Check Cookie in FastAPI Backend
Hi all,
I have a Nuxt3 Frontend and use Self Hosted Appwrite in the Backend. I created a FastAPI Backend with Celery to cut videos from the Appwrite Storage with FFmpeg. Everything works but right now the FastAPI is a open door π Is there a way to use the Session Cookie from Nuxt3 Client Side to validate the User Request against FastAPI? Didn't find any SDK function for Python Server Side to validation Cookie sessions.
Thanks a lot π
This is an Appwrite cookie?
yes
you'd have to manually make the get account API call, then
I'm logged in in my VueJS application and want to trigger a REST API which does some stuff and to control access via Appwrite Auth. So my idea was to send the Appwrite cookie I have already with my API Call against the REST API. Does this make sense?
You should probably call getJWT from wherever you're logged in, and use that. I guess you could technically use the cookie, but then you'd only have client side access.
I think
You'd still only have client side access with a JWT π§
Sure and to validate the cookie, you need to make an API call with it like a get account API call .
Oh - Iβve never used the JWT flow, but I guess that makes sense. Yeah, so youβd need to use the cookie/JWT to call getAccount() to check that itβs valid, then go ahead with an API key
Thoughts on a server side validateJWT(), or something? Or the ability to assume a user identity, whilst still having access to server-side functions
Server side you would call setJwt() to take actions on behalf of the user like calling account.get() to validate the JWT.
I was thinking of a one-step function you could just use to get the validity of a JWT and user details, instead of assuming the identity and then checking you have a valid session
One step makes it less flexible. The setJWT pattern matches setKey
Iβm not suggesting replacing setJWT() - Iβm suggesting a new function that would just validate a JWT and get data about that JWT.
