How would you implement a route with optional User ?

[sorasful]

I would like to know, how would go if you wanted to setup a route, which can be called when you are authenticated (using JWT for example), so you get the current user. But you can also allow unauthenticated User and get None instead of the current_user.

The problem is that current_user_from_token is called after the JWTCookieAuth checks for a JWT token. So if there's no token it raises a 401.

And if I set exclude_from_auth=True on my route, even if the user is authenticated I get current_user == None.

async def current_user_from_token(token: Token, connection: ASGIConnection[Any, Any, Any, Any]) -> User | None:
    """Lookup current user from local JWT token.

    Fetches the user information from the database


    Args:
        token (str): JWT Token Object
        connection (ASGIConnection[Any, Any, Any, Any]): ASGI connection.


    Returns:
        User: User record mapped to the JWT identifier
    """
    service = await anext(provide_users_service(alchemy.provide_session(connection.app.state, connection.scope)))
    user = await service.get_one_or_none(email=token.sub)
    return user if user and user.is_active else None


auth = JWTCookieAuth[User, ...](
    retrieve_user_handler=current_user_from_token,
    token_secret=settings.app.SECRET_KEY,
    default_token_expiration=timedelta(days=7),
    exclude=[
        constants.OPENAPI_SCHEMA,
        constants.HEALTH_ENDPOINT,
        "/login",
        "/signup",
        "/oauth2",
    ],
)

Thanks!

[Benjames01]

what was the solution?

[sorasful]

I made something like this

async def get_current_user_or_none_from_request(request: Request) -> User | None:
    token: str | None = request.cookies.get(auth.key, None)
    current_user = None

    async with alchemy.get_session() as db_session:
        users_service = await anext(provide_users_service(db_session))

    if token:
        token = token.replace("Bearer ", "")
        decoded_token = Token.decode(
            encoded_token=token,
            secret=settings.app.SECRET_KEY,
            algorithm="HS256",
        )

        current_user = await users_service.get_one(email=decoded_token.sub)

    return current_user

[Benjames01]

thank you