Fastapi-auth-middleware - Lightweight auth middleware for FastAPI that just works. Fits most auth workflows with only a few lines of code

Last update: Oct 16, 2022

Overview

FastAPI Auth Middleware

We at Code Specialist love FastAPI for its simplicity and feature-richness. Though we were a bit staggered by the poor documentation and integration of auth-concepts. That's why we wrote a FastAPI Auth Middleware. It integrates seamlessly into FastAPI applications and requires minimum configuration. It is built upon Starlette and thereby requires no dependencies you do not have included anyway.

Caution: This is a middleware to plug in existing authentication. Even though we offer some sample code, this package assumes you already have a way to generate and verify whatever you use, to authenticate your users. In most of the usual cases this will be an access token or bearer. For instance as in OAuth2 or Open ID Connect.

Install

pip install fastapi-auth-middleware

Why FastAPI Auth Middlware?

Application or Route scoped automatic authorization and authentication with the perks of dependency injection (But without inflated signatures due to Depends())
Lightweight without additional dependencies
Easy to configure
Easy to extend and adjust to specific needs
Plug-and-Play feeling

Usage

The usage of this middleware requires you to provide a single function that validates a given authorization header. The middleware will extract the content of the Authorization HTTP header and inject it into your function that returns a list of scopes and a user object. The list of scopes may be empty if you do not use any scope based concepts. The user object must be a BaseUser or any inheriting class such as FastAPIUser. Thereby, your verify_authorization_header function must implement a signature that contains a string as an input and a Tuple of a List of strings and a BaseUser as output:

from typing import Tuple, List
from fastapi_auth_middleware import FastAPIUser
from starlette.authentication import BaseUser

...
# Takes a string that will look like 'Bearer eyJhbGc...'
def verify_authorization_header(auth_header: str) -> Tuple[List[str], BaseUser]: # Returns a Tuple of a List of scopes (string) and a BaseUser
    user = FastAPIUser(first_name="Code", last_name="Specialist", user_id=1)  # Usually you would decode the JWT here and verify its signature to extract the 'sub'
    scopes = []  # You could for instance use the scopes provided in the JWT or request them by looking up the scopes with the 'sub' somewhere
    return scopes, user

This function is then included as an keyword argument when adding the middleware to the app.

from fastapi import FastAPI
from fastapi_auth_middleware import AuthMiddleware

...

app = FastAPI()
app.add_middleware(AuthMiddleware, verify_authorization_header=verify_authorization_header)

After adding this middleware, all requests will pass the verify_authorization_header function and contain the scopes as well as the user object as injected dependencies. All requests now pass the verify_authorization_header method. You may also verify that users posses scopes with requires:

from starlette.authentication import requires

...

@app.get("/")
@requires(["admin"])  # Will result in an HTTP 401 if the scope is not matched
def some_endpoint():
    ...

You are also able to use the user object you injected on the request object:

from starlette.requests import Request

...

@app.get('/')
def home(request: Request):
    return f"Hello {request.user.first_name}"  # Assuming you use the FastAPIUser object

Examples

Various examples on how to use this middleware are available at https://code-specialist.github.io/fastapi-auth-middleware/examples

Comments

tests multiple python versions in test pipeline
This PR:

runs the test pipeline with all supported python versions instead of only Python 3.8

adds a badge for the test status on master to the README

enhancement
opened by JonasScholl 2
proper error handling in authentication middleware
When an error in an starlette AuthenticationBackend occurs, a AuthenticationError must be raised, other exceptions may produce errors like: 'RuntimeError: Caught handled exception, but response already started.' (see starlette documentation)

This PR:

catches all exceptions that occur in the verify_authorization_header callback and convert them into an AuthenticationError

adds an optional error handler callback for specifically catching auth errors and returning a custom response (since this is already offered by the AuthenticationBackend implentation from starlette)

does some type hint improvements, I couldn't resist 😂
opened by JonasScholl 1
OAuth2Middleware with automatic renewal added
Async support for the AuthMiddleware

OAuth2Middleware added

Write tests (100% coverage)

Documentation

Add example

TODO before merging:

