617
+
## Usage
Create an instance object and use that object as the dependency in `Depends()`.
@@ -185,36 +197,28 @@ class HTTPBasic(HTTPBase):
self.realm = realm
self.auto_error = auto_error
+ def make_authenticate_headers(self) -> Dict[str, str]:
+ if self.realm:
+ return {"WWW-Authenticate": f'Basic realm="{self.realm}"'}
+ return {"WWW-Authenticate": "Basic"}
+
async def __call__( # type: ignore
self, request: Request
) -> Optional[HTTPBasicCredentials]:
authorization = request.headers.get("Authorization")
scheme, param = get_authorization_scheme_param(authorization)
- if self.realm:
- unauthorized_headers = {"WWW-Authenticate": f'Basic realm="{self.realm}"'}
- else:
- unauthorized_headers = {"WWW-Authenticate": "Basic"}
if not authorization or scheme.lower() != "basic":
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_401_UNAUTHORIZED,
- detail="Not authenticated",
- headers=unauthorized_headers,
- )
+ raise self.make_not_authenticated_error()
else:
return None
- invalid_user_credentials_exc = HTTPException(
- status_code=HTTP_401_UNAUTHORIZED,
- detail="Invalid authentication credentials",
- headers=unauthorized_headers,
- )
try:
data = b64decode(param).decode("ascii")
- except (ValueError, UnicodeDecodeError, binascii.Error):
- raise invalid_user_credentials_exc # noqa: B904
+ except (ValueError, UnicodeDecodeError, binascii.Error) as e:
+ raise self.make_not_authenticated_error() from e
username, separator, password = data.partition(":")
if not separator:
- raise invalid_user_credentials_exc
+ raise self.make_not_authenticated_error()
return HTTPBasicCredentials(username=username, password=password)
@@ -306,17 +310,12 @@ class HTTPBearer(HTTPBase):
scheme, credentials = get_authorization_scheme_param(authorization)
if not (authorization and scheme and credentials):
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
- )
+ raise self.make_not_authenticated_error()
else:
return None
if scheme.lower() != "bearer":
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN,
- detail="Invalid authentication credentials",
- )
+ raise self.make_not_authenticated_error()
else:
return None
return HTTPAuthorizationCredentials(scheme=scheme, credentials=credentials)
@@ -326,6 +325,12 @@ class HTTPDigest(HTTPBase):
"""
HTTP Digest authentication.
+ **Warning**: this is only a stub to connect the components with OpenAPI in FastAPI,
+ but it doesn't implement the full Digest scheme, you would need to to subclass it
+ and implement it in your code.
+
+ Ref: https://datatracker.ietf.org/doc/html/rfc7616
+
## Usage
Create an instance object and use that object as the dependency in `Depends()`.
@@ -408,17 +413,12 @@ class HTTPDigest(HTTPBase):
scheme, credentials = get_authorization_scheme_param(authorization)
if not (authorization and scheme and credentials):
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
- )
+ raise self.make_not_authenticated_error()
else:
return None
if scheme.lower() != "digest":
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN,
- detail="Invalid authentication credentials",
- )
+ raise self.make_not_authenticated_error()
else:
return None
return HTTPAuthorizationCredentials(scheme=scheme, credentials=credentials)
diff --git a/fastapi/security/oauth2.py b/fastapi/security/oauth2.py
index f8d97d762..b41b0f877 100644
--- a/fastapi/security/oauth2.py
+++ b/fastapi/security/oauth2.py
@@ -8,7 +8,7 @@ from fastapi.param_functions import Form
from fastapi.security.base import SecurityBase
from fastapi.security.utils import get_authorization_scheme_param
from starlette.requests import Request
-from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN
+from starlette.status import HTTP_401_UNAUTHORIZED
# TODO: import from typing when deprecating Python 3.9
from typing_extensions import Annotated
@@ -377,13 +377,33 @@ class OAuth2(SecurityBase):
self.scheme_name = scheme_name or self.__class__.__name__
self.auto_error = auto_error
+ def make_not_authenticated_error(self) -> HTTPException:
+ """
+ The OAuth 2 specification doesn't define the challenge that should be used,
+ because a `Bearer` token is not really the only option to authenticate.
+
+ But declaring any other authentication challenge would be application-specific
+ as it's not defined in the specification.
+
+ For practical reasons, this method uses the `Bearer` challenge by default, as
+ it's probably the most common one.
+
+ If you are implementing an OAuth2 authentication scheme other than the provided
+ ones in FastAPI (based on bearer tokens), you might want to override this.
+
+ Ref: https://datatracker.ietf.org/doc/html/rfc6749
+ """
+ return HTTPException(
+ status_code=HTTP_401_UNAUTHORIZED,
+ detail="Not authenticated",
+ headers={"WWW-Authenticate": "Bearer"},
+ )
+
async def __call__(self, request: Request) -> Optional[str]:
authorization = request.headers.get("Authorization")
if not authorization:
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
- )
+ raise self.make_not_authenticated_error()
else:
return None
return authorization
@@ -491,11 +511,7 @@ class OAuth2PasswordBearer(OAuth2):
scheme, param = get_authorization_scheme_param(authorization)
if not authorization or scheme.lower() != "bearer":
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_401_UNAUTHORIZED,
- detail="Not authenticated",
- headers={"WWW-Authenticate": "Bearer"},
- )
+ raise self.make_not_authenticated_error()
else:
return None
return param
@@ -601,11 +617,7 @@ class OAuth2AuthorizationCodeBearer(OAuth2):
scheme, param = get_authorization_scheme_param(authorization)
if not authorization or scheme.lower() != "bearer":
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_401_UNAUTHORIZED,
- detail="Not authenticated",
- headers={"WWW-Authenticate": "Bearer"},
- )
+ raise self.make_not_authenticated_error()
else:
return None # pragma: nocover
return param
diff --git a/fastapi/security/open_id_connect_url.py b/fastapi/security/open_id_connect_url.py
index 5e99798e6..e574a56a8 100644
--- a/fastapi/security/open_id_connect_url.py
+++ b/fastapi/security/open_id_connect_url.py
@@ -5,7 +5,7 @@ from fastapi.openapi.models import OpenIdConnect as OpenIdConnectModel
from fastapi.security.base import SecurityBase
from starlette.exceptions import HTTPException
from starlette.requests import Request
-from starlette.status import HTTP_403_FORBIDDEN
+from starlette.status import HTTP_401_UNAUTHORIZED
from typing_extensions import Annotated
@@ -13,6 +13,11 @@ class OpenIdConnect(SecurityBase):
"""
OpenID Connect authentication class. An instance of it would be used as a
dependency.
+
+ **Warning**: this is only a stub to connect the components with OpenAPI in FastAPI,
+ but it doesn't implement the full OpenIdConnect scheme, for example, it doesn't use
+ the OpenIDConnect URL. You would need to to subclass it and implement it in your
+ code.
"""
def __init__(
@@ -73,13 +78,18 @@ class OpenIdConnect(SecurityBase):
self.scheme_name = scheme_name or self.__class__.__name__
self.auto_error = auto_error
+ def make_not_authenticated_error(self) -> HTTPException:
+ return HTTPException(
+ status_code=HTTP_401_UNAUTHORIZED,
+ detail="Not authenticated",
+ headers={"WWW-Authenticate": "Bearer"},
+ )
+
async def __call__(self, request: Request) -> Optional[str]:
authorization = request.headers.get("Authorization")
if not authorization:
if self.auto_error:
- raise HTTPException(
- status_code=HTTP_403_FORBIDDEN, detail="Not authenticated"
- )
+ raise self.make_not_authenticated_error()
else:
return None
return authorization
diff --git a/fastapi/utils.py b/fastapi/utils.py
index 2e79ee6b1..b3b89ed2b 100644
--- a/fastapi/utils.py
+++ b/fastapi/utils.py
@@ -110,7 +110,9 @@ def create_model_field(
try:
return v1.ModelField(**v1_kwargs) # type: ignore[no-any-return]
except RuntimeError:
- raise fastapi.exceptions.FastAPIError(_invalid_args_message) from None
+ raise fastapi.exceptions.FastAPIError(
+ _invalid_args_message.format(type_=type_)
+ ) from None
elif PYDANTIC_V2:
from ._compat import v2
@@ -121,7 +123,9 @@ def create_model_field(
try:
return v2.ModelField(**kwargs) # type: ignore[return-value,arg-type]
except PydanticSchemaGenerationError:
- raise fastapi.exceptions.FastAPIError(_invalid_args_message) from None
+ raise fastapi.exceptions.FastAPIError(
+ _invalid_args_message.format(type_=type_)
+ ) from None
# Pydantic v2 is not installed, but it's not a Pydantic v1 ModelField, it could be
# a Pydantic v1 type, like a constrained int
from fastapi._compat import v1
@@ -129,7 +133,9 @@ def create_model_field(
try:
return v1.ModelField(**v1_kwargs) # type: ignore[no-any-return]
except RuntimeError:
- raise fastapi.exceptions.FastAPIError(_invalid_args_message) from None
+ raise fastapi.exceptions.FastAPIError(
+ _invalid_args_message.format(type_=type_)
+ ) from None
def create_cloned_field(
diff --git a/requirements-docs.txt b/requirements-docs.txt
index 05b47fe92..4f1863a4a 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -17,5 +17,5 @@ griffe-warnings-deprecated==1.1.0
# For griffe, it formats with black
black==25.1.0
mkdocs-macros-plugin==1.4.1
-markdown-include-variants==0.0.5
+markdown-include-variants==0.0.7
python-slugify==8.0.4
diff --git a/tests/forward_reference_type.py b/tests/forward_reference_type.py
new file mode 100644
index 000000000..52a0d4a70
--- /dev/null
+++ b/tests/forward_reference_type.py
@@ -0,0 +1,9 @@
+from pydantic import BaseModel
+
+
+def forwardref_method(input: "ForwardRefModel") -> "ForwardRefModel":
+ return ForwardRefModel(x=input.x + 1)
+
+
+class ForwardRefModel(BaseModel):
+ x: int = 0
diff --git a/tests/test_compat.py b/tests/test_compat.py
index 0184c9a2e..26537c5ab 100644
--- a/tests/test_compat.py
+++ b/tests/test_compat.py
@@ -14,7 +14,7 @@ from fastapi.testclient import TestClient
from pydantic import BaseModel, ConfigDict
from pydantic.fields import FieldInfo
-from .utils import needs_py_lt_314, needs_pydanticv2
+from .utils import needs_py310, needs_py_lt_314, needs_pydanticv2
@needs_pydanticv2
@@ -136,6 +136,43 @@ def test_is_uploadfile_sequence_annotation():
assert is_uploadfile_sequence_annotation(Union[List[str], List[UploadFile]])
+@needs_pydanticv2
+def test_serialize_sequence_value_with_optional_list():
+ """Test that serialize_sequence_value handles optional lists correctly."""
