I am new to fastapi
. I was trying to implement an authentication feature in it. It uses OAuth2PasswordBearer
for that. I do not actually understand what's the use of this if I can simply get the username and password as a post request and match it with my database. Please explain this.
OAuth2PasswordBearer is a dependency for the oauth2.0 authorisation, when you pass the token url:
oauth2_scheme = OAuth2PasswordBearer(tokenUrl='login')
login route will return a JSON response like:
{"access_token": access_token, "token_type":"bearer"}
which will be used for when ever you want to protect a api, which mean it requires login, you will put a dependency function like: get_current_user
which will be depends on this oauth2_scheme, which has the access_token of the currently logged in user, if its able to verify the current logged user by validating the token, which means decode the token using your secrete_key(private)
it will allow the user to perform further actions where ever your put this restriction ex: create, edit or delete something on your api.
This the oauth2.0 authorisation flow, using the access token.