hi @chrisK824, my use case is that I have a router which has a global dependency to validate jwt tokens. then, i also have endpoints which come under the secure router where i want to check for the permissions, so for example

Question

hi @chrisK824, my use case is that I have a router which has a global dependency to validate jwt tokens. then, i also have endpoints which come under the secure router where i want to check for the permissions, so for example

rohantandon25 opened this issue a month ago · 0 comments

hi @WilliamStam, my use case is that I have a router which has a global dependency to validate jwt tokens. then, i also have endpoints which come under the secure router where i want to check for the permissions, so for example

secure_router = APIRouter(dependencies=[Security(auth0_token)])
@secure_router.get("/api/{org}/user",
                    dependencies=[Depends(PermissionsValidator(["read:{org}"]))])

and PermissionsValidator is defined as:

class PermissionsValidator:
    def __init__(self, required_permissions: list[str]):
        self.required_permissions = required_permissions

    def __call__(self, token: JWTPayload = Security(auth0_token)):
        token_permissions = token.permissions
        token_permissions_set = set(token_permissions)
        required_permissions_set = set(self.required_permissions)

        if not required_permissions_set.issubset(token_permissions_set):
            raise PermissionDeniedException

it seems to me that the jwt token will be validated twice in this scenario - is it possible to do it only once?

Originally posted by @rohantandon25 in #10388 (reply in thread)