+ from fastapi._compat import v2
+
+ field_info = FieldInfo(annotation=Union[List[str], None])
+ field = v2.ModelField(name="items", field_info=field_info)
+ result = v2.serialize_sequence_value(field=field, value=["a", "b", "c"])
+ assert result == ["a", "b", "c"]
+ assert isinstance(result, list)
+
+
+@needs_pydanticv2
+@needs_py310
+def test_serialize_sequence_value_with_optional_list_pipe_union():
+ """Test that serialize_sequence_value handles optional lists correctly (with new syntax)."""
+ from fastapi._compat import v2
+
+ field_info = FieldInfo(annotation=list[str] | None)
+ field = v2.ModelField(name="items", field_info=field_info)
+ result = v2.serialize_sequence_value(field=field, value=["a", "b", "c"])
+ assert result == ["a", "b", "c"]
+ assert isinstance(result, list)
+
+
+@needs_pydanticv2
+def test_serialize_sequence_value_with_none_first_in_union():
+ """Test that serialize_sequence_value handles Union[None, List[...]] correctly."""
+ from fastapi._compat import v2
+
+ field_info = FieldInfo(annotation=Union[None, List[str]])
+ field = v2.ModelField(name="items", field_info=field_info)
+ result = v2.serialize_sequence_value(field=field, value=["x", "y"])
+ assert result == ["x", "y"]
+ assert isinstance(result, list)
+
+
@needs_py_lt_314
def test_is_pv1_scalar_field():
from fastapi._compat import v1
diff --git a/tests/test_computed_fields.py b/tests/test_computed_fields.py
index a1b412168..f2e42999b 100644
--- a/tests/test_computed_fields.py
+++ b/tests/test_computed_fields.py
@@ -6,8 +6,9 @@ from .utils import needs_pydanticv2
@pytest.fixture(name="client")
-def get_client():
- app = FastAPI()
+def get_client(request):
+ separate_input_output_schemas = request.param
+ app = FastAPI(separate_input_output_schemas=separate_input_output_schemas)
from pydantic import BaseModel, computed_field
@@ -32,6 +33,7 @@ def get_client():
return client
+@pytest.mark.parametrize("client", [True, False], indirect=True)
@pytest.mark.parametrize("path", ["/", "/responses"])
@needs_pydanticv2
def test_get(client: TestClient, path: str):
@@ -40,6 +42,7 @@ def test_get(client: TestClient, path: str):
assert response.json() == {"width": 3, "length": 4, "area": 12}
+@pytest.mark.parametrize("client", [True, False], indirect=True)
@needs_pydanticv2
def test_openapi_schema(client: TestClient):
response = client.get("/openapi.json")
diff --git a/tests/test_dependency_partial.py b/tests/test_dependency_partial.py
new file mode 100644
index 000000000..61a76236f
--- /dev/null
+++ b/tests/test_dependency_partial.py
@@ -0,0 +1,251 @@
+from functools import partial
+from typing import AsyncGenerator, Generator
+
+import pytest
+from fastapi import Depends, FastAPI
+from fastapi.testclient import TestClient
+from typing_extensions import Annotated
+
+app = FastAPI()
+
+
+def function_dependency(value: str) -> str:
+ return value
+
+
+async def async_function_dependency(value: str) -> str:
+ return value
+
+
+def gen_dependency(value: str) -> Generator[str, None, None]:
+ yield value
+
+
+async def async_gen_dependency(value: str) -> AsyncGenerator[str, None]:
+ yield value
+
+
+class CallableDependency:
+ def __call__(self, value: str) -> str:
+ return value
+
+
+class CallableGenDependency:
+ def __call__(self, value: str) -> Generator[str, None, None]:
+ yield value
+
+
+class AsyncCallableDependency:
+ async def __call__(self, value: str) -> str:
+ return value
+
+
+class AsyncCallableGenDependency:
+ async def __call__(self, value: str) -> AsyncGenerator[str, None]:
+ yield value
+
+
+class MethodsDependency:
+ def synchronous(self, value: str) -> str:
+ return value
+
+ async def asynchronous(self, value: str) -> str:
+ return value
+
+ def synchronous_gen(self, value: str) -> Generator[str, None, None]:
+ yield value
+
+ async def asynchronous_gen(self, value: str) -> AsyncGenerator[str, None]:
+ yield value
+
+
+callable_dependency = CallableDependency()
+callable_gen_dependency = CallableGenDependency()
+async_callable_dependency = AsyncCallableDependency()
+async_callable_gen_dependency = AsyncCallableGenDependency()
+methods_dependency = MethodsDependency()
+
+
+@app.get("/partial-function-dependency")
+async def get_partial_function_dependency(
+ value: Annotated[
+ str, Depends(partial(function_dependency, "partial-function-dependency"))
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-async-function-dependency")
+async def get_partial_async_function_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(async_function_dependency, "partial-async-function-dependency")
+ ),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-gen-dependency")
+async def get_partial_gen_dependency(
+ value: Annotated[str, Depends(partial(gen_dependency, "partial-gen-dependency"))],
+) -> str:
+ return value
+
+
+@app.get("/partial-async-gen-dependency")
+async def get_partial_async_gen_dependency(
+ value: Annotated[
+ str, Depends(partial(async_gen_dependency, "partial-async-gen-dependency"))
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-callable-dependency")
+async def get_partial_callable_dependency(
+ value: Annotated[
+ str, Depends(partial(callable_dependency, "partial-callable-dependency"))
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-callable-gen-dependency")
+async def get_partial_callable_gen_dependency(
+ value: Annotated[
+ str,
+ Depends(partial(callable_gen_dependency, "partial-callable-gen-dependency")),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-async-callable-dependency")
+async def get_partial_async_callable_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(async_callable_dependency, "partial-async-callable-dependency")
+ ),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-async-callable-gen-dependency")
+async def get_partial_async_callable_gen_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(
+ async_callable_gen_dependency, "partial-async-callable-gen-dependency"
+ )
+ ),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-synchronous-method-dependency")
+async def get_partial_synchronous_method_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(
+ methods_dependency.synchronous, "partial-synchronous-method-dependency"
+ )
+ ),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-synchronous-method-gen-dependency")
+async def get_partial_synchronous_method_gen_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(
+ methods_dependency.synchronous_gen,
+ "partial-synchronous-method-gen-dependency",
+ )
+ ),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-asynchronous-method-dependency")
+async def get_partial_asynchronous_method_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(
+ methods_dependency.asynchronous,
+ "partial-asynchronous-method-dependency",
+ )
+ ),
+ ],
+) -> str:
+ return value
+
+
+@app.get("/partial-asynchronous-method-gen-dependency")
+async def get_partial_asynchronous_method_gen_dependency(
+ value: Annotated[
+ str,
+ Depends(
+ partial(
+ methods_dependency.asynchronous_gen,
+ "partial-asynchronous-method-gen-dependency",
+ )
+ ),
+ ],
+) -> str:
+ return value
+
+
+client = TestClient(app)
+
+
+@pytest.mark.parametrize(
+ "route,value",
+ [
+ ("/partial-function-dependency", "partial-function-dependency"),
+ (
+ "/partial-async-function-dependency",
+ "partial-async-function-dependency",
+ ),
+ ("/partial-gen-dependency", "partial-gen-dependency"),
+ ("/partial-async-gen-dependency", "partial-async-gen-dependency"),
+ ("/partial-callable-dependency", "partial-callable-dependency"),
+ ("/partial-callable-gen-dependency", "partial-callable-gen-dependency"),
+ ("/partial-async-callable-dependency", "partial-async-callable-dependency"),
