Skip to content

SPECTERBLUE/test_auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.env
.env
 
 
README.md
README.md
 
 
auth.py
auth.py
 
 
database.py
database.py
 
 
main.py
main.py
 
 
models.py
models.py
 
 
requirements.txt
requirements.txt
 
 
schemas.py
schemas.py
 
 
test_db.py
test_db.py
 
 

Repository files navigation

FastAPI JWT Authentication Example

This project is a barebones user authentication API built with FastAPI, PostgreSQL, and JWT tokens for secure authentication. It includes user registration, login, identity updates, and token validation. The API is documented using Swagger UI and can be easily extended.

✅ Features

  • User registration with email and password
  • Password hashing for secure storage
  • JWT-based authentication and authorization
  • User identity and password update endpoints
  • Token validation dependency for protecting other APIs
  • Interactive API documentation with Swagger UI
  • Built using Python 3.10.12 and PostgreSQL

📂 Project Structure


test\_auth/
├── .env                 # Environment variables file
├── .venv                # Python virtual environment
├── auth.py              # Authentication logic and JWT utilities
├── database.py          # Database connection setup using SQLAlchemy
├── main.py              # FastAPI application entry point
├── models.py            # Database models
├── schemas.py           # Pydantic request/response schemas
├── requirements.txt     # Python dependencies
├── README.md            # This file

✅ Requirements

  • Python 3.10.12
  • PostgreSQL
  • Recommended: Use a .env file to store sensitive information like DB connection and JWT secret

Example .env:


DATABASE\_URL=postgresql://user\:password\@localhost/dbname
SECRET\_KEY=your\_secret\_key\_here
ALGORITHM=HS256
ACCESS\_TOKEN\_EXPIRE\_MINUTES=30

🚀 Installation

  1. Clone this repository:

    git clone https://github.com/yourusername/test_auth.git
cd test_auth

2. Create a Python virtual environment and activate it:

   ```bash
   python3.10 -m venv .venv
   source .venv/bin/activate
   ```

3. Install dependencies:

   ```bash
   pip install -r requirements.txt
   ```

4. Create and configure the `.env` file with your database URL and JWT settings.

5. Initialize the database (you can use Alembic or manually create the table using the provided schema).
✅ Manual Database Initialization Steps
1️⃣ Install PostgreSQL

If you don’t have PostgreSQL installed, run:

sudo apt update
sudo apt install postgresql postgresql-contrib


Start the PostgreSQL service:

sudo service postgresql start

2️⃣ Create a Database and User

Switch to the postgres user and open the PostgreSQL prompt:

sudo -u postgres psql


Inside the PostgreSQL prompt, run the following commands:

-- Create a new database
CREATE DATABASE test_auth_db;

-- Create a new user with password
CREATE USER test_auth_user WITH PASSWORD 'your_password_here';

-- Grant privileges to the user on the database
GRANT ALL PRIVILEGES ON DATABASE test_auth_db TO test_auth_user;


Exit the prompt:

\q


Make sure to update your .env file with this information:

DATABASE_URL=postgresql://test_auth_user:your_password_here@localhost/test_auth_db
SECRET_KEY=your_secret_key_here
ALGORITHM=HS256
ACCESS_TOKEN_EXPIRE_MINUTES=30
---

## ✅ Running the Application

Start the FastAPI server using Uvicorn:

```bash
uvicorn main:app --reload
```

You should see:

```
INFO:     Uvicorn running on http://127.0.0.1:8000 (Press CTRL+C to quit)
INFO:     Application startup complete.
```

---

## 📖 API Documentation

Once the server is running, you can view the API documentation at:

* Swagger UI: [http://127.0.0.1:8000/docs](http://127.0.0.1:8000/docs)
* ReDoc: [http://127.0.0.1:8000/redoc](http://127.0.0.1:8000/redoc)

Use the **Authorize** button to authenticate using the JWT token after logging in.

---

## ✅ Available Endpoints

### `/register`

* Register a new user with email and password.

### `/login` or `/token`

* Login with email and password.
* Returns an access token (JWT).

### `/update-identity`

* Update the user's email (requires JWT token).

### `/update-secret`

* Update the user's password (requires JWT token).

### Protected Endpoints

* Include the `Authorization: Bearer <token>` header.
* Use the `oauth2_scheme` dependency for token validation.

---

## 📦 Dependencies

* `fastapi`
* `uvicorn`
* `pydantic`
* `python-jose[cryptography]`
* `passlib[bcrypt]`
* `email-validator`
* `SQLAlchemy`
* `psycopg2-binary`
* `python-dotenv`

---

## 🔑 Notes

* Passwords are hashed using `bcrypt`.
* JWT tokens are signed with a secret key from the environment.
* The `email-validator` package is required to ensure email fields are correctly formatted.
* Use the `.env` file to configure your application without hardcoding sensitive data.

---

## 📂 Next Steps

* Add proper error handling and logging
* Implement refresh tokens
* Extend user roles and permissions
* Deploy using Docker or cloud platforms
* Secure API with HTTPS and proper CORS settings

---

## 📬 Contact

For any issues or contributions, please open an issue or submit a pull request.

Happy coding! 🚀✨

```

---

Let me know if you want this README file to include setup commands, deployment steps, or additional explanations about JWT workflows!
```

About

auth/jwt/downlink

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages