NEW: Fenrir v1.2.2 is now available — Logo & Favicon Patch! Read the changelog
authentication-security.md
docs authentication-security.md

Authentication & Security

API Key Authentication

1
2
3
4
5
6
7
8
9
from fenrir import APIKeyHeader, HTTPException

api_key_auth = APIKeyHeader(name="X-API-Key")

@app.get("/protected")
async def protected_endpoint(api_key: str = Depends(api_key_auth)):
    if api_key != "your-secret-key":
        raise HTTPUnauthorized()
    return {"message": "Access granted"}

Bearer Token Authentication

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
from fenrir import HTTPBearer

bearer = HTTPBearer()

@app.get("/secure")
async def secure_endpoint(credentials = Depends(bearer)):
    token = credentials.credentials
    # Validate token
    if not validate_token(token):
        raise HTTPUnauthorized()
    return {"message": "Authenticated"}

Basic Authentication

1
2
3
4
5
6
7
8
9
from fenrir import HTTPBasic

basic_auth = HTTPBasic()

@app.get("/basic")
async def basic_protected(credentials = Depends(basic_auth)):
    if credentials.username != "admin" or credentials.password != "password":
        raise HTTPUnauthorized()
    return {"message": f"Hello {credentials.username}"}

OAuth2 Password Flow

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
from fenrir import OAuth2PasswordBearer, HTTPException

oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")

@app.post("/token")
async def login(username: str, password: str):
    # Validate credentials
    if username != "user" or password != "pass":
        raise HTTPException(status_code=401, detail="Invalid credentials")
    return {"access_token": "token123", "token_type": "bearer"}

@app.get("/me")
async def read_users_me(token: str = Depends(oauth2_scheme)):
    return {"username": "user"}
Next
Blueprints Organization
Edit on GitHub Last Updated: Jun 04, 2026
© 2026 Fenrir Project.
main*
v1.2.2
Ln 1, Col 1
UTF-8
Prettier
Light Mode
Markdown