+ (
+ "/partial-async-callable-gen-dependency",
+ "partial-async-callable-gen-dependency",
+ ),
+ (
+ "/partial-synchronous-method-dependency",
+ "partial-synchronous-method-dependency",
+ ),
+ (
+ "/partial-synchronous-method-gen-dependency",
+ "partial-synchronous-method-gen-dependency",
+ ),
+ (
+ "/partial-asynchronous-method-dependency",
+ "partial-asynchronous-method-dependency",
+ ),
+ (
+ "/partial-asynchronous-method-gen-dependency",
+ "partial-asynchronous-method-gen-dependency",
+ ),
+ ],
+)
+def test_dependency_types_with_partial(route: str, value: str) -> None:
+ response = client.get(route)
+ assert response.status_code == 200, response.text
+ assert response.json() == value
diff --git a/tests/test_dependency_wrapped.py b/tests/test_dependency_wrapped.py
new file mode 100644
index 000000000..08356712d
--- /dev/null
+++ b/tests/test_dependency_wrapped.py
@@ -0,0 +1,449 @@
+import inspect
+import sys
+from functools import wraps
+from typing import AsyncGenerator, Generator
+
+import pytest
+from fastapi import Depends, FastAPI
+from fastapi.concurrency import iterate_in_threadpool, run_in_threadpool
+from fastapi.testclient import TestClient
+
+if sys.version_info >= (3, 13): # pragma: no cover
+ from inspect import iscoroutinefunction
+else: # pragma: no cover
+ from asyncio import iscoroutinefunction
+
+
+def noop_wrap(func):
+ @wraps(func)
+ def wrapper(*args, **kwargs):
+ return func(*args, **kwargs)
+
+ return wrapper
+
+
+def noop_wrap_async(func):
+ if inspect.isgeneratorfunction(func):
+
+ @wraps(func)
+ async def gen_wrapper(*args, **kwargs):
+ async for item in iterate_in_threadpool(func(*args, **kwargs)):
+ yield item
+
+ return gen_wrapper
+
+ elif inspect.isasyncgenfunction(func):
+
+ @wraps(func)
+ async def async_gen_wrapper(*args, **kwargs):
+ async for item in func(*args, **kwargs):
+ yield item
+
+ return async_gen_wrapper
+
+ @wraps(func)
+ async def wrapper(*args, **kwargs):
+ if inspect.isroutine(func) and iscoroutinefunction(func):
+ return await func(*args, **kwargs)
+ if inspect.isclass(func):
+ return await run_in_threadpool(func, *args, **kwargs)
+ dunder_call = getattr(func, "__call__", None) # noqa: B004
+ if iscoroutinefunction(dunder_call):
+ return await dunder_call(*args, **kwargs)
+ return await run_in_threadpool(func, *args, **kwargs)
+
+ return wrapper
+
+
+class ClassInstanceDep:
+ def __call__(self):
+ return True
+
+
+class_instance_dep = ClassInstanceDep()
+wrapped_class_instance_dep = noop_wrap(class_instance_dep)
+wrapped_class_instance_dep_async_wrapper = noop_wrap_async(class_instance_dep)
+
+
+class ClassInstanceGenDep:
+ def __call__(self):
+ yield True
+
+
+class_instance_gen_dep = ClassInstanceGenDep()
+wrapped_class_instance_gen_dep = noop_wrap(class_instance_gen_dep)
+
+
+class ClassInstanceWrappedDep:
+ @noop_wrap
+ def __call__(self):
+ return True
+
+
+class_instance_wrapped_dep = ClassInstanceWrappedDep()
+
+
+class ClassInstanceWrappedAsyncDep:
+ @noop_wrap_async
+ def __call__(self):
+ return True
+
+
+class_instance_wrapped_async_dep = ClassInstanceWrappedAsyncDep()
+
+
+class ClassInstanceWrappedGenDep:
+ @noop_wrap
+ def __call__(self):
+ yield True
+
+
+class_instance_wrapped_gen_dep = ClassInstanceWrappedGenDep()
+
+
+class ClassInstanceWrappedAsyncGenDep:
+ @noop_wrap_async
+ def __call__(self):
+ yield True
+
+
+class_instance_wrapped_async_gen_dep = ClassInstanceWrappedAsyncGenDep()
+
+
+class ClassDep:
+ def __init__(self):
+ self.value = True
+
+
+wrapped_class_dep = noop_wrap(ClassDep)
+wrapped_class_dep_async_wrapper = noop_wrap_async(ClassDep)
+
+
+class ClassInstanceAsyncDep:
+ async def __call__(self):
+ return True
+
+
+class_instance_async_dep = ClassInstanceAsyncDep()
+wrapped_class_instance_async_dep = noop_wrap(class_instance_async_dep)
+wrapped_class_instance_async_dep_async_wrapper = noop_wrap_async(
+ class_instance_async_dep
+)
+
+
+class ClassInstanceAsyncGenDep:
+ async def __call__(self):
+ yield True
+
+
+class_instance_async_gen_dep = ClassInstanceAsyncGenDep()
+wrapped_class_instance_async_gen_dep = noop_wrap(class_instance_async_gen_dep)
+
+
+class ClassInstanceAsyncWrappedDep:
+ @noop_wrap
+ async def __call__(self):
+ return True
+
+
+class_instance_async_wrapped_dep = ClassInstanceAsyncWrappedDep()
+
+
+class ClassInstanceAsyncWrappedAsyncDep:
+ @noop_wrap_async
+ async def __call__(self):
+ return True
+
+
+class_instance_async_wrapped_async_dep = ClassInstanceAsyncWrappedAsyncDep()
+
+
+class ClassInstanceAsyncWrappedGenDep:
+ @noop_wrap
+ async def __call__(self):
+ yield True
+
+
+class_instance_async_wrapped_gen_dep = ClassInstanceAsyncWrappedGenDep()
+
+
+class ClassInstanceAsyncWrappedGenAsyncDep:
+ @noop_wrap_async
+ async def __call__(self):
+ yield True
+
+
+class_instance_async_wrapped_gen_async_dep = ClassInstanceAsyncWrappedGenAsyncDep()
+
+app = FastAPI()
+
+# Sync wrapper
+
+
+@noop_wrap
+def wrapped_dependency() -> bool:
+ return True
+
+
+@noop_wrap
+def wrapped_gen_dependency() -> Generator[bool, None, None]:
+ yield True
+
+
+@noop_wrap
+async def async_wrapped_dependency() -> bool:
+ return True
+
+
+@noop_wrap
+async def async_wrapped_gen_dependency() -> AsyncGenerator[bool, None]:
+ yield True
+
+
+@app.get("/wrapped-dependency/")
+async def get_wrapped_dependency(value: bool = Depends(wrapped_dependency)):
+ return value
+
+
+@app.get("/wrapped-gen-dependency/")
+async def get_wrapped_gen_dependency(value: bool = Depends(wrapped_gen_dependency)):
+ return value
+
+
+@app.get("/async-wrapped-dependency/")
+async def get_async_wrapped_dependency(value: bool = Depends(async_wrapped_dependency)):
+ return value
+
+
+@app.get("/async-wrapped-gen-dependency/")
+async def get_async_wrapped_gen_dependency(
+ value: bool = Depends(async_wrapped_gen_dependency),
+):
+ return value
+
+
+@app.get("/wrapped-class-instance-dependency/")
+async def get_wrapped_class_instance_dependency(
+ value: bool = Depends(wrapped_class_instance_dep),
+):
+ return value
+
+
+@app.get("/wrapped-class-instance-async-dependency/")
+async def get_wrapped_class_instance_async_dependency(
+ value: bool = Depends(wrapped_class_instance_async_dep),
+):
+ return value
+
+
+@app.get("/wrapped-class-instance-gen-dependency/")
+async def get_wrapped_class_instance_gen_dependency(
+ value: bool = Depends(wrapped_class_instance_gen_dep),
+):
+ return value
+
+
+@app.get("/wrapped-class-instance-async-gen-dependency/")
+async def get_wrapped_class_instance_async_gen_dependency(
+ value: bool = Depends(wrapped_class_instance_async_gen_dep),
+):
+ return value
+
+
+@app.get("/class-instance-wrapped-dependency/")
+async def get_class_instance_wrapped_dependency(
+ value: bool = Depends(class_instance_wrapped_dep),
+):
+ return value
+
+
+@app.get("/class-instance-wrapped-async-dependency/")
+async def get_class_instance_wrapped_async_dependency(
+ value: bool = Depends(class_instance_wrapped_async_dep),
+):
+ return value
+
+
+@app.get("/class-instance-async-wrapped-dependency/")
+async def get_class_instance_async_wrapped_dependency(
+ value: bool = Depends(class_instance_async_wrapped_dep),
+):
+ return value
+
+
+@app.get("/class-instance-async-wrapped-async-dependency/")
+async def get_class_instance_async_wrapped_async_dependency(
+ value: bool = Depends(class_instance_async_wrapped_async_dep),
+):
+ return value
+
+
+@app.get("/class-instance-wrapped-gen-dependency/")
+async def get_class_instance_wrapped_gen_dependency(
+ value: bool = Depends(class_instance_wrapped_gen_dep),
+):
+ return value
+
+
+@app.get("/class-instance-wrapped-async-gen-dependency/")
