Production-ready FastAPI auth system with JWT, refresh tokens, and async DB support
Project description
FastAPI Auth 🔐
Production-ready authentication system for FastAPI with async support, JWT, refresh tokens, and pluggable database backends.
🚀 Features
-
⚡ Fully async (no blocking I/O)
-
🔐 JWT authentication (access + refresh tokens)
-
🔁 Refresh token flow
-
🚪 Logout with token blacklist
-
🧱 Multi-database support:
- PostgreSQL (asyncpg)
- MySQL (aiomysql)
- SQLite (aiosqlite)
- MongoDB (motor)
-
🧠 Dependency-based auth (FastAPI native)
-
📦 Plug-and-play integration
-
🛡️ Password hashing with Argon2 (modern standard)
-
📄 Clean OpenAPI (Swagger) docs with Pydantic schemas
📦 Installation
pip install "fastapi-async-auth-kit[<db>]"
With database support
pip install "fastapi-async-auth-kit[postgres]"
pip install "fastapi-async-auth-kit[mysql]"
pip install "fastapi-async-auth-kit[mongodb]"
pip install "fastapi-async-auth-kit[sqlite]"
⚙️ Quick Start
Step 1: How to initiate auth on startup
from fastapi import FastAPI
from fastapi_auth_ import init_auth, AuthConfig
app = FastAPI()
@app.on_event("startup")
async def startup():
await init_auth(
app,
AuthConfig(
secret_key="your-secret",
db_url="postgresql+asyncpg://user:pass@localhost/db",
db_type="postgres"
)
)
Step 2: How to validate token for all your FastAPIs
from fastapi import APIRouter, Depends
from fastapi_auth.dependencies.auth import get_current_user
router = APIRouter()
@router.get("/user")
async def me(user=Depends(get_current_user)):
return user
🔐 Available Endpoints
| Endpoint | Description |
|---|---|
| POST /auth/register | Register new user |
| POST /auth/login | Login and get tokens |
| POST /auth/refresh | Refresh access token |
| POST /auth/logout | Logout and revoke token |
| GET /auth/me | Get current user |
🧪 Example
Login
POST /auth/login
{
"username": "john",
"password": "Strong@123"
}
Response
{
"access": "jwt_token",
"refresh": "refresh_token"
}
🧠 Architecture
FastAPI App
↓
Auth Service
↓
Repository Layer
↓
Database (Async)
🛡️ Security
- Argon2 password hashing
- JWT token expiration
- Refresh token blacklist
- No sensitive data exposure
- Clean error handling
🧩 Extensibility
- Add RBAC (roles & permissions)
- Plug custom user models
- Add OAuth providers (Google, GitHub)
- Integrate Redis for token storage
🛠 Tech Stack
- FastAPI
- SQLAlchemy (async)
- Pydantic
- python-jose (JWT)
- Argon2 (password hashing)
📌 Roadmap
- RBAC support
- Redis token blacklist
- OAuth integration
- Rate limiting
- Email verification
🤝 Contributing
Pull requests are welcome. For major changes, open an issue first.
📄 License
MIT License
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fastapi_async_auth_kit-0.3.0.tar.gz.
File metadata
- Download URL: fastapi_async_auth_kit-0.3.0.tar.gz
- Upload date:
- Size: 9.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
12d3e3e065d765684d1f71cdb04d0e6651f11132d609ba1be3e65c40e2481175
|
|
| MD5 |
4d4326fdf67f5ab9366dfe25b03f6fb5
|
|
| BLAKE2b-256 |
477fef050c84918e601c31cff8f0b78a7a80a393b212f8b15b50a40e76529b88
|
File details
Details for the file fastapi_async_auth_kit-0.3.0-py3-none-any.whl.
File metadata
- Download URL: fastapi_async_auth_kit-0.3.0-py3-none-any.whl
- Upload date:
- Size: 10.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ab604850a6d2d758ee2ec4e69c3bad61e923ce581a2e5761c78d411263ab4611
|
|
| MD5 |
f0519a9dceac0cdbf2f2cbd1fdc3bace
|
|
| BLAKE2b-256 |
d65d66a07398a16ca70827869293d8a0cfc10885b4bd1b635ee97b4bc18ee5b6
|
