Hi Sanjeev, Thanks for these videos. After going through this video and referring the documentation, I have this understanding of the flow as stated below: 1) User attempts Login using *"/login"* path operation, credentials get checked and if valid then a JWT token is generated and send as JSON *(access_token, token_type)* 2) For certain paths, we need the user to be active (logged in), example to create post. Meaning we need user specific token to be validated and verified before servicing the request. 3) Suppose user sends a request to create post, we need go check the login status of user. The request consists of *Authorization header* containing *token* , *token type (bearer)* and the payload. 4) First we need to validate if the *Authorization header* is in proper format/schema or not as per *oauth2* spec. So we create a instance of *OAuth2PasswordBearer* class ( _oauth2_scheme_ ) with _token_url_ being the path used for generating token (in our case "login"). 5) This validation part is done by *get_current_user* function, wherein we pass *token* sent by user, along with dependency _oauth2_scheme_ (to check header format) 6) once header is validated, we move on to verification of token to check integrity of the token and check payload data. this operation is managed by *verify_access_token* function. If it is good then proceed with servicing the user request (create post). 7) If there are something is giving error or invalid, then we raise *HTTPException* and send *401 UNAUTHORIZED* code along with header containing *WWW-Authenticate* having value *Bearer* as per the *oauth2* spec. Obviously for this all to happen we need to add the *get_current_user* as a dependency in the *create_posts* path operation function. Is my understanding of the flow correct? Also suppose if *oauth2_scheme* dependency in *get_current_user* function fails, then what error will be sent?
Hi Sanjeev, Thanks for these videos. After going through this video and referring the documentation, I have this understanding of the flow as stated below:
1) User attempts Login using *"/login"* path operation, credentials get checked and if valid then a JWT token is generated and send as JSON *(access_token, token_type)*
2) For certain paths, we need the user to be active (logged in), example to create post. Meaning we need user specific token to be validated and verified before servicing the request.
3) Suppose user sends a request to create post, we need go check the login status of user. The request consists of *Authorization header* containing *token* , *token type (bearer)* and the payload.
4) First we need to validate if the *Authorization header* is in proper format/schema or not as per *oauth2* spec. So we create a instance of *OAuth2PasswordBearer* class ( _oauth2_scheme_ ) with _token_url_ being the path used for generating token (in our case "login").
5) This validation part is done by *get_current_user* function, wherein we pass *token* sent by user, along with dependency _oauth2_scheme_ (to check header format)
6) once header is validated, we move on to verification of token to check integrity of the token and check payload data. this operation is managed by *verify_access_token* function. If it is good then proceed with servicing the user request (create post).
7) If there are something is giving error or invalid, then we raise *HTTPException* and send *401 UNAUTHORIZED* code along with header containing *WWW-Authenticate* having value *Bearer* as per the *oauth2* spec.
Obviously for this all to happen we need to add the *get_current_user* as a dependency in the *create_posts* path operation function.
Is my understanding of the flow correct?
Also suppose if *oauth2_scheme* dependency in *get_current_user* function fails, then what error will be sent?