+async def get_class_instance_wrapped_async_gen_dependency(
+ value: bool = Depends(class_instance_wrapped_async_gen_dep),
+):
+ return value
+
+
+@app.get("/class-instance-async-wrapped-gen-dependency/")
+async def get_class_instance_async_wrapped_gen_dependency(
+ value: bool = Depends(class_instance_async_wrapped_gen_dep),
+):
+ return value
+
+
+@app.get("/class-instance-async-wrapped-gen-async-dependency/")
+async def get_class_instance_async_wrapped_gen_async_dependency(
+ value: bool = Depends(class_instance_async_wrapped_gen_async_dep),
+):
+ return value
+
+
+@app.get("/wrapped-class-dependency/")
+async def get_wrapped_class_dependency(value: ClassDep = Depends(wrapped_class_dep)):
+ return value.value
+
+
+@app.get("/wrapped-endpoint/")
+@noop_wrap
+def get_wrapped_endpoint():
+ return True
+
+
+@app.get("/async-wrapped-endpoint/")
+@noop_wrap
+async def get_async_wrapped_endpoint():
+ return True
+
+
+# Async wrapper
+
+
+@noop_wrap_async
+def wrapped_dependency_async_wrapper() -> bool:
+ return True
+
+
+@noop_wrap_async
+def wrapped_gen_dependency_async_wrapper() -> Generator[bool, None, None]:
+ yield True
+
+
+@noop_wrap_async
+async def async_wrapped_dependency_async_wrapper() -> bool:
+ return True
+
+
+@noop_wrap_async
+async def async_wrapped_gen_dependency_async_wrapper() -> AsyncGenerator[bool, None]:
+ yield True
+
+
+@app.get("/wrapped-dependency-async-wrapper/")
+async def get_wrapped_dependency_async_wrapper(
+ value: bool = Depends(wrapped_dependency_async_wrapper),
+):
+ return value
+
+
+@app.get("/wrapped-gen-dependency-async-wrapper/")
+async def get_wrapped_gen_dependency_async_wrapper(
+ value: bool = Depends(wrapped_gen_dependency_async_wrapper),
+):
+ return value
+
+
+@app.get("/async-wrapped-dependency-async-wrapper/")
+async def get_async_wrapped_dependency_async_wrapper(
+ value: bool = Depends(async_wrapped_dependency_async_wrapper),
+):
+ return value
+
+
+@app.get("/async-wrapped-gen-dependency-async-wrapper/")
+async def get_async_wrapped_gen_dependency_async_wrapper(
+ value: bool = Depends(async_wrapped_gen_dependency_async_wrapper),
+):
+ return value
+
+
+@app.get("/wrapped-class-instance-dependency-async-wrapper/")
+async def get_wrapped_class_instance_dependency_async_wrapper(
+ value: bool = Depends(wrapped_class_instance_dep_async_wrapper),
+):
+ return value
+
+
+@app.get("/wrapped-class-instance-async-dependency-async-wrapper/")
+async def get_wrapped_class_instance_async_dependency_async_wrapper(
+ value: bool = Depends(wrapped_class_instance_async_dep_async_wrapper),
+):
+ return value
+
+
+@app.get("/wrapped-class-dependency-async-wrapper/")
+async def get_wrapped_class_dependency_async_wrapper(
+ value: ClassDep = Depends(wrapped_class_dep_async_wrapper),
+):
+ return value.value
+
+
+@app.get("/wrapped-endpoint-async-wrapper/")
+@noop_wrap_async
+def get_wrapped_endpoint_async_wrapper():
+ return True
+
+
+@app.get("/async-wrapped-endpoint-async-wrapper/")
+@noop_wrap_async
+async def get_async_wrapped_endpoint_async_wrapper():
+ return True
+
+
+client = TestClient(app)
+
+
+@pytest.mark.parametrize(
+ "route",
+ [
+ "/wrapped-dependency/",
+ "/wrapped-gen-dependency/",
+ "/async-wrapped-dependency/",
+ "/async-wrapped-gen-dependency/",
+ "/wrapped-class-instance-dependency/",
+ "/wrapped-class-instance-async-dependency/",
+ "/wrapped-class-instance-gen-dependency/",
+ "/wrapped-class-instance-async-gen-dependency/",
+ "/class-instance-wrapped-dependency/",
+ "/class-instance-wrapped-async-dependency/",
+ "/class-instance-async-wrapped-dependency/",
+ "/class-instance-async-wrapped-async-dependency/",
+ "/class-instance-wrapped-gen-dependency/",
+ "/class-instance-wrapped-async-gen-dependency/",
+ "/class-instance-async-wrapped-gen-dependency/",
+ "/class-instance-async-wrapped-gen-async-dependency/",
+ "/wrapped-class-dependency/",
+ "/wrapped-endpoint/",
+ "/async-wrapped-endpoint/",
+ "/wrapped-dependency-async-wrapper/",
+ "/wrapped-gen-dependency-async-wrapper/",
+ "/async-wrapped-dependency-async-wrapper/",
+ "/async-wrapped-gen-dependency-async-wrapper/",
+ "/wrapped-class-instance-dependency-async-wrapper/",
+ "/wrapped-class-instance-async-dependency-async-wrapper/",
+ "/wrapped-class-dependency-async-wrapper/",
+ "/wrapped-endpoint-async-wrapper/",
+ "/async-wrapped-endpoint-async-wrapper/",
+ ],
+)
+def test_class_dependency(route):
+ response = client.get(route)
+ assert response.status_code == 200, response.text
+ assert response.json() is True
diff --git a/tests/test_fastapi_cli.py b/tests/test_fastapi_cli.py
index a5c10778a..78a49a1fb 100644
--- a/tests/test_fastapi_cli.py
+++ b/tests/test_fastapi_cli.py
@@ -1,3 +1,4 @@
+import os
import subprocess
import sys
from unittest.mock import patch
@@ -20,6 +21,7 @@ def test_fastapi_cli():
],
capture_output=True,
encoding="utf-8",
+ env={**os.environ, "PYTHONIOENCODING": "utf-8"},
)
assert result.returncode == 1, result.stdout
assert "Path does not exist non_existent_file.py" in result.stdout
diff --git a/tests/test_form_default.py b/tests/test_form_default.py
new file mode 100644
index 000000000..2a12049d1
--- /dev/null
+++ b/tests/test_form_default.py
@@ -0,0 +1,35 @@
+from typing import Optional
+
+from fastapi import FastAPI, File, Form
+from starlette.testclient import TestClient
+from typing_extensions import Annotated
+
+app = FastAPI()
+
+
+@app.post("/urlencoded")
+async def post_url_encoded(age: Annotated[Optional[int], Form()] = None):
+ return age
+
+
+@app.post("/multipart")
+async def post_multi_part(
+ age: Annotated[Optional[int], Form()] = None,
+ file: Annotated[Optional[bytes], File()] = None,
+):
+ return {"file": file, "age": age}
+
+
+client = TestClient(app)
+
+
+def test_form_default_url_encoded():
+ response = client.post("/urlencoded", data={"age": ""})
+ assert response.status_code == 200
+ assert response.text == "null"
+
+
+def test_form_default_multi_part():
+ response = client.post("/multipart", data={"age": ""})
+ assert response.status_code == 200
+ assert response.json() == {"file": None, "age": None}
diff --git a/tests/test_forms_single_model.py b/tests/test_forms_single_model.py
index 880ab3820..1db63f021 100644
--- a/tests/test_forms_single_model.py
+++ b/tests/test_forms_single_model.py
@@ -2,6 +2,7 @@ from typing import List, Optional
from dirty_equals import IsDict
from fastapi import FastAPI, Form
+from fastapi._compat import PYDANTIC_V2
from fastapi.testclient import TestClient
from pydantic import BaseModel, Field
from typing_extensions import Annotated
@@ -17,11 +18,27 @@ class FormModel(BaseModel):
alias_with: str = Field(alias="with", default="nothing")
+class FormModelExtraAllow(BaseModel):
+ param: str
+
+ if PYDANTIC_V2:
+ model_config = {"extra": "allow"}
+ else:
+
+ class Config:
+ extra = "allow"
+
+
@app.post("/form/")
def post_form(user: Annotated[FormModel, Form()]):
return user
+@app.post("/form-extra-allow/")
+def post_form_extra_allow(params: Annotated[FormModelExtraAllow, Form()]):
+ return params
+
+
client = TestClient(app)
@@ -131,3 +148,33 @@ def test_no_data():
]
}
)
+
+
+def test_extra_param_single():
+ response = client.post(
+ "/form-extra-allow/",
+ data={
+ "param": "123",
+ "extra_param": "456",
+ },
+ )
+ assert response.status_code == 200, response.text
+ assert response.json() == {
+ "param": "123",
+ "extra_param": "456",
+ }
+
+
+def test_extra_param_list():
+ response = client.post(
+ "/form-extra-allow/",
+ data={
+ "param": "123",
+ "extra_params": ["456", "789"],
+ },
+ )
+ assert response.status_code == 200, response.text
+ assert response.json() == {
+ "param": "123",
+ "extra_params": ["456", "789"],
+ }
