FastAPI Secure Logic Skill
Instructions
- •JWT Verification: Create a FastAPI dependency to decode and validate JWTs using the shared secret.
- •Data Filtering: Always add a
user_idfilter to every SQLModel query to prevent cross-user data access. - •Input Validation: Use Pydantic models to strictly validate incoming JSON payloads.
- •Standard Errors: Raise
HTTPException(401)for invalid tokens and404for missing resources.
Examples
- •Secure Route:
@app.get("/tasks") def read_tasks(user: User = Depends(get_current_user)): - •Query:
select(Task).where(Task.user_id == user.id)