-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permissions decorator running after pydantic validation #111
Comments
Can you write a detailed example? https://github.com/luolingchun/flask-api-demo/blob/master/src/app/api/user.py#L54 https://github.com/luolingchun/flask-api-demo/blob/master/src/app/api/admin.py#L31 https://github.com/luolingchun/flask-api-demo/blob/master/src/app/utils/jwt_tools.py#L52 By the way, Here is the help documentation: https://luolingchun.github.io/flask-openapi3/v2.x/Usage/Request/ |
Here's a unit test MWE: (This setup works with
|
I compared
|
Thanks for your reply, I see your point here. I did a bit more testing and noticed that if I remove the |
I'm looking into migrating from
flask-pydantic
toflask-openapi3
, but one problem I'm having is around the authentication decorators we currently use. When usingflask-openapi3
pydantic validation is taking place before the auth checks.So when making an unauthenticated request I receive a
422 Unprocessable Entity
response rather than401 Unauthorized
. If the request body is valid, the 401 response is returned, but an invalid request body yields a 422.Is this expected behaviour?
example:
Environment:
The text was updated successfully, but these errors were encountered: