{"id":13424592,"url":"https://github.com/mrtolkien/fastapi_simple_security","last_synced_at":"2025-03-15T18:35:28.467Z","repository":{"id":45542625,"uuid":"290704924","full_name":"mrtolkien/fastapi_simple_security","owner":"mrtolkien","description":"Drop-in API-key based security for FastAPI","archived":false,"fork":false,"pushed_at":"2023-12-19T20:22:23.000Z","size":353,"stargazers_count":302,"open_issues_count":1,"forks_count":34,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-04-27T02:43:36.474Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrtolkien.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2020-08-27T07:16:16.000Z","updated_at":"2024-04-26T14:01:41.000Z","dependencies_parsed_at":"2024-01-03T02:29:58.933Z","dependency_job_id":"ec178122-0bef-406e-83dd-0f64aef1f0dd","html_url":"https://github.com/mrtolkien/fastapi_simple_security","commit_stats":{"total_commits":56,"total_committers":5,"mean_commits":11.2,"dds":0.1964285714285714,"last_synced_commit":"628f00f938cd692f0ebc9aa756875cc733e96a61"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtolkien%2Ffastapi_simple_security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtolkien%2Ffastapi_simple_security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtolkien%2Ffastapi_simple_security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrtolkien%2Ffastapi_simple_security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrtolkien","download_url":"https://codeload.github.com/mrtolkien/fastapi_simple_security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243775882,"owners_count":20346281,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T00:00:56.743Z","updated_at":"2025-03-15T18:35:23.453Z","avatar_url":"https://github.com/mrtolkien.png","language":"Python","readme":"# FastAPI simple security\n\n[![codecov](https://codecov.io/github/mrtolkien/fastapi_simple_security/branch/master/graph/badge.svg?token=8VIKJ9J3XF)](https://codecov.io/github/mrtolkien/fastapi_simple_security)\n[![Python Tests](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/pr_python_tests.yml/badge.svg)](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/pr_python_tests.yml)\n[![Linting](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/push_linting.yml/badge.svg)](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/push_linting.yml)\n\n[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)\n[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)\n[![pre-commit enabled][pre-commit badge]][pre-commit project]\n[![Conventional Commits](https://img.shields.io/badge/Conventional%20Commits-1.0.0-%23FE5196?logo=conventionalcommits\u0026logoColor=white)](https://conventionalcommits.org)\n\n[pre-commit badge]: \u003chttps://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit\u0026logoColor=white\u003e\n[pre-commit project]: \u003chttps://pre-commit.com/\u003e\n\nAPI key based security package for FastAPI, focused on simplicity of use:\n\n- Full functionality out of the box, no configuration required\n- API key security with local `sqlite` backend, working with both header and query parameters\n- Default 15 days deprecation for generated API keys\n- Key creation, revocation, renewing, and usage logs handled through administrator endpoints\n- No dependencies, only requiring `FastAPI` and the python standard library\n\nThis module cannot be used for any kind of distributed deployment. It's goal is to help have some basic security features\nfor simple one-server API deployments, mostly during development.\n\n## Installation\n\n`pip install fastapi_simple_security`\n\n### Usage\n\n### Creating an application\n\n```python\nfrom fastapi_simple_security import api_key_router, api_key_security\nfrom fastapi import Depends, FastAPI\n\napp = FastAPI()\n\napp.include_router(api_key_router, prefix=\"/auth\", tags=[\"_auth\"])\n\n@app.get(\"/secure\", dependencies=[Depends(api_key_security)])\nasync def secure_endpoint():\n    return {\"message\": \"This is a secure endpoint\"}\n```\n\nResulting app is:\n\n![app](images/auth_endpoints.png)\n\n### API key creation through docs\n\nStart your API and check the logs for the automatically generated secret key if you did not provide one through\nenvironment variables.\n\n![secret](images/secret.png)\n\nGo to `/docs` on your API and inform this secret key in the `Authorize/Secret header` box.\nAll the administrator endpoints only support header security to make sure the secret key is not inadvertently\nshared when sharing an URL.\n\n![secret_header](images/secret_header.png)\n\nThen, you can use `/auth/new` to generate a new API key.\n\n![api key](images/new_api_key.png)\n\nAnd finally, you can use this API key to access the secure endpoint.\n\n![secure endpoint](images/secure_endpoint.png)\n\n### API key creation in python\n\nYou can of course automate API key acquisition through python with `requests` and directly querying the endpoints.\n\nIf you do so, you can hide the endpoints from your API documentation with the environment variable\n`FASTAPI_SIMPLE_SECURITY_HIDE_DOCS`.\n\n## Configuration\n\nEnvironment variables:\n\n- `FASTAPI_SIMPLE_SECURITY_SECRET`: Secret administrator key\n\n  - Generated automatically on server startup if not provided\n  - Allows generation of new API keys, revoking of existing ones, and API key usage view\n  - It being compromised compromises the security of the API\n\n- `FASTAPI_SIMPLE_SECURITY_HIDE_DOCS`: Whether or not to hide the API key related endpoints from the documentation\n- `FASTAPI_SIMPLE_SECURITY_DB_LOCATION`: Location of the local sqlite database file\n  - `sqlite.db` in the running directory by default\n  - When running the app inside Docker, use a bind mount for persistence\n- `FAST_API_SIMPLE_SECURITY_AUTOMATIC_EXPIRATION`: Duration, in days, until an API key is deemed expired\n  - 15 days by default\n\n## Contributing\n\n### Setting up python environment\n\n```shell script\npoetry install\npoetry shell\n```\n\n### Setting up pre-commit hooks\n\n```shell script\npre-commit install\n```\n\n### Running tests\n\n```shell script\npytest\n```\n\n### Running the dev environment\n\nThe attached docker image runs a test app on `localhost:8080` with secret key `TEST_SECRET`. Run it with:\n\n```shell script\ndocker-compose build \u0026\u0026 docker-compose up\n```\n\n## Needed contributions\n\n- More options with sensible defaults\n- Logging per API key?\n- More back-end options for API key storage?\n","funding_links":[],"categories":["Third-Party Extensions"],"sub_categories":["Auth"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrtolkien%2Ffastapi_simple_security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrtolkien%2Ffastapi_simple_security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrtolkien%2Ffastapi_simple_security/lists"}