Add fastapi-shield. #213
#214
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi
Thank you for maintaining this list.
I would like to introduce
fastapi-shield.Proposal: Add
fastapi-shieldto the 'Third-Party Extensions / Auth' sectionI propose adding the library
fastapi-shieldto the "Third-Party Extensions" section, specifically under a relevant category like "Auth" or "Utils," as it significantly enhances request pre-processing and authorization patterns in FastAPI.Project Details
Project Name:
fastapi-shieldRepository Link: https://github.com/jymchng/fastapi-shield
Description: A library that introduces the "Shield" pattern, allowing for clean, layered dependency-based request guarding (like permissions, rate limits, or auth checks) before endpoints are executed.
Key Advantages for FastAPI Users
fastapi-shieldprovides a clear and powerful way to separate authorization and utility logic from endpoint business logic, offering three main advantages:Truly Reusable Decorators: It allows complex dependency injection logic to be encapsulated into simple, declarative decorators (
@shield) that can be applied to any endpoint or router. This abstracts away repetitive authorization checks, making endpoint code cleaner.Clear Separation of Concerns: By moving the authorization/guarding logic entirely into the
@shielddecorated function and out of the endpoint function, it strictly separates request handling from business execution. This drastically improves endpoint readability and unit testability.Lazy Injection of Dependencies: A core feature is that the dependencies required by the endpoint's business logic are only injected if and only if all applied shields (i.e., decorators) do not block the request. If a shield fails (e.g., permission denied), the dependency chain for the endpoint is immediately terminated, improving efficiency and resource usage.
We believe this pattern is a valuable addition to the FastAPI ecosystem, particularly for complex, permission-driven applications.
Thank you for considering the inclusion!