An Any-Auth, A Essential Auth Lib.
Project description
Any Auth
Essential Authentication Library for FastAPI Applications.
Any Auth is a production-ready, MIT-licensed open-source library designed to streamline authentication and authorization in your FastAPI projects. It offers built-in support for JWT, OAuth 2.0 (Google), and flexible role-based access control, simplifying security for single-tenant or multi-tenant applications.
Table of Contents
Overview
Focus on building your application, not authentication.
Any Auth provides the tools to:
- Secure APIs: Implement JWT-based authentication for your FastAPI endpoints.
- Social Login: Integrate Google OAuth for seamless user sign-in.
- Manage Users: Utilize a built-in user model with essential functionalities.
- Control Access: Implement role-based access control (RBAC) across organizations and projects.
- Scale Easily: Support multi-tenant applications with organizations and projects.
- Choose your Backend: Leverage MongoDB with optional caching via Redis or DiskCache.
Features
- JWT Authentication: Generate, verify, and refresh JWT tokens with customizable expiration.
- Google OAuth 2.0: Simple integration for Google login, including automatic user account creation.
- User Management: Comprehensive user lifecycle management (create, update, retrieve, disable, enable).
- Role-Based Access Control (RBAC): Hierarchical roles (platform, organization, project) for fine-grained access control.
- Organization & Project Management: Built-in models for managing organizations and projects in multi-tenant scenarios.
- Membership Management: Define and manage user memberships within organizations and projects.
- Flexible Backend: Supports MongoDB as primary storage with optional Redis or DiskCache caching.
- RESTful API: Complete API endpoints for authentication, user, role, organization, project, and role assignment management.
- Testable: Extensive test suite using pytest and FastAPI's TestClient.
Installation
Install Any Auth using Poetry:
# Clone the repository
git clone https://github.com/allen2c/any-auth.git
cd any-auth
# Install dependencies
poetry install
Or, if published on PyPI:
pip install any-auth # Replace with actual package name if different
Configuration
Any Auth is configured via environment variables and a Pydantic Settings class. Key configurations include:
- Database:
DATABASE_URL(MongoDB connection string). - JWT:
JWT_SECRET_KEY(secret key for JWT signing),JWT_ALGORITHM(default: HS256). - Token Expiration:
TOKEN_EXPIRATION_TIME(access token lifetime in seconds),REFRESH_TOKEN_EXPIRATION_TIME(refresh token lifetime in seconds). - Google OAuth (Optional):
GOOGLE_CLIENT_ID,GOOGLE_CLIENT_SECRET,GOOGLE_REDIRECT_URI. - SMTP (Optional):
SMTP_SERVER,SMTP_PORT,SMTP_USERNAME,SMTP_PASSWORD,SMTP_FROM(for password reset and notifications).
Example .env file:
DATABASE_URL=mongodb://localhost:27017
JWT_SECRET_KEY=your-very-secure-key
TOKEN_EXPIRATION_TIME=900
REFRESH_TOKEN_EXPIRATION_TIME=604800
Usage
Running the App
-
Create your FastAPI app in
any_auth/app.py(example):from any_auth.build_app import build_app from any_auth.config import Settings Settings.probe_required_environment_variables() app_settings = Settings() app = build_app(settings=app_settings) if __name__ == "__main__": import uvicorn uvicorn.run(app, host="0.0.0.0", port=8000)
-
Run the application:
uvicorn any_auth.app:app --reload
API Endpoints
Explore the auto-generated API documentation at /docs or /redoc of your running application.
Key endpoint categories:
- Authentication:
/token(login),/logout,/refresh-token,/reset-password,/auth/google/login. - User Management:
/users(create, list, get, update, disable/enable). - Organization Management:
/organizations(create, list, get, update, disable/enable),/organizations/{organization_id}/projects,/organizations/{organization_id}/members. - Project Management:
/organizations/{organization_id}/projects,/projects(create, list, get, update, disable/enable),/projects/{project_id}/members,/projects/{project_id}/api-keys. - Role & Role Assignment Management:
/roles(create, list, get, update, disable/enable),/role-assignments.
All endpoints are secured with role-based access control.
Development & Testing
Run tests using pytest:
poetry run pytest
For development with live reload:
uvicorn any_auth.app:app --reload
Contributing
Contributions are welcome!
- Fork the repository.
- Create a feature branch.
- Write tests for your changes.
- Ensure all tests pass.
- Submit a pull request.
License
Copyright (c) 2025 AllenChou
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file any_auth-0.3.0.tar.gz.
File metadata
- Download URL: any_auth-0.3.0.tar.gz
- Upload date:
- Size: 42.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.1.1 CPython/3.12.8 Darwin/24.3.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
00ec4b88c28777dce78cc072a8dd7aed9fec92a549bea1c05c7e5521d7cc785e
|
|
| MD5 |
84905d0b13d714dc1078d950fbf4de60
|
|
| BLAKE2b-256 |
edf620c8190603d69c505f121fe5ef667cfa404e2d63f54de89699a7f68edeb7
|
File details
Details for the file any_auth-0.3.0-py3-none-any.whl.
File metadata
- Download URL: any_auth-0.3.0-py3-none-any.whl
- Upload date:
- Size: 74.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.1.1 CPython/3.12.8 Darwin/24.3.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
46f3ae694f9b134159a2a3fc463d62a0528bf2b641ee066e9b231f4670d08fdf
|
|
| MD5 |
f849ba27b2c315355bbe3d10f5ead0a2
|
|
| BLAKE2b-256 |
b310ebda5846dd3c380d6148c97896463028c24684861390e41f35065839ae43
|
