{"id":20100868,"url":"https://github.com/nneji123/fastapi_auth","last_synced_at":"2025-05-06T06:32:39.585Z","repository":{"id":62358319,"uuid":"559848911","full_name":"Nneji123/fastapi_auth","owner":"Nneji123","description":"API key based Authentication package for FastAPI, focused on simplicity and ease of use","archived":false,"fork":false,"pushed_at":"2022-11-03T10:18:30.000Z","size":581,"stargazers_count":10,"open_issues_count":2,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-04T21:57:10.767Z","etag":null,"topics":["api","authentication","database","fastapi","postgres","pypi-package","sqlite3"],"latest_commit_sha":null,"homepage":"https://nneji123.github.io/fastapi_auth/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Nneji123.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-10-31T08:17:01.000Z","updated_at":"2024-09-30T01:24:16.000Z","dependencies_parsed_at":"2022-10-31T12:31:36.058Z","dependency_job_id":null,"html_url":"https://github.com/Nneji123/fastapi_auth","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nneji123%2Ffastapi_auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nneji123%2Ffastapi_auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nneji123%2Ffastapi_auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Nneji123%2Ffastapi_auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Nneji123","download_url":"https://codeload.github.com/Nneji123/fastapi_auth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252633778,"owners_count":21779920,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","authentication","database","fastapi","postgres","pypi-package","sqlite3"],"created_at":"2024-11-13T17:21:53.250Z","updated_at":"2025-05-06T06:32:39.308Z","avatar_url":"https://github.com/Nneji123.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# fastapi_auth2\n\n\n\n[![Pypi](https://img.shields.io/pypi/v/fastapi_auth2.svg)](https://pypi.org/project/fastapi_auth2/)\n[![PyPI - Python](https://img.shields.io/badge/python-3.6%20|%203.7%20|%203.8-blue.svg)](https://pypi.org/project/fastapi_auth2/)\n[![codecov](https://codecov.io/github/mrtolkien/fastapi_simple_security/branch/master/graph/badge.svg?token=8VIKJ9J3XF)](https://codecov.io/github/mrtolkien/fastapi_simple_security)\n[![Python Tests](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/pr_python_tests.yml/badge.svg)](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/pr_python_tests.yml)\n[![Linting](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/push_sanity_check.yml/badge.svg)](https://github.com/mrtolkien/fastapi_simple_security/actions/workflows/push_sanity_check.yml)\n[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)\n[![docs](https://github.com/Nneji123/fastapi_auth/actions/workflows/publish-docs.yml/badge.svg)](https://github.com/Nneji123/fastapi_auth/actions/workflows/publish-docs.yml)\n[![publish-pypi](https://github.com/Nneji123/fastapi_auth/actions/workflows/publish-pypi.yml/badge.svg)](https://github.com/Nneji123/fastapi_auth/actions/workflows/publish-pypi.yml)\n[![Downloads](https://pepy.tech/badge/fastapi-auth2)](https://pepy.tech/project/fastapi-auth2)\n[![Downloads](https://pepy.tech/badge/fastapi-auth2/month)](https://pepy.tech/project/fastapi-auth2)\n\n\nAPI key based Authentication package for FastAPI, focused on simplicity and ease of use:\n\n- Full functionality out of the box, no configuration required\n- API key security with local `sqlite` or `postgres` database backend, working with both header and query parameters\n- Default 15 days deprecation for generated API keys\n- Key creation, revocation, renewing, and usage logs handled through administrator endpoints\n- Username, Email address and password(hashing + salting) verification features.\n- Lightweight, minimal dependencies required.\n\n## Updates\n1. Added **partial** support for mongodb database backend.\n2. Added support for environment variables through .env files.\n3. Added `example.env` file to show how to use environment variables.\n4. Updated `README.md` to reflect changes.\n5. Updated documentation to reflect changes.\n6. Working on adding support for `mysql` database backend.\n\n## Installation\n\n`pip install fastapi_auth2`\n\n## Usage\n\n### Creating an application\n\n```python\nfrom fastapi import Depends, FastAPI\nfrom fastapi_auth import api_key_router, api_key_security\n\n\napp = FastAPI(\n    description=\"FastAPI Auth is a package that provides authentication based API security with FastAPI and Postgres Database, SQLite Database or MongoDB Database\",\n    title=\"FastAPI Auth Example\",  \n    version=1.0,\n)\n\n\napp.include_router(api_key_router, prefix=\"/auth\", tags=[\"_auth\"])\n\n@app.get(\"/unsecure\")\nasync def unsecure_endpoint():\n    return {\"message\": \"This is a unsecure endpoint\"}\n\n@app.get(\"/secure\", dependencies=[Depends(api_key_security)])\nasync def secure_endpoint():\n    return {\"message\": \"This is a secure endpoint\"}\n```\n\nResulting app is:\n\n![app](images/auth_endpoints.png)\n\n### API key creation through docs\n\nStart your API and check the logs for the automatically generated secret key if you did not provide one through\nenvironment variables.\n\n![secret](images/secret.png)\n\nGo to `/docs` on your API and inform this secret key in the `Authorize/Secret header` box.\nAll the administrator endpoints only support header security to make sure the secret key is not inadvertently\nshared when sharing an URL.\n\n![secret_header](images/secret_header.png)\n\nThen, you can use `/auth/new` to generate a new API key.\n\n![api key](images/new_api_key.png)\n\nAnd finally, you can use this API key to access the secure endpoint.\n\n![secure endpoint](images/secure_endpoint.png)\n\n\n### API key creation in python\n\nYou can of course automate API key acquisition through python with `requests` and directly querying the endpoints.\n\nIf you do so, you can hide the endpoints from your API documentation with the environment variable\n`FASTAPI_AUTH_HIDE_DOCS`.\n\n## Configuration\n\nEnvironment variables:\n\n- `FASTAPI_AUTH_SECRET`: Secret administrator key\n\n    - Generated automatically on server startup if not provided\n    - Allows generation of new API keys, revoking of existing ones, and API key usage view\n    - It being compromised compromises the security of the API\n\n- `FASTAPI_AUTH_HIDE_DOCS`: Whether or not to hide the API key related endpoints from the documentation\n- `FASTAPI_AUTH_DB_LOCATION`: Location of the local sqlite database file\n    - `sqlite.db` in the running directory by default\n    - When running the app inside Docker, use a bind mount for persistence\n- `FASTAPI_AUTH_AUTOMATIC_EXPIRATION`: Duration, in days, until an API key is deemed expired\n    - 15 days by default\n- `DATABASE_MODE`: If set to `postgres`, the package will use a postgres database instead of sqlite\n- `URI`: Location of the postgres database\n    - `postgresql://postgres:postgres@localhost:5432/postgres` by default\n    - Only used if `DEV_MODE` is set to `False`\n\n## Contributing\nSee `CONTIBUTING.md` for more information.\n### Setting up python environment\n\n```bash\npoetry install\npoetry shell\n```\n\n### Setting up pre-commit hooks\n\n```bash\npre-commit install\n```\n\n### Running tests\n\n```bash\npytest\n```\n\n### Running the dev environment\n\nThe attached docker image runs a test app on `localhost:8080` with secret key `TEST_SECRET`. Run it with:\n\n```bash\ndocker-compose build \u0026\u0026 docker-compose up\n```\n\n## TODO\n- Add more tests\n- Add more database backends\n- Add more authentication methods\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnneji123%2Ffastapi_auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnneji123%2Ffastapi_auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnneji123%2Ffastapi_auth/lists"}