JWT authentication in FastAPI with ease
Project description
FastAPI JWT Auth 
FastAPI JWT Auth is a lightweight library designed to simplify the integration of JWT authentication into FastAPI applications. By strictly adhering to FastAPI conventions, it provides a seamless and straightforward authentication setup process. The library aims for 100% test coverage.
Installing
pip install fastapi-jwt-auth3
NOTE: There are others who have written similar libraries with identical names. As an homage to the libraries that came before, I have decided to name this library fastapi-jwt-auth3.
How To Use
This is an example single file implementation, let's name it example.py.
In order for this example to run, I took the liberty to use the Faker library to generate fake data. You can install it by running pip install faker.
__all__ = ["app"]
import uuid
from fastapi import FastAPI, Depends, HTTPException
from faker import Faker
from jwcrypto import jwk
from pydantic import BaseModel, ConfigDict, EmailStr
from fastapi_jwt_auth3.jwtauth import FastAPIJWTAuth, KeypairGenerator, JWTPresetClaims, generate_jwt_token
# Initialize the Faker instance to generate fake data
fake = Faker()
# Define the token claims to be projected to when decoding JWT tokens
class TokenClaims(BaseModel):
model_config = ConfigDict(extra="forbid")
name: str
email: EmailStr
iss: str
aud: str
exp: int
sub: str
iat: int
jti: str
# Payload for our logins
class LoginIn(BaseModel):
username: str
password: str
app = FastAPI(title="FastAPI JWT Auth Example")
# For the purpose of this example, we will generate a new RSA keypair
private_key, public_key = KeypairGenerator.generate_rsa_keypair()
# Create a JWK key from the public key
jwk_key = jwk.JWK.from_pem(public_key.encode("utf-8"))
public_key_id = jwk_key.get("kid")
"""
Initialize the FastAPIJWTAuth instance with an RSA algorithm. We need to provide a set of private and public key.
"""
jwt_auth = FastAPIJWTAuth(
algorithm="RS256",
base_url="http://localhost:8000",
secret_key=private_key,
public_key=public_key,
public_key_id=public_key_id,
issuer="https://localhost:8000",
audience="https://localhost:8000",
expiry=60 * 60 * 24 * 7,
leeway=0,
project_to=TokenClaims,
)
"""
Initialize the FastAPIJWTAuth instance with a FastAPI app. This will add a route at:
[GET] /.well-known/jwks.json
This route will return the public key in JWK format for consumers to verify the JWT token.
"""
jwt_auth.init_app(app)
@app.get("/protected")
async def protected_route(claims: TokenClaims = Depends(jwt_auth)):
return {"message": f"Hello, {claims.name}!"}
@app.post("/login")
async def login(payload: LoginIn):
if payload.username != "username" or payload.password != "password":
raise HTTPException(status_code=401, detail="Invalid credentials")
preset_claims = JWTPresetClaims.factory(
issuer=jwt_auth.issuer, audience=jwt_auth.audience, expiry=jwt_auth.expiry, subject=str(uuid.uuid4())
)
claims = {"name": fake.name(), "email": fake.email()}
token = generate_jwt_token(
header=jwt_auth.header, secret_key=jwt_auth.secret_key, preset_claims=preset_claims, claims=claims
)
return {"access_token": token}
We can run the example above with uvicorn.
uvicorn example:app --reload
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for fastapi_jwt_auth3-0.1.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f3d11b760fc3d31dfeb1a7db7b365d4baa9945f2dea1f2745266e627179dac56 |
|
| MD5 | 4b2bfa22636c5f1c052202e87ac3c319 |
|
| BLAKE2b-256 | 89e823294b5b1b5380989c5304f4c7850875c5e1910f46fd928fba9a1037acc1 |
