Summary

Currently in the JWT docs there are a few references regarding how to access the 'User' object during and after being authenticated. These boil down to:

a) queried using the token
b) directly from the request (which can be easily assumed to be attached via retrieve_user_handler prior to going to the api path)

However there are other instances where user details need to be extracted from the connection object (such as in role-based guards).

def admin_guard(connection: ASGIConnection, _: BaseRouteHandler) -> None:
    if not connection.user.is_admin:
        raies NotAuthorizedException()

A gap in knowledge between the page on JWTs and guards is that it's not made entirely clear how user gets attached to connection. I would like to suggest that an example guard is added to the JWT docs with a comment explaining that the Auth object automatically attaches it for you based on the object returned from retrieve_user_handler.

It also isn't made abundantly clear that the TypeVar provided to the Auth object directly corresponds to the retrieve_user_handler. For a little while, I was actually setting the TypeVar based on my login response and wondering why it wasn't working. A silly mistake in hindsight, but I believe a simple comment could have saved me from it!