Thank you very much for such kind words 🙏🙂

Thank you very much

hehe - Thanks for the compliment :)

@@BekBrace the truth ma man

Thank you

@@BekBrace please can you make tutorial on FastAPI and machine learning?

@@marcus7387 sure, it’s doable 🙂

There will be :)

​@@BekBrace Great! That tutorial will begin my renewed webdev journey with FastAPI and Next Js. Thanks for the efforts 😊

Glad to hear that - thanks for watching

Thank you

Огромное тебе спасибо, друг 🙏

Thanks so much Pawel 🙂 🙏

Thank you! Stay sharp and good luck to your programming journey, man

Thank you so much Mohamed - Happy Ramadan to you

@@BekBrace i just tried the same now. No hiccups, very easy to follow. Thanks again mate. Happy Ramadan to you too.

Thank you very much, Chris 🙏

Thank you so much, David

Tha k you my friend, I appreciate your support to the channel

Thank you so much Yura !

Thank You

Thank you very much 🙂

I am aware of the issue, once i have the time i will check out deeper and write the solution in the description - thanks for the heads-up though

Thank you so much 🙂🙏

Thank you very much, my friend

Thank you very much

Good to hear my friend

Yes that's the problem the route are not authenticated anyone can access it

Thank you so much Avinash , your words mean a lot really. It’s an awesome idea, I can make a FastAPI Vue tutorial with JWT authentication - just added this to the three months plan for channels vids. Thanks 😊

@@BekBrace Thank you sir for responding. God bless you

Thank you very much 🙏☺️ Always glad to receive such feedback 🙏

I think I was trying to add more logic, but you’re right it would’ve been better to keep it simple and leave it to pyjwt to handle it 😁

Thank you

Thank you 🙏

Welcome :)

@@BekBrace can fastapi be integrated with another language ?

Thank you very much

Thank you so much my friend

Thank you very much my friend

You are very welcome 🙂

Thank you very much 🙏😊

Thanks my friend

You're very welcome

I'm glad 🙂

Thank you, Ricardo!

Hey Yair thanks for your comment. You can delete the default if you want to keep it simple with no extra arguments, that’s why you’ll have the same result; however if the userschema body is set to be a different default value, it will behave differently. I just put it to be visually clear if anyone wants to change the default value.

@@BekBrace so this helps me to set the default behavior, if no json is sent. Got it.

You're welcome 🤗

Thank you :)

thank you for watching

Oh 6x faster 😯 ? Thanks for the information, Johnnie.

interesting

Hi Johnnie, so you mean fastest framework in Java and Go etc. ?

@@erjiaxiao6577 yes... java, go, rust, c++ and even node frameworks are faster. But we are usually bounded by other factors when dealing with rest api backend servers. So that does not really become a decision factor. At least.

@@johnniefujita I see.. I check some benchmark and find that python nowadays could has its position with these contestants. good news for those who like python. thank you for the info!

Hi Kirby, thanks for commenting Yes, I've added it in the description. Here's the link: github.com/BekBrace/FASTAPI-and-JWT-Authentication

It should work, this is odd. Do you have an error message ?

Hey 😊👋 thanks for your comment I'm pretty sure there are, I'm gonna check that and be back to you with an answer to your question

Thank you for your help! I will also study for it.

Ok, maybe you can download the source code and check out what went wrong? This way you will teach yourself while taking notes ☺️

Thanks 🙏

For standardization purposes nothing more

Hello my friend. Sure. JWT (JSON Web Token) and JOT (JSON Object Token) are both types of access tokens used for authorization and authentication, while access token is a more general term used for any token that grants access to a protected resource.

I will do my best finding the solution 🙂

What dependencies are you trying to post with ?

Thank you!

Really nothing more than showing how a standard template. You can omit it and it will still work.

Sure

I had same issue and turns out we forgot to add verify_jwt in jwt_bearer file. Simply add an if statement below if not credentials statement. Just check if not self.verify_jwt with credentials.credentials.

