Consider a FastAPI app with a route protected by OAuth2 password bearer token authentication. What response does the client receive if no token is provided?
from fastapi import FastAPI, Depends, HTTPException, status from fastapi.security import OAuth2PasswordBearer app = FastAPI() oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") @app.get("/protected") async def protected_route(token: str = Depends(oauth2_scheme)): return {"message": "Access granted"}
Think about what happens when the OAuth2PasswordBearer dependency does not find a token.
When no token is provided, OAuth2PasswordBearer raises a 401 Unauthorized error with detail 'Not authenticated'. This prevents access to the protected route.
Given a FastAPI dependency that decodes a JWT token and returns a user dictionary, what is the value of user inside the route after passing a valid token?
from fastapi import FastAPI, Depends, HTTPException from fastapi.security import OAuth2PasswordBearer app = FastAPI() oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token") fake_users_db = {"alice": {"username": "alice", "email": "alice@example.com"}} def get_current_user(token: str = Depends(oauth2_scheme)): # Simulate decoding token to username username = token user = fake_users_db.get(username) if not user: raise HTTPException(status_code=400, detail="Invalid user") return user @app.get("/me") async def read_users_me(user: dict = Depends(get_current_user)): return user
Check what the token string is and how it maps to the fake user database.
The token string is used as the username key to look up the user in fake_users_db. If the token is 'alice', the user dictionary for Alice is returned.
Choose the code snippet that correctly defines a dependency to check for an API key in the header X-API-Key and raises 403 if missing or invalid.
Remember that Header(...) means the header is required. Also check the status code and condition logic.
Option D correctly requires the header, checks if it matches the secret, and raises 403 Forbidden if invalid. Option D misses required header syntax. Option D uses 401 instead of 403 and makes header optional. Option D reverses the condition.
Given this test code for a FastAPI endpoint requiring a token, why does the test fail with status 422 instead of 401?
from fastapi.testclient import TestClient client = TestClient(app) def test_protected_route(): response = client.get("/protected") assert response.status_code == 401
Check how OAuth2PasswordBearer expects the token to be sent in requests.
OAuth2PasswordBearer expects the token in the Authorization header as a Bearer token. If missing, FastAPI raises a 401 error normally, but if the header is missing and the dependency is used incorrectly or the test client does not send the header, it can cause a 422 validation error.
When writing tests for FastAPI authentication, what is the main advantage of using dependency overrides?
Think about how to test routes without relying on real authentication mechanisms.
Dependency overrides let you replace authentication dependencies with mock versions that simulate authenticated users. This makes tests faster and simpler without needing real tokens or external auth services.