Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/ocarinow/fastjwt

FastAPI Plugin for reusable JWT Authentication Management
https://github.com/ocarinow/fastjwt

fastapi jwt jwt-authentication python

Last synced: 10 months ago
JSON representation

FastAPI Plugin for reusable JWT Authentication Management

Awesome Lists containing this project

README 

          
# fastjwt





    

        Supported Python Version

    

    

        Package Version

    

    

        Licence

    

    

        Documentation

    






    

        Build Status

    

    

        Test Status

    

    

        Publish Status

    

    

        Documentation Status

    






    

        Coverage

    

    

        Tests

    

    

        Docstring

    

    

        Flake8

    






    

        Issues

    

    

        Pull Requests

    

    

        Repo Size

    

    

        Downloads

    






    

        Stars

    

    

        Forks

    

    

        Watchers

    




FastJWT is a FastAPI Plugin for reusable JWT Authentication Management. **fastjwt** enables easy JSON Web Tokens management within your FastAPI application.



_fastjwt_ is heavily inspired from its Flask equivalent [Flask-JWT-Extended](https://flask-jwt-extended.readthedocs.io/en/stable/), _special thanks to [@vimalloc](https://github.com/vimalloc) fot the amazing work_.



**Documentation**: [https://ocarinow.github.io/fastjwt/](https://ocarinow.github.io/fastjwt/)



## Features



- [X] Encode/Decode JWT for application Authentication

- [X] Automatic JWT detection in request

  - [X] JWT in Headers

  - [X] JWT in Cookies

  - [X] JWT in Query strings

  - [X] JWT in JSON Body

- [X] Implicit/Explicit token refresh mechanism

- [X] Freshness state of token

- [X] Route protection

  - [X] Token type based protection _(access/refresh)_

  - [X] Token freshness protection

  - [X] Partial route protection

- [X] Handle custom user logic for revoked token validation

- [X] Handle custom logic for token recipient retrieval _(ORM, pydantic serialization...)_

- [X] Provide FastAPI compliant dependency injection API

- [X] Automatic error handling

- [ ] Scope Management (WIP)



## Setup



### Requirements



FastJWT is built on top of the following dependencies:



- [FastAPI](https://github.com/tiangolo/fastapi) as web framework

- [Pydantic](https://github.com/pydantic/pydantic) as data validation

- [PyJWT](https://github.com/jpadilla/pyjwt) as python implementation of the JSON Web Token standard



FastJWT also relies on [`typing-extensions`](https://pypi.org/project/typing-extensions/) for backward compatibility _(python3.9)_



> Note

>

> FastAPI, while required for **fastjwt**, is not declared as a dependency and must be installed prior with `pip install fastapi`



### Install



```shell

# With pip

pip install fastjwt

# With poetry

poetry add fastjwt

# With pipenv

pipenv install fastjwt

```



## Example



```py

from fastapi import FastAPI, Depends

from fastjwt import FastJWT



app = FastAPI()

security = FastJWT()



@app.get('/login')

def login():

    return security.create_access_token(uid='foo')



@app.get('/protected', dependencies=[Depends(security.access_token_required())])

def protected():

    return "This is a protected endpoint"

```



## Development



> **WORK IN PROGRESS**

>

> The development guide is not available yet



## Contributing



> **WORK IN PROGRESS**

>

> The contribution guide is not available yet



## License



This project is open source under [MIT License](https://github.com/ocarinow/fastjwt/blob/main/LICENSE)