user profile 401 Unauthorized #1327

lifengmds · 2023-12-27T15:54:42Z

lifengmds
Dec 27, 2023

Describe the bug

The user registration and login were successfully, but the requests for current user profile /users/me return 401 Unauthorized. I could not figure out why?

const TOKEN = 'eyJ0eXAiOiJKV1QiL.......';
axios.get(
    'http://localhost:8000/users/me', {
    headers: {
        'Authorization': `Bearer ${TOKEN}`,
    },
})
.then((response) => console.log(response))
.catch((error) => console.log(error));

Configuration

Python version : 3.9
FastAPI version : 0.104.1
FastAPI Users version : 12.1.2, use with fastapi_users_db_sqlmodel

FastAPI Users configuration


import uuid
from typing import Optional,AsyncGenerator

from fastapi import Depends, Request
from fastapi_users import schemas
from fastapi_users import BaseUserManager, FastAPIUsers, UUIDIDMixin
# from fastapi_users.db import SQLAlchemyBaseUserTableUUID, SQLAlchemyUserDatabase
from fastapi_users_db_sqlmodel import SQLModelBaseUserDB, SQLModelUserDatabaseAsync
# from sqlalchemy.ext.asyncio import AsyncSession, async_sessionmaker, create_async_engine
from sqlalchemy.orm import DeclarativeBase
from core.globals import async_db
from apps.afkarena.models import Users as User
from apps.afkarena.utils import send_email

from fastapi_users.authentication import (
    AuthenticationBackend,
    BearerTransport,
    JWTStrategy,
)

SECRET = "CXgyOLiY-OzbkCwdjOp53g"


class Base():
    pass

class UserManager(UUIDIDMixin, BaseUserManager[User, id]):
    reset_password_token_secret = SECRET
    verification_token_secret = SECRET

    async def on_after_register(self, user: User, request: Optional[Request] = None):
        # await send_email(user.email, "Welcome to AFK Arena", "Welcome to AFK Arena, your account has been created. please verify your email.")
        print(f"User {user.id} has registered.")

    async def on_after_forgot_password(
        self, user: User, token: str, request: Optional[Request] = None
    ):
        print(f"User {user.id} has forgot their password. Reset token: {token}")

    async def on_after_request_verify(
        self, user: User, token: str, request: Optional[Request] = None
    ):
        print(f"Verification requested for user {user.id}. Verification token: {token}")


bearer_transport = BearerTransport(tokenUrl="auth/jwt/login")


async def create_db_and_tables():

    # await async_db.run_sync(Base.metadata.create_all(bind = async_db))
    # await async_db.async_commit()
    pass

def get_jwt_strategy() -> JWTStrategy:
    return JWTStrategy(secret=SECRET, lifetime_seconds=3600)

async def get_user_manager():
    user_db = SQLModelUserDatabaseAsync(async_db, User)
    yield UserManager(user_db)


auth_backend = AuthenticationBackend(
    name="jwt",
    transport=bearer_transport,
    get_strategy=get_jwt_strategy,
)

fastapi_users = FastAPIUsers[User, int](get_user_manager, [auth_backend])

current_active_user = fastapi_users.current_user(active=True)

#schemas
class UserRead(schemas.BaseUser[int]):
    pass


class UserCreate(schemas.BaseUserCreate):
    name: str


class UserUpdate(schemas.BaseUserUpdate):
    pass

Additional context

class Users(SQLModelBaseUserDB, table=True):
    __tablename__ = "user"
    __table_args__ = {'extend_existing': True}
    id: Optional[int] = Field(default=None, primary_key=True, nullable=False, title="ID")
    name: Optional[str] = Field(default=None, max_length=50, index=True, title="Name")
    is_artist: bool = Field(default=False, title="Is Artist",index=True,)
    avatar: Optional[str] = Field(default=None, max_length=255, title="Avatar")

