A simple FastAPI auth module with signup/signin routes
Project description
FastAPI Bearer Auth
A simple FastAPI auth module implementing OAuth2 with Password (and hashing), Bearer with JWT tokens, including user signup, signin routes.
Installing
Works on python3.6+
pip install fastapi-bearer-auth
Example of using
from fastapi import FastAPI, Depends
import fastapi_bearer_auth as fba
app = FastAPI(title='Test App')
app.include_router(fba.user_router, prefix='/user', tags=['User'])
# simple in-memory db
users = {}
@fba.handle_get_user_by_name
async def get_user_by_name(name):
return users.get(name)
@fba.handle_create_user
async def create_user(username, password):
if await get_user_by_name(username):
raise ValueError('Username {} exists'.format(username))
user = {
'username': username,
'password': await fba.call_config('get_password_hash', password),
}
users[username] = user
return user
@app.get('/test')
async def test(user: dict = Depends(fba.get_current_user)):
return user
Now head to http://127.0.0.1:8000/docs to test the API. Note the test
route, using fba.get_current_user
dependency to restrict resource for authenticated user.
There's a simple command to achive this without writing any code:
uvicorn fastapi_bearer_auth.test:app
Customize
In addition to get_user_by_name(name)
and create_user(username, password)
, there're other functions can be override (with handle_
prefix):
authenticate(username, password)
verify_password(plain_password, hashed_password)
get_password_hash(password)
You can call all those functions with fba.call_config(name, *args, **kwargs)
.
Also some params:
ACCESS_TOKEN_EXPIRE_MINUTES
ALGORITHM
SECRET_KEY
Use something like fba.set_config({'SECRET_KEY': 'xxx', ...})
to change it.
The default tokenUrl for openapi docs is user/signin
, you can override this by setting env var TOKEN_URL
.
Events
To get notified before or after user signuped:
@fba.on_event('before_user_signup')
def before_user_signup(request, username, password):
print('user signed-up')
@fba.on_event('after_user_signup')
def after_user_signup(request, user):
print('user signed-up')
Complete list of events and their params:
before_user_signup(request, username, password)
after_user_signup(request, user)
before_user_signin(request, username, password)
after_user_signin(request, user)
To abort the request (stop signup/signin), raise a ValueError
in your event handler, like:
@fba.on_event('before_user_signin')
def before_user_signin(request, a, b):
if request.client.host != '127.0.0.1':
raise ValueError('restrict!')
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for fastapi_bearer_auth-0.1.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 54c30f1a6138660cfd2b6b0ccdf86931522bebee4fea61565ad1f6c1f82c924f |
|
MD5 | 79bbfe3dae4e78364952d645a9d25043 |
|
BLAKE2b-256 | 7122143263cb1cade694fc3d6410bed16a255fecdf9ca49598f096bdddf718f7 |
Hashes for fastapi_bearer_auth-0.1.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | ef4036f36b3ced6b04f36827554dd195843bc07d576e4d0f7cb767e3e5f5a061 |
|
MD5 | e96c715b2fea74aea5f91c889224abee |
|
BLAKE2b-256 | 95afde21fafcaa906931f87962b4951ade77802aa86b3f688e6a231ec515b056 |