Highly-customizable and ready-to-use session authentication for FastAPI applications
Source Code: https://github.com/deepmancer/fastapi-auth-jwt
- 🚀 Effortless Integration: Seamlessly add JWT authentication to your FastAPI application with just a few lines of code.
- 🛠️ Highly Customizable: Tailor the authentication process to fit your specific needs, including custom user models and storage options.
- 🔄 Sync and Async Support: Works out of the box with both synchronous and asynchronous FastAPI applications.
- 💾 Flexible Token Storage: Supports in-memory token storage for simple applications and Redis for real-world, distributed backends.
To install the basic package:
pip install fastapi-auth-jwt
If you want to use Redis for token storage, install the package with Redis support:
pip install fastapi-auth-jwt[redis]
- 🧑💻 Define Your User Schema: Create a Pydantic model representing the user.
from pydantic import BaseModel, Field
class User(BaseModel):
username: str
password: str
token: Optional[str] = Field(None)
- ⚙️ Configure Authentication Settings: Set up your authentication configuration.
from pydantic import BaseModel
class AuthenticationSettings(BaseModel):
secret: str = "your-secret-key"
jwt_algorithm: str = "HS256"
expiration_seconds: int = 3600 # 1 hour
- 🔧 Initialize the Authentication Backend: Create an instance of the
JWTAuthBackend
.
from fastapi_auth_jwt import JWTAuthBackend
auth_backend = JWTAuthBackend(
authentication_config=AuthenticationSettings(),
user_schema=User
)
- 🔌 Add Middleware to Your FastAPI Application:
from fastapi import FastAPI
from fastapi_auth_jwt import JWTAuthenticationMiddleware
app = FastAPI()
app.add_middleware(
JWTAuthenticationMiddleware,
backend=auth_backend,
exclude_urls=["/sign-up", "/login"],
)
- 📚 Create Routes:
@app.post("/sign-up")
async def sign_up(request_data: RegisterSchema):
return {"message": "User created"}
@app.post("/login")
async def login(request_data: LoginSchema):
token = await auth_backend.create_token(
username=request_data.username,
password=request_data.password,
)
return {"token": token}
@app.get("/profile-info")
async def get_profile_info(request: Request):
user: User = request.state.user
return {"username": user.username}
@app.post("/logout")
async def logout(request: Request):
user: User = request.state.user
await auth_backend.invalidate_token(user.token)
return {"message": "Logged out"}
To enable Redis as the storage backend:
from fastapi_auth_jwt import RedisConfig, JWTAuthBackend
redis_config = RedisConfig(
host="localhost",
port=6379,
db=0,
)
auth_backend_redis = JWTAuthBackend(
authentication_config=AuthenticationSettings(),
user_schema=User,
storage_config=redis_config,
)
app.add_middleware(
JWTAuthenticationMiddleware,
backend=auth_backend_redis,
exclude_urls=["/sign-up", "/login"],
)
- 🛡️
secret
(str): Secret key for signing JWT tokens. - 🧮
jwt_algorithm
(str): Algorithm used for token encoding (default:HS256
). - ⏲️
expiration_seconds
(int): Token expiration time in seconds (default:3600
).
- 🗄️
storage_type
(StorageTypes): Type of storage backend (MEMORY
orREDIS
).
- 🌐
host
(str): Redis server hostname (default:localhost
). - 🛠️
port
(int): Redis server port (default:6379
). - 🗃️
db
(int): Redis database index (default:0
). - 🔑
password
(Optional[str]): Redis server password (default:None
).
For fully working examples, refer to the examples directory in the repository.
Complete documentation is available in the docs directory.
This project is licensed under the MIT License. See the LICENSE file for details.
For any questions, suggestions, or issues, please feel free to open an issue or reach out via GitHub Issues.
With fastapi-auth-jwt
, adding secure, flexible JWT-based authentication to your FastAPI applications is easier than ever. Get started today and enjoy a streamlined authentication experience!