diff --git a/tests/test_jsonable_encoder.py b/tests/test_jsonable_encoder.py
index 447c5b4d6..3b6513e27 100644
--- a/tests/test_jsonable_encoder.py
+++ b/tests/test_jsonable_encoder.py
@@ -3,6 +3,7 @@ from dataclasses import dataclass
from datetime import datetime, timezone
from decimal import Decimal
from enum import Enum
+from math import isinf, isnan
from pathlib import PurePath, PurePosixPath, PureWindowsPath
from typing import Optional
@@ -306,6 +307,20 @@ def test_decimal_encoder_int():
assert jsonable_encoder(data) == {"value": 2}
+@needs_pydanticv2
+def test_decimal_encoder_nan():
+ data = {"value": Decimal("NaN")}
+ assert isnan(jsonable_encoder(data)["value"])
+
+
+@needs_pydanticv2
+def test_decimal_encoder_infinity():
+ data = {"value": Decimal("Infinity")}
+ assert isinf(jsonable_encoder(data)["value"])
+ data = {"value": Decimal("-Infinity")}
+ assert isinf(jsonable_encoder(data)["value"])
+
+
def test_encode_deque_encodes_child_models():
class Model(BaseModel):
test: str
diff --git a/tests/test_optional_file_list.py b/tests/test_optional_file_list.py
new file mode 100644
index 000000000..0228900cf
--- /dev/null
+++ b/tests/test_optional_file_list.py
@@ -0,0 +1,30 @@
+from typing import List, Optional
+
+from fastapi import FastAPI, File
+from fastapi.testclient import TestClient
+
+app = FastAPI()
+
+
+@app.post("/files")
+async def upload_files(files: Optional[List[bytes]] = File(None)):
+ if files is None:
+ return {"files_count": 0}
+ return {"files_count": len(files), "sizes": [len(f) for f in files]}
+
+
+def test_optional_bytes_list():
+ client = TestClient(app)
+ response = client.post(
+ "/files",
+ files=[("files", b"content1"), ("files", b"content2")],
+ )
+ assert response.status_code == 200
+ assert response.json() == {"files_count": 2, "sizes": [8, 8]}
+
+
+def test_optional_bytes_list_no_files():
+ client = TestClient(app)
+ response = client.post("/files")
+ assert response.status_code == 200
+ assert response.json() == {"files_count": 0}
diff --git a/tests/test_query_cookie_header_model_extra_params.py b/tests/test_query_cookie_header_model_extra_params.py
new file mode 100644
index 000000000..f4ebefb3f
--- /dev/null
+++ b/tests/test_query_cookie_header_model_extra_params.py
@@ -0,0 +1,111 @@
+from fastapi import Cookie, FastAPI, Header, Query
+from fastapi._compat import PYDANTIC_V2
+from fastapi.testclient import TestClient
+from pydantic import BaseModel
+
+app = FastAPI()
+
+
+class Model(BaseModel):
+ param: str
+
+ if PYDANTIC_V2:
+ model_config = {"extra": "allow"}
+ else:
+
+ class Config:
+ extra = "allow"
+
+
+@app.get("/query")
+async def query_model_with_extra(data: Model = Query()):
+ return data
+
+
+@app.get("/header")
+async def header_model_with_extra(data: Model = Header()):
+ return data
+
+
+@app.get("/cookie")
+async def cookies_model_with_extra(data: Model = Cookie()):
+ return data
+
+
+def test_query_pass_extra_list():
+ client = TestClient(app)
+ resp = client.get(
+ "/query",
+ params={
+ "param": "123",
+ "param2": ["456", "789"], # Pass a list of values as extra parameter
+ },
+ )
+ assert resp.status_code == 200
+ assert resp.json() == {
+ "param": "123",
+ "param2": ["456", "789"],
+ }
+
+
+def test_query_pass_extra_single():
+ client = TestClient(app)
+ resp = client.get(
+ "/query",
+ params={
+ "param": "123",
+ "param2": "456",
+ },
+ )
+ assert resp.status_code == 200
+ assert resp.json() == {
+ "param": "123",
+ "param2": "456",
+ }
+
+
+def test_header_pass_extra_list():
+ client = TestClient(app)
+
+ resp = client.get(
+ "/header",
+ headers=[
+ ("param", "123"),
+ ("param2", "456"), # Pass a list of values as extra parameter
+ ("param2", "789"),
+ ],
+ )
+ assert resp.status_code == 200
+ resp_json = resp.json()
+ assert "param2" in resp_json
+ assert resp_json["param2"] == ["456", "789"]
+
+
+def test_header_pass_extra_single():
+ client = TestClient(app)
+
+ resp = client.get(
+ "/header",
+ headers=[
+ ("param", "123"),
+ ("param2", "456"),
+ ],
+ )
+ assert resp.status_code == 200
+ resp_json = resp.json()
+ assert "param2" in resp_json
+ assert resp_json["param2"] == "456"
+
+
+def test_cookie_pass_extra_list():
+ client = TestClient(app)
+ client.cookies = [
+ ("param", "123"),
+ ("param2", "456"), # Pass a list of values as extra parameter
+ ("param2", "789"),
+ ]
+ resp = client.get("/cookie")
+ assert resp.status_code == 200
+ resp_json = resp.json()
+ assert "param2" in resp_json
+ assert resp_json["param2"] == "789" # Cookies only keep the last value
diff --git a/tests/test_request_param_model_by_alias.py b/tests/test_request_param_model_by_alias.py
new file mode 100644
index 000000000..a6f759f23
--- /dev/null
+++ b/tests/test_request_param_model_by_alias.py
@@ -0,0 +1,76 @@
+from dirty_equals import IsPartialDict
+from fastapi import Cookie, FastAPI, Header, Query
+from fastapi._compat import PYDANTIC_V2
+from fastapi.testclient import TestClient
+from pydantic import BaseModel, Field
+
+app = FastAPI()
+
+
+class Model(BaseModel):
+ param: str = Field(alias="param_alias")
+
+
+@app.get("/query")
+async def query_model(data: Model = Query()):
+ return {"param": data.param}
+
+
+@app.get("/header")
+async def header_model(data: Model = Header()):
+ return {"param": data.param}
+
+
+@app.get("/cookie")
+async def cookie_model(data: Model = Cookie()):
+ return {"param": data.param}
+
+
+def test_query_model_with_alias():
+ client = TestClient(app)
+ response = client.get("/query", params={"param_alias": "value"})
+ assert response.status_code == 200, response.text
+ assert response.json() == {"param": "value"}
+
+
+def test_header_model_with_alias():
+ client = TestClient(app)
+ response = client.get("/header", headers={"param_alias": "value"})
+ assert response.status_code == 200, response.text
+ assert response.json() == {"param": "value"}
+
+
+def test_cookie_model_with_alias():
+ client = TestClient(app)
+ client.cookies.set("param_alias", "value")
+ response = client.get("/cookie")
+ assert response.status_code == 200, response.text
+ assert response.json() == {"param": "value"}
+
+
+def test_query_model_with_alias_by_name():
+ client = TestClient(app)
+ response = client.get("/query", params={"param": "value"})
+ assert response.status_code == 422, response.text
+ details = response.json()
+ if PYDANTIC_V2:
+ assert details["detail"][0]["input"] == {"param": "value"}
+
+
+def test_header_model_with_alias_by_name():
+ client = TestClient(app)
+ response = client.get("/header", headers={"param": "value"})
+ assert response.status_code == 422, response.text
+ details = response.json()
+ if PYDANTIC_V2:
+ assert details["detail"][0]["input"] == IsPartialDict({"param": "value"})
+
+
+def test_cookie_model_with_alias_by_name():
+ client = TestClient(app)
+ client.cookies.set("param", "value")
+ response = client.get("/cookie")
+ assert response.status_code == 422, response.text
+ details = response.json()
+ if PYDANTIC_V2:
+ assert details["detail"][0]["input"] == {"param": "value"}
diff --git a/tests/test_schema_compat_pydantic_v2.py b/tests/test_schema_compat_pydantic_v2.py
new file mode 100644
index 000000000..39626c0ec
--- /dev/null
+++ b/tests/test_schema_compat_pydantic_v2.py
@@ -0,0 +1,92 @@
+import pytest
+from fastapi import FastAPI
+from fastapi.testclient import TestClient
+from inline_snapshot import snapshot
+from pydantic import BaseModel
+
+from tests.utils import needs_py310, needs_pydanticv2
+
+
+@pytest.fixture(name="client")
+def get_client():
+ from enum import Enum
+
+ app = FastAPI()
+
+ class PlatformRole(str, Enum):
+ admin = "admin"
+ user = "user"
+
+ class OtherRole(str, Enum): ...
