Building on my previous tutorial, I have now implemented a toy FastAPI application which requires authentication based on query parameters.
In this simple example /protected/0 does not require authentication, while /protected/1 gives permissions denied.
Once the users logs in successfully via Github using /auth/login and is member of the right Github organization, they can now access also the /protected/1 endpoint.