Sure 😊

You're welcome 😊

Cheers

Exactly that

But it's clear how i did it in the tutorial

Hey Jasen, thanks for commenting. Yes, I've added the source code in the description. Here's the link: github.com/BekBrace/FASTAPI-and-JWT-Authentication

I'll look into this and get back to you

Hey Gomez 👋 I’ll check it out and will be back to you with an answer to this issue

@@BekBrace thanks a lot my dear friend, you're the Best!!!

@@BekBrace write is small, auto_error = auto_Error

Thanks Jean The same as we post, follow the same rules , and as for creating the routes you can check out my FastAPI course, you’ll find your answer there

It should work for reading [Get] verb, but not for writing [POST] - is that the case ?

@@BekBrace Both [post] and [get] are the same case.

You're welcome

Thank you my friend. Keyboard's name is Genesis Thor 300

Sure i can help. you can use this access_token for auth in different public endpoints. How do you want to start?

I would like asking about I can secure with token the endpoints ok but the problem is instead of access_token with any value which I enter the authentication point I can authorize the endpoint. Normally I think I have to give an acces_token which I get from the login endpoint, after that I can be authorised the post method which is secured with token. So I confused about that how I could secure with only access_token not any value. Also I looked into source code of you shared, when I apply it to my project. I cannot authorize with access_token and any value

@@dogaada6619 simply add new field key value like role: admin, and a condition if its admin then allow.

Oh sorry to hear that, but I can advise you to make sure that your JWT token you are using for authentication is valid and has not expired, make sure to generate a new token if the existing one has expired.

Hey! You can try to implement role-based access control (RBAC) in your authentication and authorization system for the student and the admin, each of which will have separate tokens and permissions.

Hey, thank you for this question :) Actually, you can update user information using the PUT method for a specific user by the following: 1- Token-Based Authentication: Set up token-based authentication in your FastAPI application. When a user logs in successfully, generate a JWT token and return it to the client. The client should store this token securely. 2- Protect Routes: Protect the routes or endpoints that require authentication and user information updates. Only authenticated users with valid JWT tokens should be able to access these routes. 3- Client-Side: When making a PUT request to update user information, include the JWT token in the request header as an "Authorization" header with the "Bearer" prefix: Authorization: Bearer As far as thee Server-Side (FastAPI), you need to: 1- Authenticate the user: Verify that the provided JWT token is valid and decode it to extract the user's identity (usually the user's ID). 2- Authorize the update: Ensure that the user making the request has the necessary permissions to update the user information. Typically, users can only update their own information, so you should check if the user ID extracted from the token matches the user being updated. 3- Update the user information: If authentication and authorization checks pass, proceed to update the user's information in your database based on the data provided in the PUT request.

With a very simple conditional to check if the pass entered 2nd time == 1st time, then continue; else raiseerror (not identical password ) - that’s the main idea, I’m sure you can search for the syntax

@@BekBrace Ohhhhh I thought you're gonna have to create like a new schema/model with the confirmationPassword as its field. Thank youuuuu!

Yes, i will do that with oauth2 soon

@@BekBrace Awesome! Will be looking out for it.

Ok

@@BekBrace Thank you, I copied it excatly, but I can enter any string, into the authorization window, even if it is not a JWT token, and I have access to all the protected routes

Great question. The id 0 in the curl link doesn't necessarily mean the actual id number of the item added, it starts at 0 and increments based on previously added items, in this case as explained I've added cats twice, that's why the GET request showed it twice at I'd 4 and 5.

Don't have much experience with Svelte, sorry

what do you mean by "identify" ?

@@BekBrace Like how do you get the authenticated users credenttials from the secured routes.

It is working fine

Strange. Now it works

?

Ok .. what ?

@@BekBrace sorry i should have added a ignore message.. these are just timestamps for my use

What’s happening ?

It's as deep as it gets 😉

Thanks for your questions, my friend. Answering your questions: 1- The decodeJWT function takes the token and decodes it with the aid of the jwt module and then stores it in a decoded_token variable. So what we want is to return decoded_token if the expiry time is valid which is exactly the answer to your question, otherwise, we return None. 2- In signup, I returned signJWT only once not twice : @app.post("/user/signup", tags=["user"]) async def create_user(user: UserSchema = Body(...)): users.append(user) return signJWT(user.email)

Thank You