A simple FastAPI integration to protect documentation endpoints with authentication
Project description
FastAPI DocShield
A simple FastAPI integration to protect documentation endpoints with HTTP Basic Authentication.
About
Protect FastAPI's /docs, /redoc, and /openapi.json endpoints with HTTP Basic Authentication.
Installation
From PyPI
# Install with pip
pip install fastapi-docshield
# Or with uv
uv pip install fastapi-docshield
From Source
git clone https://github.com/georgekhananaev/fastapi-docshield.git
cd fastapi-docshield
pip install -e .
Quick Usage
Single User
from fastapi import FastAPI
from fastapi_docshield import DocShield
app = FastAPI()
@app.get("/")
def read_root():
return {"Hello": "World"}
# Add protection to docs with a single user
DocShield(
app=app,
credentials={"admin": "password123"}
)
Multiple Users
from fastapi import FastAPI
from fastapi_docshield import DocShield
app = FastAPI()
@app.get("/")
def read_root():
return {"Hello": "World"}
# Add protection to docs with multiple users
DocShield(
app=app,
credentials={
"admin": "admin_password",
"developer": "dev_password",
"viewer": "viewer_password"
}
)
CDN Fallback Mode (Default)
from fastapi import FastAPI
from fastapi_docshield import DocShield
app = FastAPI()
# Default mode: Use CDN with automatic fallback to local files
DocShield(
app=app,
credentials={"admin": "password123"},
use_cdn_fallback=True # Default - automatically falls back to local if CDN fails
)
Prefer Local Files
from fastapi import FastAPI
from fastapi_docshield import DocShield
app = FastAPI()
# Always use local files instead of CDN
DocShield(
app=app,
credentials={"admin": "password123"},
prefer_local=True # Serve documentation from bundled static files
)
CDN Only (No Fallback)
from fastapi import FastAPI
from fastapi_docshield import DocShield
app = FastAPI()
# Use CDN without fallback (original behavior)
DocShield(
app=app,
credentials={"admin": "password123"},
use_cdn_fallback=False # Disable fallback, CDN only
)
Custom CSS and JavaScript
from fastapi import FastAPI
from fastapi_docshield import DocShield
import requests
app = FastAPI()
# Load dark theme CSS from external source
# You can use https://github.com/georgekhananaev/fastapi-swagger-dark
dark_theme_url = "https://raw.githubusercontent.com/georgekhananaev/fastapi-swagger-dark/main/src/fastapi_swagger_dark/swagger_ui_dark.min.css"
custom_css = requests.get(dark_theme_url).text
# Custom JavaScript for analytics
custom_js = """
console.log('📊 Documentation accessed at:', new Date().toISOString());
document.addEventListener('DOMContentLoaded', function() {
console.log('Dark theme loaded!');
});
"""
# Apply with custom styling
DocShield(
app=app,
credentials={"admin": "password123"},
custom_css=custom_css,
custom_js=custom_js
)
Using with fastapi-swagger-dark
For a complete dark theme solution, you can use the fastapi-swagger-dark package:
from fastapi import FastAPI
from fastapi_docshield import DocShield
import requests
app = FastAPI()
# Fetch dark theme CSS
response = requests.get(
"https://raw.githubusercontent.com/georgekhananaev/fastapi-swagger-dark/main/src/fastapi_swagger_dark/swagger_ui_dark.min.css"
)
dark_css = response.text
DocShield(
app=app,
credentials={"admin": "password123"},
custom_css=dark_css # Apply dark theme
)
See examples/custom_styling.py for more customization examples including:
- ✨ Minimal clean theme
- 🏢 Corporate theme with analytics
- 📖 ReDoc customization
- 🎨 Custom branding
Running Demo
# Run the demo app
python demo.py
# Visit http://localhost:8000/docs
# Username: admin
# Password: password123
Running Tests
# Install test dependencies
pip install pytest httpx
# Run all tests
pytest
# Run with coverage
pytest --cov=fastapi_docshield
Features
- Protect Swagger UI, ReDoc, and OpenAPI JSON endpoints
- Customizable endpoint URLs
- Multiple username/password combinations
- Automatic CDN fallback - Falls back to local files if CDN is unavailable
- Local file preference option - Serve documentation from local files for better reliability
- Custom CSS and JavaScript injection - Fully customize the look and behavior of documentation
- Resilient documentation - Works even when CDN is down or blocked
- Tested on Python 3.7-3.13
- Compatible with uv package manager
Changelog
Version 0.2.1 (2025-08-17)
- Fixed: Blank page issue after authentication for some users
- Improved handling of custom URL parameters by storing them as instance variables
- Simplified
_setup_routes()method for better maintainability - Applied fix from PR #2 for more robust URL parameter handling
- Fixed: Route removal logic now correctly removes all default documentation routes
- Properly removes
/docs,/redoc, and/openapi.jsonendpoints - Prevents 500 errors when accessing old endpoints
- Properly removes
- Improved: Example files and documentation
- Fixed
custom_styling.pyto work with uvicorn by adding default app variable - Standardized credentials across all custom styling examples
- Added
python-multipartto dev dependencies for form data handling - Added clear run instructions in example files
- Fixed
Version 0.2.0 (2025-08-17)
- Added: Custom CSS and JavaScript injection support
- New
custom_cssparameter to inject custom styles into documentation pages - New
custom_jsparameter to inject custom JavaScript for enhanced functionality - Complete customization examples for dark theme, minimal theme, corporate branding, and analytics
- Support for both Swagger UI and ReDoc customization
- New
- Added: Automatic CDN fallback to local files for better reliability
- Documentation now automatically falls back to bundled static files if CDN is unavailable
- New
prefer_localoption to always serve from local files - New
use_cdn_fallbackoption to control fallback behavior - Bundled Swagger UI and ReDoc static files for offline capability
- Fixed: Static file URL bug that caused blank documentation pages
- Previously, when no custom CDN URLs were provided, the package would pass
Nonevalues to FastAPI's documentation functions - This resulted in HTML with
href="None"andsrc="None", causing white/blank pages - Now properly handles default CDN URLs when custom URLs are not specified
- Previously, when no custom CDN URLs were provided, the package would pass
Version 0.1.0 (2025-01-15)
- Initial release
- Basic HTTP authentication for FastAPI documentation endpoints
- Support for multiple users
License
MIT License - Copyright (c) 2025 George Khananaev
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
fastapi_docshield-0.2.1.tar.gz
(758.2 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file fastapi_docshield-0.2.1.tar.gz.
File metadata
- Download URL: fastapi_docshield-0.2.1.tar.gz
- Upload date:
- Size: 758.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
135a6ffe5a59784426f884de7860a64e31f63103ae99cab69863662800d21ca6
|
|
| MD5 |
c466536fef750bce2f46327ec8cc1093
|
|
| BLAKE2b-256 |
186c8aeca2c9b9b6472c4d372a29ef5b337c890e6ff4af83e2c19eb530580493
|
File details
Details for the file fastapi_docshield-0.2.1-py3-none-any.whl.
File metadata
- Download URL: fastapi_docshield-0.2.1-py3-none-any.whl
- Upload date:
- Size: 762.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8558cf038c947e79fddbeac2b9207e3ad9204f42a879ed36d30a63d8428d1048
|
|
| MD5 |
13e3dc2e24d2507493314c504dce0efb
|
|
| BLAKE2b-256 |
a44273a8b9c91674183f5cf6ad3d7bfecc6b2f525bc03ec8e2519074d779b2d9
|