+
+ class User(BaseModel):
+ username: str
+ role: PlatformRole | OtherRole
+
+ @app.get("/users")
+ async def get_user() -> User:
+ return {"username": "alice", "role": "admin"}
+
+ client = TestClient(app)
+ return client
+
+
+@needs_py310
+@needs_pydanticv2
+def test_get(client: TestClient):
+ response = client.get("/users")
+ assert response.json() == {"username": "alice", "role": "admin"}
+
+
+@needs_py310
+@needs_pydanticv2
+def test_openapi_schema(client: TestClient):
+ response = client.get("openapi.json")
+ assert response.json() == snapshot(
+ {
+ "openapi": "3.1.0",
+ "info": {"title": "FastAPI", "version": "0.1.0"},
+ "paths": {
+ "/users": {
+ "get": {
+ "summary": "Get User",
+ "operationId": "get_user_users_get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {
+ "application/json": {
+ "schema": {"$ref": "#/components/schemas/User"}
+ }
+ },
+ }
+ },
+ }
+ }
+ },
+ "components": {
+ "schemas": {
+ "PlatformRole": {
+ "type": "string",
+ "enum": ["admin", "user"],
+ "title": "PlatformRole",
+ },
+ "User": {
+ "properties": {
+ "username": {"type": "string", "title": "Username"},
+ "role": {
+ "anyOf": [
+ {"$ref": "#/components/schemas/PlatformRole"},
+ {"enum": [], "title": "OtherRole"},
+ ],
+ "title": "Role",
+ },
+ },
+ "type": "object",
+ "required": ["username", "role"],
+ "title": "User",
+ },
+ }
+ },
+ }
+ )
diff --git a/tests/test_security_api_key_cookie.py b/tests/test_security_api_key_cookie.py
index 4ddb8e2ee..9bacfc56e 100644
--- a/tests/test_security_api_key_cookie.py
+++ b/tests/test_security_api_key_cookie.py
@@ -32,8 +32,9 @@ def test_security_api_key():
def test_security_api_key_no_key():
client = TestClient(app)
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "APIKey"
def test_openapi_schema():
diff --git a/tests/test_security_api_key_cookie_description.py b/tests/test_security_api_key_cookie_description.py
index d99d616e0..d0cab324e 100644
--- a/tests/test_security_api_key_cookie_description.py
+++ b/tests/test_security_api_key_cookie_description.py
@@ -32,8 +32,9 @@ def test_security_api_key():
def test_security_api_key_no_key():
client = TestClient(app)
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "APIKey"
def test_openapi_schema():
diff --git a/tests/test_security_api_key_header.py b/tests/test_security_api_key_header.py
index 1ff883703..3e761b150 100644
--- a/tests/test_security_api_key_header.py
+++ b/tests/test_security_api_key_header.py
@@ -33,8 +33,9 @@ def test_security_api_key():
def test_security_api_key_no_key():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "APIKey"
def test_openapi_schema():
diff --git a/tests/test_security_api_key_header_description.py b/tests/test_security_api_key_header_description.py
index 27f9d0f29..38a1a8881 100644
--- a/tests/test_security_api_key_header_description.py
+++ b/tests/test_security_api_key_header_description.py
@@ -33,8 +33,9 @@ def test_security_api_key():
def test_security_api_key_no_key():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "APIKey"
def test_openapi_schema():
diff --git a/tests/test_security_api_key_query.py b/tests/test_security_api_key_query.py
index dc7a0a621..11ed19468 100644
--- a/tests/test_security_api_key_query.py
+++ b/tests/test_security_api_key_query.py
@@ -33,8 +33,9 @@ def test_security_api_key():
def test_security_api_key_no_key():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "APIKey"
def test_openapi_schema():
diff --git a/tests/test_security_api_key_query_description.py b/tests/test_security_api_key_query_description.py
index 35dc7743a..658798326 100644
--- a/tests/test_security_api_key_query_description.py
+++ b/tests/test_security_api_key_query_description.py
@@ -33,8 +33,9 @@ def test_security_api_key():
def test_security_api_key_no_key():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "APIKey"
def test_openapi_schema():
diff --git a/tests/test_security_http_base.py b/tests/test_security_http_base.py
index 51928bafd..8cf259a75 100644
--- a/tests/test_security_http_base.py
+++ b/tests/test_security_http_base.py
@@ -23,8 +23,9 @@ def test_security_http_base():
def test_security_http_base_no_credentials():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Other"
def test_openapi_schema():
diff --git a/tests/test_security_http_base_description.py b/tests/test_security_http_base_description.py
index bc79f3242..791ea59f4 100644
--- a/tests/test_security_http_base_description.py
+++ b/tests/test_security_http_base_description.py
@@ -23,8 +23,9 @@ def test_security_http_base():
def test_security_http_base_no_credentials():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Other"
def test_openapi_schema():
diff --git a/tests/test_security_http_basic_optional.py b/tests/test_security_http_basic_optional.py
index 9b6cb6c45..7071f381a 100644
--- a/tests/test_security_http_basic_optional.py
+++ b/tests/test_security_http_basic_optional.py
@@ -38,7 +38,7 @@ def test_security_http_basic_invalid_credentials():
)
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == "Basic"
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_security_http_basic_non_basic_credentials():
@@ -47,7 +47,7 @@ def test_security_http_basic_non_basic_credentials():
response = client.get("/users/me", headers={"Authorization": auth_header})
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == "Basic"
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_openapi_schema():
diff --git a/tests/test_security_http_basic_realm.py b/tests/test_security_http_basic_realm.py
index 9fc33971a..ec7371f90 100644
--- a/tests/test_security_http_basic_realm.py
+++ b/tests/test_security_http_basic_realm.py
@@ -36,7 +36,7 @@ def test_security_http_basic_invalid_credentials():
)
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_security_http_basic_non_basic_credentials():
@@ -45,7 +45,7 @@ def test_security_http_basic_non_basic_credentials():
response = client.get("/users/me", headers={"Authorization": auth_header})
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_openapi_schema():
diff --git a/tests/test_security_http_basic_realm_description.py b/tests/test_security_http_basic_realm_description.py
index 02122442e..a93d5fc86 100644
--- a/tests/test_security_http_basic_realm_description.py
+++ b/tests/test_security_http_basic_realm_description.py
@@ -36,7 +36,7 @@ def test_security_http_basic_invalid_credentials():
)
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_security_http_basic_non_basic_credentials():
@@ -45,7 +45,7 @@ def test_security_http_basic_non_basic_credentials():
response = client.get("/users/me", headers={"Authorization": auth_header})
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == 'Basic realm="simple"'
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_openapi_schema():
diff --git a/tests/test_security_http_bearer.py b/tests/test_security_http_bearer.py
index 5b9e2d691..961b42f4d 100644
--- a/tests/test_security_http_bearer.py
+++ b/tests/test_security_http_bearer.py
@@ -23,14 +23,16 @@ def test_security_http_bearer():
def test_security_http_bearer_no_credentials():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_security_http_bearer_incorrect_scheme_credentials():
response = client.get("/users/me", headers={"Authorization": "Basic notreally"})
- assert response.status_code == 403, response.text
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.status_code == 401, response.text
+ assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_openapi_schema():
diff --git a/tests/test_security_http_bearer_description.py b/tests/test_security_http_bearer_description.py
index 2f11c3a14..e16994abc 100644
--- a/tests/test_security_http_bearer_description.py
+++ b/tests/test_security_http_bearer_description.py
@@ -23,14 +23,16 @@ def test_security_http_bearer():
def test_security_http_bearer_no_credentials():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_security_http_bearer_incorrect_scheme_credentials():
response = client.get("/users/me", headers={"Authorization": "Basic notreally"})
- assert response.status_code == 403, response.text
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.status_code == 401, response.text
+ assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_openapi_schema():
diff --git a/tests/test_security_http_digest.py b/tests/test_security_http_digest.py
index 133d35763..3fad4c7a5 100644
--- a/tests/test_security_http_digest.py
+++ b/tests/test_security_http_digest.py
@@ -23,16 +23,18 @@ def test_security_http_digest():
def test_security_http_digest_no_credentials():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Digest"
def test_security_http_digest_incorrect_scheme_credentials():
response = client.get(
"/users/me", headers={"Authorization": "Other invalidauthorization"}
)
- assert response.status_code == 403, response.text
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.status_code == 401, response.text
+ assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Digest"
def test_openapi_schema():
diff --git a/tests/test_security_http_digest_description.py b/tests/test_security_http_digest_description.py
index 4e31a0c00..319416a07 100644
--- a/tests/test_security_http_digest_description.py
+++ b/tests/test_security_http_digest_description.py
@@ -23,16 +23,18 @@ def test_security_http_digest():
def test_security_http_digest_no_credentials():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Digest"
def test_security_http_digest_incorrect_scheme_credentials():
response = client.get(
"/users/me", headers={"Authorization": "Other invalidauthorization"}
)
- assert response.status_code == 403, response.text
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.status_code == 401, response.text
+ assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Digest"
def test_openapi_schema():
diff --git a/tests/test_security_oauth2.py b/tests/test_security_oauth2.py
index 2b7e3457a..804e4152d 100644
