A simple FastAPI auth module with signup/signin routes
Project description
FastAPI Bearer Auth
A simple FastAPI auth module implementing OAuth2 with Password (and hashing), Bearer with JWT tokens, including user signup, signin routes.
Installing
Works on python3.6+
pip install fastapi-bearer-auth
Example of using
#!/usr/bin/env python
# coding: utf-8
# yc@2020/08/27
from pydantic import BaseModel
from fastapi import FastAPI, Depends
import fastapi_bearer_auth as fba
class UserOut(BaseModel):
username: str
app = FastAPI(title='Test App')
# simple in-memory db
users = {}
# Two required handler: handle_get_user_by_name and handle_create_user
@fba.handle_get_user_by_name
async def get_user_by_name(name):
return users.get(name)
@fba.handle_create_user
async def create_user(username, password):
if await get_user_by_name(username):
raise ValueError('Username {} exists'.format(username))
user = {
'username': username,
'password': await fba.call_config('get_password_hash', password),
}
users[username] = user
return user
# Three router depends available: fba.signup, fba.signin and fba.get_current_user
# fba.signup resolve to User object
@app.post('/user/signup', response_model=UserOut)
async def signup(user=Depends(fba.signup)):
return user
# fba.signin resolve to {user: <user_object>, token: {token_type, access_token}}
@app.post('/user/signin')
async def signin(ret=Depends(fba.signin)):
return ret['token']
# fba.get_current_user resolve to User object or a HTTP 401 response
@app.get('/user/me', response_model=UserOut)
async def me(user=Depends(fba.get_current_user)):
return user
Now head to http://127.0.0.1:8000/docs to test the API. Note the me
route, using fba.get_current_user
dependency to restrict resource for authenticated user.
There's a simple command to achive this without writing any code:
uvicorn fastapi_bearer_auth.test:app
Customize
In addition to get_user_by_name(name)
and create_user(username, password)
, there're other functions can be override (with handle_
prefix):
authenticate(username, password)
verify_password(plain_password, hashed_password)
get_password_hash(password)
You can call all those functions with fba.call_config(name, *args, **kwargs)
.
Also some params:
ACCESS_TOKEN_EXPIRE_MINUTES
ALGORITHM
SECRET_KEY
Use something like fba.set_config({'SECRET_KEY': 'xxx', ...})
to change it.
The default tokenUrl for openapi docs is user/signin
, you can override this by setting env var TOKEN_URL
.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for fastapi_bearer_auth-0.1.3.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0dbf2b359af55e18d1214fed2ec8681fe0d9dc4b210080ad6379e7a886aed24c |
|
MD5 | b9580f394251af55bd57d9e23c77ca87 |
|
BLAKE2b-256 | 1adf19129cf832c4d4b4ef2f6319a3f32c4a4d0e4801f72ddffeb3eecc1782ec |
Hashes for fastapi_bearer_auth-0.1.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 0f4023402821d8a68a6770c6b058e30910dff8785e50daec2e40c0c5aa89bedb |
|
MD5 | 872644066e5cd8945e341155b8c7e669 |
|
BLAKE2b-256 | 30fee02a36a9d66103d393abdb2446fb3aa97df23da99005fe96e2d2a69b0557 |