Nexios

Appearance

Nexios Framework: OpenAPI Authentication Guide ​

Nexios supports OpenAPI authentication, which allows you to secure your API endpoints with JSON Web Tokens (JWT) or other authentication mechanisms. Here's how you can set up OpenAPI authentication in your Nexios application

🎨 basic setup ​

By default already provide bearerAuth in OpenAPI documentation .

python
from nexios import NexiosApp
app = NexiosApp()

@app.get("/", security=[{"bearerAuth": []}])
async def get_root(req, res):
    return {"message": "Hello, world!"}

πŸ‘₯ Adding Multi Security Schemes ​

python
from nexios import NexiosApp
app = NexiosApp()

@app.get("/", security=[{"bearerAuth": []}, {"apiKey": []}])
async def get_root(req, res):
    return {"message": "Hello, world!"}

⚠️ Warning

You most register security scheme before using it.

πŸ“„ Registering Security Schemes ​

πŸ’‘Tip

You can also access the openapi config from app.docs.cofig object.

python
from nexios.openapi.models import  APIKey

openapi_config.add_security_scheme(
    "apiKeyAuth",
    APIKey(
    name="X-API-KEY",
    **{
        "in": "header",
        "description": "My API key",
        "type": "apiKey"
    }
)
)

⚠️ Warning

Note : The dict used indead of passing the argugument directly. because in is a reserved keyword in python.

πŸ”‘ Authentication Types ​

πŸ›‘οΈ JWT Bearer Authentication The most common method for modern APIs. Clients include a token in the Authorization header.

python
app.docs.config.add_security_scheme(
    "jwtAuth",  # Unique identifier
    HTTPBearer(
        type="http",
        scheme="bearer",
        bearerFormat="JWT",
        description="πŸ”’ Requires valid JWT token in Authorization header"
    )
)

πŸ”‘ API Key Authentication ​

For simpler authentication needs, using keys in headers, queries, or cookies.

python
app.docs.config.add_security_scheme(
    "apiKeyAuth",
    APIKey(
        name="X-API-KEY",  # Header/parameter name
        **{
            "in": "header",  # Can be "header", "query", or "cookie"
            "description": "πŸ”‘ Access with your API key"
        }
    )
)

πŸ”„ OAuth2 Authentication ​

py
app.docs.config.add_security_scheme(
    "oauth2",
    OAuth2(
        flows=OAuthFlows(
            password=OAuthFlowPassword(
                tokenUrl="/auth/token",
                scopes={
                    "read": "πŸ“– Read access",
                    "write": "✏️ Write access",
                    "admin": "πŸ‘‘ Admin privileges"
                }
            )
        ),
        description="πŸ”„ OAuth2 password flow authentication"
    )
)

πŸ”„ OAuth2 Scoped Routes ​

Require specific permissions:

python
from nexios import NexiosApp
app = NexiosApp()

@app.get("/", security=[{"oauth2": ["read"]}])
async def get_root(req, res):
    return {"message": "Hello, world!"}