--- a/tests/test_security_oauth2.py
+++ b/tests/test_security_oauth2.py
@@ -56,8 +56,9 @@ def test_security_oauth2_password_other_header():
def test_security_oauth2_password_bearer_no_header():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_strict_login_no_data():
diff --git a/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py
new file mode 100644
index 000000000..d41f1dc1f
--- /dev/null
+++ b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi.py
@@ -0,0 +1,198 @@
+# Ref: https://github.com/fastapi/fastapi/issues/14454
+
+from typing import Optional
+
+from fastapi import APIRouter, Depends, FastAPI, Security
+from fastapi.security import OAuth2AuthorizationCodeBearer
+from fastapi.testclient import TestClient
+from inline_snapshot import snapshot
+from typing_extensions import Annotated
+
+oauth2_scheme = OAuth2AuthorizationCodeBearer(
+ authorizationUrl="authorize",
+ tokenUrl="token",
+ auto_error=True,
+ scopes={"read": "Read access", "write": "Write access"},
+)
+
+
+async def get_token(token: Annotated[str, Depends(oauth2_scheme)]) -> str:
+ return token
+
+
+app = FastAPI(dependencies=[Depends(get_token)])
+
+
+@app.get("/")
+async def root():
+ return {"message": "Hello World"}
+
+
+@app.get(
+ "/with-oauth2-scheme",
+ dependencies=[Security(oauth2_scheme, scopes=["read", "write"])],
+)
+async def read_with_oauth2_scheme():
+ return {"message": "Admin Access"}
+
+
+@app.get(
+ "/with-get-token", dependencies=[Security(get_token, scopes=["read", "write"])]
+)
+async def read_with_get_token():
+ return {"message": "Admin Access"}
+
+
+router = APIRouter(dependencies=[Security(oauth2_scheme, scopes=["read"])])
+
+
+@router.get("/items/")
+async def read_items(token: Optional[str] = Depends(oauth2_scheme)):
+ return {"token": token}
+
+
+@router.post("/items/")
+async def create_item(
+ token: Optional[str] = Security(oauth2_scheme, scopes=["read", "write"]),
+):
+ return {"token": token}
+
+
+app.include_router(router)
+
+client = TestClient(app)
+
+
+def test_root():
+ response = client.get("/", headers={"Authorization": "Bearer testtoken"})
+ assert response.status_code == 200, response.text
+ assert response.json() == {"message": "Hello World"}
+
+
+def test_read_with_oauth2_scheme():
+ response = client.get(
+ "/with-oauth2-scheme", headers={"Authorization": "Bearer testtoken"}
+ )
+ assert response.status_code == 200, response.text
+ assert response.json() == {"message": "Admin Access"}
+
+
+def test_read_with_get_token():
+ response = client.get(
+ "/with-get-token", headers={"Authorization": "Bearer testtoken"}
+ )
+ assert response.status_code == 200, response.text
+ assert response.json() == {"message": "Admin Access"}
+
+
+def test_read_token():
+ response = client.get("/items/", headers={"Authorization": "Bearer testtoken"})
+ assert response.status_code == 200, response.text
+ assert response.json() == {"token": "testtoken"}
+
+
+def test_create_token():
+ response = client.post("/items/", headers={"Authorization": "Bearer testtoken"})
+ assert response.status_code == 200, response.text
+ assert response.json() == {"token": "testtoken"}
+
+
+def test_openapi_schema():
+ response = client.get("/openapi.json")
+ assert response.status_code == 200, response.text
+ assert response.json() == snapshot(
+ {
+ "openapi": "3.1.0",
+ "info": {"title": "FastAPI", "version": "0.1.0"},
+ "paths": {
+ "/": {
+ "get": {
+ "summary": "Root",
+ "operationId": "root__get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [{"OAuth2AuthorizationCodeBearer": []}],
+ }
+ },
+ "/with-oauth2-scheme": {
+ "get": {
+ "summary": "Read With Oauth2 Scheme",
+ "operationId": "read_with_oauth2_scheme_with_oauth2_scheme_get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [
+ {"OAuth2AuthorizationCodeBearer": ["read", "write"]}
+ ],
+ }
+ },
+ "/with-get-token": {
+ "get": {
+ "summary": "Read With Get Token",
+ "operationId": "read_with_get_token_with_get_token_get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [
+ {"OAuth2AuthorizationCodeBearer": ["read", "write"]}
+ ],
+ }
+ },
+ "/items/": {
+ "get": {
+ "summary": "Read Items",
+ "operationId": "read_items_items__get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [
+ {"OAuth2AuthorizationCodeBearer": ["read"]},
+ ],
+ },
+ "post": {
+ "summary": "Create Item",
+ "operationId": "create_item_items__post",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [
+ {"OAuth2AuthorizationCodeBearer": ["read", "write"]},
+ ],
+ },
+ },
+ },
+ "components": {
+ "securitySchemes": {
+ "OAuth2AuthorizationCodeBearer": {
+ "type": "oauth2",
+ "flows": {
+ "authorizationCode": {
+ "scopes": {
+ "read": "Read access",
+ "write": "Write access",
+ },
+ "authorizationUrl": "authorize",
+ "tokenUrl": "token",
+ }
+ },
+ }
+ }
+ },
+ }
+ )
diff --git a/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py
new file mode 100644
index 000000000..ff866d4fc
--- /dev/null
+++ b/tests/test_security_oauth2_authorization_code_bearer_scopes_openapi_simple.py
@@ -0,0 +1,79 @@
+# Ref: https://github.com/fastapi/fastapi/issues/14454
+
+from fastapi import Depends, FastAPI, Security
+from fastapi.security import OAuth2AuthorizationCodeBearer
+from fastapi.testclient import TestClient
+from inline_snapshot import snapshot
+from typing_extensions import Annotated
+
+oauth2_scheme = OAuth2AuthorizationCodeBearer(
+ authorizationUrl="api/oauth/authorize",
+ tokenUrl="/api/oauth/token",
+ scopes={"read": "Read access", "write": "Write access"},
+)
+
+
+async def get_token(token: Annotated[str, Depends(oauth2_scheme)]) -> str:
+ return token
+
+
+app = FastAPI(dependencies=[Depends(get_token)])
+
+
+@app.get("/admin", dependencies=[Security(get_token, scopes=["read", "write"])])
+async def read_admin():
+ return {"message": "Admin Access"}
+
+
+client = TestClient(app)
+
+
+def test_read_admin():
+ response = client.get("/admin", headers={"Authorization": "Bearer faketoken"})
+ assert response.status_code == 200, response.text
+ assert response.json() == {"message": "Admin Access"}
+
+
+def test_openapi_schema():
+ response = client.get("/openapi.json")
+ assert response.status_code == 200, response.text
+ assert response.json() == snapshot(
+ {
+ "openapi": "3.1.0",
+ "info": {"title": "FastAPI", "version": "0.1.0"},
+ "paths": {
+ "/admin": {
+ "get": {
+ "summary": "Read Admin",
+ "operationId": "read_admin_admin_get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [
+ {"OAuth2AuthorizationCodeBearer": ["read", "write"]}
+ ],
+ }
+ }
+ },
+ "components": {
+ "securitySchemes": {
+ "OAuth2AuthorizationCodeBearer": {
+ "type": "oauth2",
+ "flows": {
+ "authorizationCode": {
+ "scopes": {
+ "read": "Read access",
+ "write": "Write access",
+ },
+ "authorizationUrl": "api/oauth/authorize",
+ "tokenUrl": "/api/oauth/token",
+ }
+ },
+ }
+ }
+ },
+ }
+ )
diff --git a/tests/test_security_openid_connect.py b/tests/test_security_openid_connect.py
index 1e322e640..c9a0a8db7 100644
--- a/tests/test_security_openid_connect.py
+++ b/tests/test_security_openid_connect.py
@@ -39,8 +39,9 @@ def test_security_oauth2_password_other_header():
def test_security_oauth2_password_bearer_no_header():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_openapi_schema():
diff --git a/tests/test_security_openid_connect_description.py b/tests/test_security_openid_connect_description.py
index 44cf57f86..d008cbc63 100644
--- a/tests/test_security_openid_connect_description.py
+++ b/tests/test_security_openid_connect_description.py
@@ -41,8 +41,9 @@ def test_security_oauth2_password_other_header():
def test_security_oauth2_password_bearer_no_header():
response = client.get("/users/me")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
+ assert response.headers["WWW-Authenticate"] == "Bearer"
def test_openapi_schema():
diff --git a/tests/test_security_scopes.py b/tests/test_security_scopes.py
new file mode 100644
index 000000000..248fd2bcc
--- /dev/null
+++ b/tests/test_security_scopes.py
@@ -0,0 +1,46 @@
+from typing import Dict
+
+import pytest
+from fastapi import Depends, FastAPI, Security
+from fastapi.testclient import TestClient
+from typing_extensions import Annotated
+
+
+@pytest.fixture(name="call_counter")
+def call_counter_fixture():
+ return {"count": 0}
+
+
+@pytest.fixture(name="app")
+def app_fixture(call_counter: Dict[str, int]):
+ def get_db():
+ call_counter["count"] += 1
+ return f"db_{call_counter['count']}"
+
+ def get_user(db: Annotated[str, Depends(get_db)]):
+ return "user"
+
+ app = FastAPI()
+
+ @app.get("/")
+ def endpoint(
+ db: Annotated[str, Depends(get_db)],
+ user: Annotated[str, Security(get_user, scopes=["read"])],
+ ):
+ return {"db": db}
+
+ return app
+
+
+@pytest.fixture(name="client")
+def client_fixture(app: FastAPI):
+ return TestClient(app)
+
+
+def test_security_scopes_dependency_called_once(
+ client: TestClient, call_counter: Dict[str, int]
+):
+ response = client.get("/")
+
+ assert response.status_code == 200
+ assert call_counter["count"] == 1
diff --git a/tests/test_security_scopes_dont_propagate.py b/tests/test_security_scopes_dont_propagate.py
new file mode 100644
index 000000000..2bbcc749d
--- /dev/null
+++ b/tests/test_security_scopes_dont_propagate.py
@@ -0,0 +1,45 @@
+# Ref: https://github.com/tiangolo/fastapi/issues/5623
+
+from typing import Any, Dict, List
+
+from fastapi import FastAPI, Security
+from fastapi.security import SecurityScopes
+from fastapi.testclient import TestClient
+from typing_extensions import Annotated
+
+
+async def security1(scopes: SecurityScopes):
+ return scopes.scopes
+
+
+async def security2(scopes: SecurityScopes):
+ return scopes.scopes
+
+
+async def dep3(
+ dep1: Annotated[List[str], Security(security1, scopes=["scope1"])],
+ dep2: Annotated[List[str], Security(security2, scopes=["scope2"])],
+):
+ return {"dep1": dep1, "dep2": dep2}
+
+
+app = FastAPI()
+
+
+@app.get("/scopes")