    # Relationships
    artworks: List["Artwork"] = Relationship(back_populates="user")

    created_at: datetime = Field(default_factory=datetime.utcnow, title="Created At")
    updated_at: Optional[datetime] = Field(default=None, title="Updated At")
    last_login: Optional[datetime] = Field(default=None, title="Last Login")

Answered by frankie567

Dec 28, 2023

You defined your model with an int ID:

class Users(SQLModelBaseUserDB, table=True):
    __tablename__ = "user"
    __table_args__ = {'extend_existing': True}
    id: Optional[int] = Field(default=None, primary_key=True, nullable=False, title="ID")

However, you used the UUIDIDMixin in the user manager:

class UserManager(UUIDIDMixin, BaseUserManager[User, id]):

You need to be consistent on the ID type. If you wish to keep an integer ID, UserManager should look like this:

class UserManager(IntegerIDMixin, BaseUserManager[User, int]):

Ref: https://fastapi-users.github.io/fastapi-users/12.1/configuration/user-manager/#the-id-parser-mixin

View full answer

hgalytoby · 2023-12-28T04:32:54Z

hgalytoby
Dec 28, 2023

I tested and didn't encounter this issue.

Could you provide F12 -> Network -> Headers and Preview information?

0 replies

lifengmds · 2023-12-28T04:57:01Z

lifengmds
Dec 28, 2023
Author

Thanks. Both postman and axios js got the same issue. It seems that the issue comes from the authentication and the get_users_router has not been called during the request. Do I have to use a redis or db to store the token? I need help.

response headers:
content-length →25
content-type →application/json
date →Thu, 28 Dec 2023 04:28:23 GMT
server →uvicorn

0 replies

hgalytoby · 2023-12-28T07:09:06Z

hgalytoby
Dec 28, 2023

Thanks. Both postman and axios js got the same issue. It seems that the issue comes from the authentication and the get_users_router has not been called during the request. Do I have to use a redis or db to store the token? I need help.

response headers: content-length →25 content-type →application/json date →Thu, 28 Dec 2023 04:28:23 GMT server →uvicorn

No need for Redis or a database to store the token.

If you create a minimal example repo, I can take a look for you.

0 replies

frankie567 · 2023-12-28T07:26:48Z

frankie567
Dec 28, 2023
Maintainer

You defined your model with an int ID:

class Users(SQLModelBaseUserDB, table=True):
    __tablename__ = "user"
    __table_args__ = {'extend_existing': True}
    id: Optional[int] = Field(default=None, primary_key=True, nullable=False, title="ID")

However, you used the UUIDIDMixin in the user manager:

class UserManager(UUIDIDMixin, BaseUserManager[User, id]):

You need to be consistent on the ID type. If you wish to keep an integer ID, UserManager should look like this:

class UserManager(IntegerIDMixin, BaseUserManager[User, int]):

Ref: https://fastapi-users.github.io/fastapi-users/12.1/configuration/user-manager/#the-id-parser-mixin

1 reply

lifengmds Dec 28, 2023
Author

Thanks you very much for checking my code, you solved my problem.
I would suggest to add some necessary exceptions so that we can identify the problem.

Thanks~

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

user profile 401 Unauthorized #1327

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 4 comments 1 reply

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

user profile 401 Unauthorized #1327

Uh oh!

Uh oh!

lifengmds Dec 27, 2023

Describe the bug

Configuration

FastAPI Users configuration

Additional context

Replies: 4 comments · 1 reply

Uh oh!

hgalytoby Dec 28, 2023

Uh oh!

Uh oh!

lifengmds Dec 28, 2023 Author

Uh oh!

hgalytoby Dec 28, 2023

Uh oh!

frankie567 Dec 28, 2023 Maintainer

Uh oh!

lifengmds Dec 28, 2023 Author

lifengmds
Dec 27, 2023

Replies: 4 comments 1 reply

hgalytoby
Dec 28, 2023

lifengmds
Dec 28, 2023
Author

hgalytoby
Dec 28, 2023

frankie567
Dec 28, 2023
Maintainer

lifengmds Dec 28, 2023
Author