FastAPI authentication middleware with JWT verification and Azure integration
Project description
Vibrant Auth Middleware FastAPI
JWT authentication middleware with Azure integration for FastAPI applications.
Features
- JWT verification with automatic algorithm detection (HS256/RS256)
- Azure Key Vault integration for HS256 secrets
- Azure App Configuration integration for RS256 public keys
- FastAPI dependency injection support
- Cookie-based authentication support (access_token + token_type)
- Automatic fallback from Authorization header to cookies
- Caching for improved performance
Installation
pip install vibrant-auth-middleware-fastapi
Quick Start
from fastapi import FastAPI, Depends
from vibrant_auth_middleware import get_user_id
app = FastAPI()
@app.get("/protected")
def protected_route(user_id: str = Depends(get_user_id)):
return {"user_id": user_id}
Configuration
Configure via environment variables:
HS256 (Symmetric Key)
# Option 1: Direct secret
JWT_SECRET_KEY=your-secret-key
# Option 2: Azure Key Vault
AZURE_KEY_VAULT_URI=https://your-vault.vault.azure.net/
AZURE_KEY_VAULT_JWT_SECRET=jwt-secret-key # optional, default: "jwt-secret-key"
RS256 (Asymmetric Key)
# Option 1: Direct public key
JWT_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----\n...\n-----END PUBLIC KEY-----"
# Option 2: Azure App Configuration
AZURE_APP_CONFIG_ENDPOINT=https://your-config.azconfig.io
# or
AZURE_APP_CONFIG_CONNECTION_STRING=Endpoint=...
AZURE_APP_CONFIG_JWT_KEY=jwt-public-key # optional, default: "jwt-public-key"
JWT Verification Options
JWT_AUDIENCE=your-audience # optional
JWT_ISSUER=your-issuer # optional
JWT_LEEWAY=0 # optional, seconds for time validation
Azure Authentication
APP_ENV=production # Uses WorkloadIdentityCredential
APP_ENV=dev # Uses DefaultAzureCredential (default)
API Reference
get_user_id
FastAPI dependency that extracts and validates user_id from JWT token. Supports both Authorization header and cookie-based authentication with automatic fallback.
Authentication methods (in order of priority):
- Authorization header:
Authorization: Bearer <token> - Cookies:
access_token+token_type(token_type must be "Bearer")
@app.get("/me")
def get_me(user_id: str = Depends(get_user_id)):
return {"user_id": user_id}
get_user
FastAPI dependency that extracts and validates the full JWT payload. Supports both Authorization header and cookie-based authentication with automatic fallback.
from vibrant_auth_middleware import get_user
@app.get("/me")
def get_me(user: dict = Depends(get_user)):
return {"user": user}
get_user_id_from_cookie
FastAPI dependency that extracts and validates user_id exclusively from cookies. Requires both access_token and token_type cookies, where token_type must be "Bearer".
from vibrant_auth_middleware import get_user_id_from_cookie
@app.get("/me")
def get_me(user_id: str = Depends(get_user_id_from_cookie)):
return {"user_id": user_id}
Expected cookies:
access_token: The JWT tokentoken_type: Must be "Bearer"
verify_jwt_token
Verify a JWT token and return its payload.
from vibrant_auth_middleware import verify_jwt_token
payload = verify_jwt_token(token)
get_user_id_from_token
Extract user_id from a verified JWT token.
from vibrant_auth_middleware import get_user_id_from_token
user_id = get_user_id_from_token(token)
get_token_payload
Get the full verified token payload.
from vibrant_auth_middleware import get_token_payload
payload = get_token_payload(token)
License
ISC
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file vibrant_auth_middleware_fastapi-0.1.2.tar.gz.
File metadata
- Download URL: vibrant_auth_middleware_fastapi-0.1.2.tar.gz
- Upload date:
- Size: 6.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0dcea93afddf5a55ba1bae028b72a665ad69f4f402cd00840464f8922ca74dea
|
|
| MD5 |
9bd8c0e7f27a4d33aa004ee5fd1c438b
|
|
| BLAKE2b-256 |
633f6d6bbfc02231a7f5499e5c927cc4074156e291fba649429d9341ef7ac6b9
|
File details
Details for the file vibrant_auth_middleware_fastapi-0.1.2-py3-none-any.whl.
File metadata
- Download URL: vibrant_auth_middleware_fastapi-0.1.2-py3-none-any.whl
- Upload date:
- Size: 9.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.9.26 {"installer":{"name":"uv","version":"0.9.26","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
bb87ad53884256cb01f0b9acec82070afe4d4dd6e3238ec9e30512ae3ab1c8c4
|
|
| MD5 |
13cfbff1016773162c5dee5d2b91c4ce
|
|
| BLAKE2b-256 |
a5dd975567fe6d98ffb363dfcf08a6fd6a5a86a03ca2713cb78ece3cbfa2c872
|
