class litestar.middleware.authentication.AbstractAuthenticationMiddleware#

Bases: ABC

Abstract AuthenticationMiddleware that allows users to create their own AuthenticationMiddleware by extending it and overriding AbstractAuthenticationMiddleware.authenticate_request().

__init__(app: ASGIApp, exclude: str | list[str] | None = None, exclude_from_auth_key: str = 'exclude_from_auth', exclude_http_methods: Sequence[Method] | None = None, scopes: Scopes | None = None) None#

Initialize AbstractAuthenticationMiddleware.

  • app – An ASGIApp, this value is the next ASGI handler to call in the middleware stack.

  • exclude – A pattern or list of patterns to skip in the authentication middleware.

  • exclude_from_auth_key – An identifier to use on routes to disable authentication for a particular route.

  • exclude_http_methods – A sequence of http methods that do not require authentication.

  • scopes – ASGI scopes processed by the authentication middleware.

async __call__(scope: Scope, receive: Receive, send: Send) None#

ASGI callable.

  • scope – The ASGI connection scope.

  • receive – The ASGI receive function.

  • send – The ASGI send function.



abstract async authenticate_request(connection: ASGIConnection) AuthenticationResult#

Receive the http connection and return an AuthenticationResult.


  • This method must be overridden by subclasses.


connection – An ASGIConnection instance.


NotAuthorizedException | PermissionDeniedException – if authentication fails.


An instance of AuthenticationResult.

class litestar.middleware.authentication.AuthenticationResult#

Bases: object

Dataclass for authentication result.

user: Any#

The user model, this can be any value corresponding to a user of the API.

auth: Any#

The auth value, this can for example be a JWT token.

__init__(user: Any, auth: Any) None#