fastapi-users integration.

[farzbood]

Hi everyone,
I'm using fastapi-users as the user management app for my FastAPI project.
Could anyone suggest a straightforward flow to integrate that as starlette-admin auth-provider?

[jowilf]

You can do something like this:

class MyAuthProvider(AuthProvider):
    async def login(
        self,
        username: str,
        password: str,
        remember_me: bool,
        request: Request,
        response: Response,
    ) -> Response:
        session = request.state.session
        user_manager =  UserManager(SQLAlchemyUserDatabase(session, YorUserModel))
        token_manager =  DatabaseStrategy(SQLAlchemyAccessTokenDatabase(session, YourAccessTokenModel), lifetime_seconds=3600)
       
        # validation logic

        user = await user_manager.authenticate(OAuth2PasswordRequestForm(username=username, password=password))
        
         # validate user 
        
        request.session.update({"session": await token_manager.write_token(user)})

       return response

    async def is_authenticated(self, request) -> bool:
        session: AsyncSession = request.state.session
        user_manager = ...
        token_manager = ...

        token = request.session.get("session", None)
        user: User = await token_manager.read_token(token, user_manager)

        if user and user.is_active:
            request.state.user = user
            return True
        return False

    def get_admin_user(self, request: Request) -> AdminUser | None:
        user: User = request.state.user  # Retrieve current user
        return AdminUser(...)


    async def logout(self, request: Request, response: Response) -> Response:
        request.session.clear()
        return response

[farzbood]

Thank you for the reply.
Other than a few adjustments e.g: token_manager.read_token(token, user_manager) which was failing due to lack of implementation of parse_id() method in BaseUserManager (that is on their side) I refactored the code in is_authenticated to this

            # user: User = await token_manager.read_token(token, user_manager)
            token_user_id: User = await token_manager.database.get_by_token(token)
            if token_user_id is not None:
                user: User = await user_manager.get(token_user_id.user_id.hex)

and the need to installing SessionMiddleware in the Admin , it covers the basic AuthX needs. I'm not sure if fastapi-users is the best fit, though.

BTW:
There's another issue concerned to fastapi-users Models manipulation in starlette-admin , e.g: trying to create new or edit existing rows in User Model , failed due to some kind of validation error, that seems to be related to the Models/Schemas customization in fastapi-users itself.

Keep up with good work.

[jowilf]

You need to extend the BaseUserManager to create your own UserManager https://fastapi-users.github.io/fastapi-users/14.0/configuration/user-manager/

[farzbood]

Of course, there's no built-in UserManager , the missing point was including the UUIDIDMixin into UserManager declaration, to override the parse_id() method in BaseUserManager.
Now everything works fine, based on your initial code template.
Thank you both sides :)

[farzbood]

But the problem with Models (User, Token) manipulation in starlette-admin panel persists.
Any guideline?

[jowilf]

can you describe the validation error you are having? I have successfully integrated fastapi-users with starlette-admin in the past and seems not to have any issue