A FastAPI project to manage users and issue JWT tokens to control access

Project description

Isagog user management

Welcome to our project! This project uses FastAPI for user management, login, and authorization.

It implements OAuth2 using bcrypt peppered hashes and issues access and refresh JWT tokens. These tokens are used to protect your FastAPI application routes via the Dependency mechanism.

It lets you define two classes of users: admin and basic. The latter can only login and refresh its token, while an admin can create, list, update and delete any other user.

Getting Started

To get started with this project, follow these steps:

Copy the .env.example file: Rename the .env.example file to .env.
Fill in the secrets: Open the .env file and replace the placeholders with your actual secrets. Make sure to keep the secrets protected by double quotes.
Generate encryption keys: If needed, you can use the utils/gencrypt.py program to help you with filling the .env variables

Important Notes

Both the email and the username must be unique.
You can login with either the email or the username.
You can view the OpenAPI documentation at host:port/docs.

Usage

The main.py file is a demo of how you can import, initialize, and use the user management, login, and authorization in your FastAPI app.

To be usable you need to have a .env file in the project root with the following content:

BCRYPT_PEPPER = "yourcomplexpepper"
JWT_SECRET = "yourcomplex JWT secret"
ADMIN_PASSWORD=adminpasswordisverysecretmyfriend
ADMIN_EMAIL=admin@isagog.com
ADMIN_USERNAME=admin
ACCESS_TOKEN_LIFETIME = 15
REFRESH_TOKEN_LIFETIME = 7
USER_DB_URL="sqlite:///./users.db"
USER_TABLE_NAME=users

and of course you will customize at least the first three, and better yet the first five values.

Building the Docker image

You can use the Makefile by running make build to build an image with the version number specified in the Makefile. This image is built to be run under a non privileged isagog user.

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

License

MIT

Project details

Release history Release notifications | RSS feed

This version

0.1.0

Jun 7, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

isagog_userauth-0.1.0.tar.gz (11.3 kB view details)

Uploaded Jun 7, 2024 Source

Built Distribution

isagog_userauth-0.1.0-py3-none-any.whl (13.7 kB view details)

Uploaded Jun 7, 2024 Python 3

File details

Details for the file isagog_userauth-0.1.0.tar.gz.

File metadata

Download URL: isagog_userauth-0.1.0.tar.gz
Upload date: Jun 7, 2024
Size: 11.3 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.8.2 CPython/3.12.3 Darwin/23.5.0

File hashes

Hashes for isagog_userauth-0.1.0.tar.gz
Algorithm	Hash digest
SHA256	`8c7ad1c70a5a23dbb5628dc4db3c788c54828ef781fd5a22cc50eff36c19e8af`
MD5	`3fb7d0eba0ca6f49704b896cc8da4b08`
BLAKE2b-256	`f5ac8c574677e26bb150ac17578f621da02452eb1a19d301b0bff47de63d41d4`

See more details on using hashes here.

File details

Details for the file isagog_userauth-0.1.0-py3-none-any.whl.

File metadata

Download URL: isagog_userauth-0.1.0-py3-none-any.whl
Upload date: Jun 7, 2024
Size: 13.7 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: poetry/1.8.2 CPython/3.12.3 Darwin/23.5.0

File hashes

Hashes for isagog_userauth-0.1.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`8621aa273057eb0e194238ddfdcb4636c9b525decbef4769b47d77f983815328`
MD5	`3cb8df7502dc1e7d7ad0d84fa22490d8`
BLAKE2b-256	`ac2aa0908e0686aed0b3e11fb48f382065bf9f333751332e95d03ae1b794bd31`