Secure, minimal authentication for FastAPI and Python 3.13+

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Aviral-77 from gravatar.com Aviral-77

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Aviral
  • Tags argon2 , authentication , fastapi , jwt , password-hashing , python313
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

⚡ FlashAuth

Secure, minimal authentication for FastAPI and Python 3.13+.

No 72-byte password limits. No deprecated dependencies. Just works.

Why FlashAuth?

Problem FlashAuth Solution
bcrypt truncates passwords at 72 bytes Argon2id with no limits
passlib breaks on Python 3.13 No crypt module dependency
80+ lines of auth boilerplate One import, done
Can't distinguish expired vs invalid tokens Separate exceptions
No refresh token support Built-in token pairs
Password verify blocks async hash_async() / verify_async()

Installation

pip install flashauth

Quick Start

from flashauth import FlashAuth

# Initialize (store secret_key securely in production)
auth = FlashAuth(secret_key=FlashAuth.generate_secret_key())

# Hash passwords (no length limit)
hashed = auth.hash("my-very-long-secure-password-🚀")

# Verify with automatic rehash detection
result = auth.verify("my-very-long-secure-password-🚀", hashed)
if result.valid:
    if result.needs_rehash:
        # Save result.new_hash to upgrade security params
        pass

# Create JWT
token = auth.create_token({"user_id": 123})

# Decode with proper error handling
from flashauth import TokenExpiredError, TokenInvalidError

try:
    payload = auth.decode_token(token)
except TokenExpiredError:
    # Handle expired token (e.g., prompt re-login)
    pass
except TokenInvalidError:
    # Handle invalid token (e.g., log suspicious activity)
    pass

FastAPI Integration

from fastapi import Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer
from flashauth import FlashAuth, TokenExpiredError, TokenInvalidError

auth = FlashAuth(
    secret_key="your-secret-key-min-32-bytes-long!",
    issuer="myapp",
)
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")


async def get_current_user(token: str = Depends(oauth2_scheme)):
    try:
        payload = auth.decode_token(token)
    except TokenExpiredError:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED, "Token expired")
    except TokenInvalidError:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED, "Invalid token")
    
    return await get_user(payload["user_id"])


@app.post("/login")
async def login(username: str, password: str):
    user = await get_user_by_username(username)
    result = await auth.verify_async(password, user.password_hash)
    
    if not result.valid:
        raise HTTPException(status.HTTP_401_UNAUTHORIZED, "Invalid credentials")
    
    tokens = auth.create_token_pair({"user_id": user.id})
    return {"access_token": tokens.access_token, "refresh_token": tokens.refresh_token}

Features

  • Argon2id hashing - No 72-byte limit, memory-hard
  • Python 3.13 ready - No deprecated crypt module
  • Async support - hash_async(), verify_async()
  • Refresh tokens - create_token_pair(), refresh_tokens()
  • Key rotation - old_secret_keys parameter
  • Token revocation - jti claim + get_token_id()
  • Auto-rehashing - VerifyResult.needs_rehash

License

MIT

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Aviral-77 from gravatar.com Aviral-77

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License Expression: MIT
    SPDX License Expression
  • Author: Aviral
  • Tags argon2 , authentication , fastapi , jwt , password-hashing , python313
  • Requires: Python >=3.10
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

0.2.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

flashauth-0.2.0.tar.gz (7.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

flashauth-0.2.0-py3-none-any.whl (7.7 kB view details)

Uploaded Python 3

File details

Details for the file flashauth-0.2.0.tar.gz.

File metadata

  • Download URL: flashauth-0.2.0.tar.gz
  • Upload date:
  • Size: 7.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for flashauth-0.2.0.tar.gz
Algorithm Hash digest
SHA256 b55cb17a823d562dabc391a18e1f79c481a5088631dc449843ece446a7407edd
MD5 b9f8d5d138b947127dc369e83fa37d99
BLAKE2b-256 10ab6530a73baec944f5c337417cddfe55430a5022ff721394d5333e41e95aca

See more details on using hashes here.

File details

Details for the file flashauth-0.2.0-py3-none-any.whl.

File metadata

  • Download URL: flashauth-0.2.0-py3-none-any.whl
  • Upload date:
  • Size: 7.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for flashauth-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 08440c8303615b92da0aa4d1802b197271b1aa6f25f4b45b3f6aa296cca2add9
MD5 7013e27411fd54d324fe5405d8eb78dd
BLAKE2b-256 cba5c2409bb69d196b95dc633e40f27990fd705652a656108816e998822552d4

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page