fastapi-cloudauth icon indicating copy to clipboard operation
fastapi-cloudauth copied to clipboard
verified publisher icon tokusumi

Enfore that a user's e-mail is verified in Auth0 for accessing an API

Open junoriosity opened this issue 4 years ago • 0 comments

I want to allow users only to access some APIs, if the e-mail of the user is verified. So far I have come up with that code

import os
from pydantic import Field
from fastapi import FastAPI, Depends
from fastapi_cloudauth.auth0 import Auth0CurrentUser, Auth0Claims

app = FastAPI()


class CustomAuth0Claims(Auth0Claims):
    user_id: str = Field(alias="sub")
    nickname: str = Field(alias="nickname")
    is_verified: bool = Field(alias="email_verified")




get_current_user = Auth0CurrentUser(
    domain=os.environ["AUTH0_DOMAIN"],
    client_id=os.environ["AUTH0_CLIENTID"]
)
get_current_user.user_info = CustomAuth0Claims 


@app.get("/user/")
def secure_user(current_user: Auth0Claims = Depends(get_current_user)):
    # ID token is valid and getting user info from ID token
    return f"Hello, {current_user}"

My question is now, how can I create something like get_current_user, say get_current_verified_user, which I can use for an API to enforce that only e-mail verified users are allowed to use it.

junoriosity avatar Feb 12 '22 22:02 junoriosity