== How to fix it in FastAPI

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,python,diff-id=11,diff-type=noncompliant]
----
from fastapi import APIRouter
from fastapi.responses import Response, RedirectResponse
from fastapi.requests import Request

router = APIRouter()

@router.get('/check-cookie')
async def check_cookie(request: Request, response: Response, cookie: str | None = None):
    if "session" not in request.cookies.keys():
        response.set_cookie("session", cookie)  # Noncompliant
----

==== Compliant solution

[source,python,diff-id=11,diff-type=compliant]
----
from fastapi import APIRouter
from fastapi.responses import Response, RedirectResponse
from fastapi.requests import Request

router = APIRouter()

@router.get('/check-cookie')
async def check_cookie(request: Request):
    if "session" not in request.cookies.keys():
        return RedirectResponse("/getcookie")
----

include::../../common/fix/how-does-this-work.adoc[]