+def get_scopes(
+ dep3: Annotated[Dict[str, Any], Security(dep3, scopes=["scope3"])],
+):
+ return dep3
+
+
+client = TestClient(app)
+
+
+def test_security_scopes_dont_propagate():
+ response = client.get("/scopes")
+ assert response.status_code == 200
+ assert response.json() == {
+ "dep1": ["scope3", "scope1"],
+ "dep2": ["scope3", "scope2"],
+ }
diff --git a/tests/test_security_scopes_sub_dependency.py b/tests/test_security_scopes_sub_dependency.py
new file mode 100644
index 000000000..9cc668d8e
--- /dev/null
+++ b/tests/test_security_scopes_sub_dependency.py
@@ -0,0 +1,107 @@
+# Ref: https://github.com/fastapi/fastapi/discussions/6024#discussioncomment-8541913
+
+from typing import Dict
+
+import pytest
+from fastapi import Depends, FastAPI, Security
+from fastapi.security import SecurityScopes
+from fastapi.testclient import TestClient
+from typing_extensions import Annotated
+
+
+@pytest.fixture(name="call_counts")
+def call_counts_fixture():
+ return {
+ "get_db_session": 0,
+ "get_current_user": 0,
+ "get_user_me": 0,
+ "get_user_items": 0,
+ }
+
+
+@pytest.fixture(name="app")
+def app_fixture(call_counts: Dict[str, int]):
+ def get_db_session():
+ call_counts["get_db_session"] += 1
+ return f"db_session_{call_counts['get_db_session']}"
+
+ def get_current_user(
+ security_scopes: SecurityScopes,
+ db_session: Annotated[str, Depends(get_db_session)],
+ ):
+ call_counts["get_current_user"] += 1
+ return {
+ "user": f"user_{call_counts['get_current_user']}",
+ "scopes": security_scopes.scopes,
+ "db_session": db_session,
+ }
+
+ def get_user_me(
+ current_user: Annotated[dict, Security(get_current_user, scopes=["me"])],
+ ):
+ call_counts["get_user_me"] += 1
+ return {
+ "user_me": f"user_me_{call_counts['get_user_me']}",
+ "current_user": current_user,
+ }
+
+ def get_user_items(
+ user_me: Annotated[dict, Depends(get_user_me)],
+ ):
+ call_counts["get_user_items"] += 1
+ return {
+ "user_items": f"user_items_{call_counts['get_user_items']}",
+ "user_me": user_me,
+ }
+
+ app = FastAPI()
+
+ @app.get("/")
+ def path_operation(
+ user_me: Annotated[dict, Depends(get_user_me)],
+ user_items: Annotated[dict, Security(get_user_items, scopes=["items"])],
+ ):
+ return {
+ "user_me": user_me,
+ "user_items": user_items,
+ }
+
+ return app
+
+
+@pytest.fixture(name="client")
+def client_fixture(app: FastAPI):
+ return TestClient(app)
+
+
+def test_security_scopes_sub_dependency_caching(
+ client: TestClient, call_counts: Dict[str, int]
+):
+ response = client.get("/")
+
+ assert response.status_code == 200
+ assert call_counts["get_db_session"] == 1
+ assert call_counts["get_current_user"] == 2
+ assert call_counts["get_user_me"] == 2
+ assert call_counts["get_user_items"] == 1
+ assert response.json() == {
+ "user_me": {
+ "user_me": "user_me_1",
+ "current_user": {
+ "user": "user_1",
+ "scopes": ["me"],
+ "db_session": "db_session_1",
+ },
+ },
+ "user_items": {
+ "user_items": "user_items_1",
+ "user_me": {
+ "user_me": "user_me_2",
+ "current_user": {
+ "user": "user_2",
+ "scopes": ["items", "me"],
+ "db_session": "db_session_1",
+ },
+ },
+ },
+ }
diff --git a/tests/test_stringified_annotations_simple.py b/tests/test_stringified_annotations_simple.py
new file mode 100644
index 000000000..9bd6d09d6
--- /dev/null
+++ b/tests/test_stringified_annotations_simple.py
@@ -0,0 +1,26 @@
+from __future__ import annotations
+
+from fastapi import Depends, FastAPI, Request
+from fastapi.testclient import TestClient
+from typing_extensions import Annotated
+
+from .utils import needs_py310
+
+
+class Dep:
+ def __call__(self, request: Request):
+ return "test"
+
+
+@needs_py310
+def test_stringified_annotations():
+ app = FastAPI()
+
+ client = TestClient(app)
+
+ @app.get("/test/")
+ def call(test: Annotated[str, Depends(Dep())]):
+ return {"test": test}
+
+ response = client.get("/test")
+ assert response.status_code == 200
diff --git a/tests/test_top_level_security_scheme_in_openapi.py b/tests/test_top_level_security_scheme_in_openapi.py
index e2de31af5..a36c66d1a 100644
--- a/tests/test_top_level_security_scheme_in_openapi.py
+++ b/tests/test_top_level_security_scheme_in_openapi.py
@@ -27,7 +27,7 @@ def test_get_root():
def test_get_root_no_token():
response = client.get("/")
- assert response.status_code == 403, response.text
+ assert response.status_code == 401, response.text
assert response.json() == {"detail": "Not authenticated"}
diff --git a/tests/test_tutorial/test_authentication_error_status_code/__init__.py b/tests/test_tutorial/test_authentication_error_status_code/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/tests/test_tutorial/test_authentication_error_status_code/test_tutorial001.py b/tests/test_tutorial/test_authentication_error_status_code/test_tutorial001.py
new file mode 100644
index 000000000..bbd7bff30
--- /dev/null
+++ b/tests/test_tutorial/test_authentication_error_status_code/test_tutorial001.py
@@ -0,0 +1,69 @@
+import importlib
+
+import pytest
+from fastapi.testclient import TestClient
+from inline_snapshot import snapshot
+
+from ...utils import needs_py39
+
+
+@pytest.fixture(
+ name="client",
+ params=[
+ "tutorial001_an",
+ pytest.param("tutorial001_an_py39", marks=needs_py39),
+ ],
+)
+def get_client(request: pytest.FixtureRequest):
+ mod = importlib.import_module(
+ f"docs_src.authentication_error_status_code.{request.param}"
+ )
+
+ client = TestClient(mod.app)
+ return client
+
+
+def test_get_me(client: TestClient):
+ response = client.get("/me", headers={"Authorization": "Bearer secrettoken"})
+ assert response.status_code == 200
+ assert response.json() == {
+ "message": "You are authenticated",
+ "token": "secrettoken",
+ }
+
+
+def test_get_me_no_credentials(client: TestClient):
+ response = client.get("/me")
+ assert response.status_code == 403
+ assert response.json() == {"detail": "Not authenticated"}
+
+
+def test_openapi_schema(client: TestClient):
+ response = client.get("/openapi.json")
+ assert response.status_code == 200, response.text
+ assert response.json() == snapshot(
+ {
+ "openapi": "3.1.0",
+ "info": {"title": "FastAPI", "version": "0.1.0"},
+ "paths": {
+ "/me": {
+ "get": {
+ "summary": "Read Me",
+ "operationId": "read_me_me_get",
+ "responses": {
+ "200": {
+ "description": "Successful Response",
+ "content": {"application/json": {"schema": {}}},
+ }
+ },
+ "security": [{"HTTPBearer403": []}],
+ }
+ }
+ },
+ "components": {
+ "securitySchemes": {
+ "HTTPBearer403": {"type": "http", "scheme": "bearer"}
+ }
+ },
+ }
+ )
diff --git a/tests/test_tutorial/test_header_param_models/test_tutorial003.py b/tests/test_tutorial/test_header_param_models/test_tutorial003.py
index 60940e1da..554a48d2e 100644
--- a/tests/test_tutorial/test_header_param_models/test_tutorial003.py
+++ b/tests/test_tutorial/test_header_param_models/test_tutorial003.py
@@ -77,7 +77,7 @@ def test_header_param_model_no_underscore(client: TestClient):
"user-agent": "testclient",
"save-data": "true",
"if-modified-since": "yesterday",
- "x-tag": "two",
+ "x-tag": ["one", "two"],
},
}
)
diff --git a/tests/test_tutorial/test_security/test_tutorial003.py b/tests/test_tutorial/test_security/test_tutorial003.py
index 2bbb2e851..6b8735113 100644
--- a/tests/test_tutorial/test_security/test_tutorial003.py
+++ b/tests/test_tutorial/test_security/test_tutorial003.py
@@ -66,7 +66,7 @@ def test_token(client: TestClient):
def test_incorrect_token(client: TestClient):
response = client.get("/users/me", headers={"Authorization": "Bearer nonexistent"})
assert response.status_code == 401, response.text
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
assert response.headers["WWW-Authenticate"] == "Bearer"
diff --git a/tests/test_tutorial/test_security/test_tutorial006.py b/tests/test_tutorial/test_security/test_tutorial006.py
index 40b413806..9587159dc 100644
--- a/tests/test_tutorial/test_security/test_tutorial006.py
+++ b/tests/test_tutorial/test_security/test_tutorial006.py
@@ -41,7 +41,7 @@ def test_security_http_basic_invalid_credentials(client: TestClient):
)
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == "Basic"
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_security_http_basic_non_basic_credentials(client: TestClient):
@@ -50,7 +50,7 @@ def test_security_http_basic_non_basic_credentials(client: TestClient):
response = client.get("/users/me", headers={"Authorization": auth_header})
assert response.status_code == 401, response.text
assert response.headers["WWW-Authenticate"] == "Basic"
- assert response.json() == {"detail": "Invalid authentication credentials"}
+ assert response.json() == {"detail": "Not authenticated"}
def test_openapi_schema(client: TestClient):
diff --git a/tests/test_wrapped_method_forward_reference.py b/tests/test_wrapped_method_forward_reference.py
new file mode 100644
index 000000000..7403f6002
--- /dev/null
+++ b/tests/test_wrapped_method_forward_reference.py
@@ -0,0 +1,31 @@
+import functools
+
+from fastapi import FastAPI
+from fastapi.testclient import TestClient
+
+from .forward_reference_type import forwardref_method
+
+
+def passthrough(f):
+ @functools.wraps(f)
+ def method(*args, **kwargs):
+ return f(*args, **kwargs)
+
+ return method
+
+
+def test_wrapped_method_type_inference():
+ """
+ Regression test ensuring that when a method imported from another module
+ is decorated with something that sets the __wrapped__ attribute (functools.wraps),
+ then the types are still processed correctly, including dereferencing of forward
+ references.
+ """
+ app = FastAPI()
+ client = TestClient(app)
+ app.post("/endpoint")(passthrough(forwardref_method))
+ app.post("/endpoint2")(passthrough(passthrough(forwardref_method)))
+ with client:
+ response = client.post("/endpoint", json={"input": {"x": 0}})
+ response2 = client.post("/endpoint2", json={"input": {"x": 0}})
+ assert response.json() == response2.json() == {"x": 1}
+ 
+
+