Skip to main content

Lightweight auth middleware for FastAPI that just works. Fits most auth workflows with only a few lines of code.

Project description

FastAPI Auth Middleware

codecov CodeFactor Py3.7 Py3.7 Py3.7 Py3.7

We at Code Specialist love FastAPI for its simplicity and feature-richness. Though we were a bit staggered by the poor documentation and integration of auth-concepts. That's why we wrote a FastAPI Auth Middleware. It integrates seamlessly into FastAPI applications and requires minimum configuration. It is built upon Starlette and thereby requires no dependencies you do not have included anyway.

Caution: This is a middleware to plug in existing authentication. Even though we offer some sample code, this package assumes you already have a way to generate and verify whatever you use, to authenticate your users. In most of the usual cases this will be an access token or bearer. For instance as in OAuth2 or Open ID Connect.

Install

pip install fastapi_auth_middleware

Documentation

More detailed docs are available at https://fastapi-auth-middleware.code-specialist.com.

Why FastAPI Auth Middlware?

  • Application or Route scoped automatic authorization and authentication with the perks of dependency injection (But without inflated signatures due to Depends())
  • Lightweight without additional dependencies
  • Easy to configure
  • Easy to extend and adjust to specific needs
  • Plug-and-Play feeling

Usage

The usage of this middleware requires you to provide a single function that validates a given authorization header. The middleware will extract the content of the Authorization HTTP header and inject it into your function that returns a list of scopes and a user object. The list of scopes may be empty if you do not use any scope based concepts. The user object must be a BaseUser or any inheriting class such as FastAPIUser. Thereby, your verify_authorization_header function must implement a signature that contains a string as an input and a Tuple of a List of strings and a BaseUser as output:

from typing import Tuple, List
from fastapi_auth_middleware import FastAPIUser
from starlette.authentication import BaseUser

...
# Takes a string that will look like 'Bearer eyJhbGc...'
def verify_authorization_header(auth_header: str) -> Tuple[List[str], BaseUser]: # Returns a Tuple of a List of scopes (string) and a BaseUser
    user = FastAPIUser(first_name="Code", last_name="Specialist", user_id=1)  # Usually you would decode the JWT here and verify its signature to extract the 'sub'
    scopes = []  # You could for instance use the scopes provided in the JWT or request them by looking up the scopes with the 'sub' somewhere
    return scopes, user

This function is then included as an keyword argument when adding the middleware to the app.

from fastapi import FastAPI
from fastapi_auth_middleware import AuthMiddleware

...

app = FastAPI()
app.add_middleware(AuthMiddleware, verify_authorization_header=verify_authorization_header)

After adding this middleware, all requests will pass the verify_authorization_header function and contain the scopes as well as the user object as injected dependencies. All requests now pass the verify_authorization_header method. You may also verify that users posses scopes with requires:

from starlette.authentication import requires

...

@app.get("/")
@requires(["admin"])  # Will result in an HTTP 401 if the scope is not matched
def some_endpoint():
    ...

You are also able to use the user object you injected on the request object:

from starlette.requests import Request

...

@app.get('/')
def home(request: Request):
    return f"Hello {request.user.first_name}"  # Assuming you use the FastAPIUser object

Examples

Various examples on how to use this middleware are available at https://fastapi-auth-middleware.code-specialist.com/examples

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fastapi_auth_middleware-1.0.1.tar.gz (33.9 kB view details)

Uploaded Source

Built Distribution

fastapi_auth_middleware-1.0.1-py3-none-any.whl (12.2 kB view details)

Uploaded Python 3

File details

Details for the file fastapi_auth_middleware-1.0.1.tar.gz.

File metadata

File hashes

Hashes for fastapi_auth_middleware-1.0.1.tar.gz
Algorithm Hash digest
SHA256 6e5ed7a81dd43b2e8519a8353f9388c971a15cb5e895a05c59f6df5c573f8be4
MD5 09e5b4726814bf39df9f4b73b6f5a438
BLAKE2b-256 883290cf2dfae15462730aa53d0ece9b5d98928b4988f0b37247bb6f09e78a06

See more details on using hashes here.

File details

Details for the file fastapi_auth_middleware-1.0.1-py3-none-any.whl.

File metadata

File hashes

Hashes for fastapi_auth_middleware-1.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 be7b0a98f732ae16873effa1d20ce03f7a74e7c8a85875fe259d19ffd0f17b25
MD5 9e4f462d8a0c27651d512a8320eb36e9
BLAKE2b-256 5758a0376b5d76a66c0c1e1fb6ef510469f3263e769658fd76f559c1e2343de4

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page