Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

extending to support oauth2.0 #107

Open
knail2 opened this issue Nov 29, 2024 · 1 comment
Open

extending to support oauth2.0 #107

knail2 opened this issue Nov 29, 2024 · 1 comment

Comments

@knail2
Copy link

knail2 commented Nov 29, 2024

I really like your project. the architecture is elegant, and it is using the components I need for a production level deployment (langchain, and fastapi). your code is also clean and easy to understand, and your videos helped grok it too.

two questions for you:

  1. I don't see where I can store and changed the basic auth capabilities on the fastapi server side. Atleast its not clear in the code or in the readme. can you clarify?
  2. I am considering extending your fastapi service to support oauth2.0, as I will need that capability to push to production. however that does require some storage capabilities, like secrets, token, scopes. there are going to be two target platforms I'll need to support. These are Heroku and Snowflake containers. After researching, the most optimum place to store state for Heroku would be in its postgreSQL service and for snowflake would obviously be in its own database. Please let me know what you think on this oauth2.0 extension. would you be interested in me sending you a pull request, or shall I fork off your code and maintain all this on my side?

thank you and keep up the great work
Omer
@JoshuaC215
Copy link
Owner

Hi Omer, glad you like the repo and thanks for your kind words!

Re: updating the current auth - the simple ENV-configured header secret is set up in verify_bearer(), which is a dependency on the router that all the key routes are attached to.

I don't know if I'd want to add Heroku or Snowflake containers specific implementations directly in the core service since it's intended to be relatively generic. If there's a way to add it as an example or something on the side I would be interested! Also if it could be set up in a generic way in the core service, I might be interested. Certainly if you post any public fork with this code please do share it back as I'm sure others will be interested.

Just a note maybe worth considering whether OAuth2 or OIDC is the best to use. In some of my recent projects I was looking more at OIDC as being a bit more modern (e.g. see discussion here)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JoshuaC215 @knail2