Add example with the fastapi-keycloak package -> Convert to issue #1

enhancement
opened by yannicschroeer 1
Integrate with fastapi openapi authentication
Is there a way to make this middleware correctly integrate with the openapi generators from fastapi? For instance. Currently, this:

@router.get("/me", response_model=schemas.User) @requires('user') async def read_user_me(request: Request, db: Session = Depends(get_db)): user = User.get_user(db, request.user.userid) return user

Is not detected by fastapi's openapi generator as an authenticated endpoint. Is there a way to make this library integrate correctly with the openapi generator.
opened by xtrm0 0
Protected and Unprotected Endpoints

I'm trying the middleware and reading the docs

Once Starlette includes this and FastAPI adopts it, there will be a more elegant solution to this.

FYI https://github.com/encode/starlette/pull/1649

opened by paolodina 0

Releases(1.0.2)

1.0.2(Apr 7, 2022)

Full Changelog: https://github.com/code-specialist/fastapi-auth-middleware/compare/1.0.1...1.0.2
Source code(tar.gz)
Source code(zip)
1.0.1(Mar 24, 2022)
What's Changed

Excluded URLs by @yannicschroeer in https://github.com/code-specialist/fastapi-auth-middleware/pull/6

Full Changelog: https://github.com/code-specialist/fastapi-auth-middleware/compare/1.0.0...1.0.1
Source code(tar.gz)
Source code(zip)
1.0.0(Mar 15, 2022)
What's Changed

proper error handling in authentication middleware by @JonasScholl in https://github.com/code-specialist/fastapi-auth-middleware/pull/2

OAuth2Middleware with automatic renewal added by @yannicschroeer in https://github.com/code-specialist/fastapi-auth-middleware/pull/1

Improved the reusability of the middleware by passing all headers ins… by @yannicschroeer in https://github.com/code-specialist/fastapi-auth-middleware/pull/3

New Contributors

@JonasScholl made their first contribution in https://github.com/code-specialist/fastapi-auth-middleware/pull/2

@yannicschroeer made their first contribution in https://github.com/code-specialist/fastapi-auth-middleware/pull/1

Full Changelog: https://github.com/code-specialist/fastapi-auth-middleware/commits/1.0.0
Source code(tar.gz)
Source code(zip)

Owner

Code Specialist

Code Quality Blog about simplifying concepts and making life easier for developers

GitHub Repository https://code-specialist.github.io/fastapi-auth-middleware/

A web application using [FastAPI + streamlit + Docker] Neural Style Transfer (NST) refers to a class of software algorithms that manipulate digital images

Neural Style Transfer Web App - [FastAPI + streamlit + Docker] NST - application based on the Perceptual Losses for Real-Time Style Transfer and Super

3 Dec 05, 2022

This repository contains learning resources for Python Fast API Framework and Docker

This repository contains learning resources for Python Fast API Framework and Docker, Build High Performing Apps With Python BootCamp by Lux Academy and Data Science East Africa.

23 Nov 20, 2022

Generate Class & Decorators for your FastAPI project ✨🚀

Classes and Decorators to use FastAPI with class based routing. In particular this allows you to construct an instance of a class and have methods of that instance be route handlers for FastAPI & Pyt

34 Oct 27, 2022

Signalling for FastAPI.

fastapi-signals Signalling for FastAPI.

7 May 04, 2022

🐍 Simple FastAPI template with factory pattern architecture

Description This is a minimalistic and extensible FastAPI template that incorporates factory pattern architecture with divisional folder structure. It

551 Dec 24, 2022

Repository for the Demo of using DVC with PyCaret & MLOps (DVC Office Hours - 20th Jan, 2022)

Using DVC with PyCaret & FastAPI (Demo) This repo contains all the resources for my demo explaining how to use DVC along with other interesting tools

6 Jul 22, 2022

Regex Converter for Flask URL Routes

Flask-Reggie Enable Regex Routes within Flask Installation pip install flask-reggie Configuration To enable regex routes within your application from

48 Mar 07, 2022

Code for my FastAPI tutorial

FastAPI tutorial Code for my video tutorial FastAPI tutorial What is FastAPI? FastAPI is a high-performant REST API framework for Python. It's built o

9 Nov 15, 2022

Fastapi-ml-template - Fastapi ml template with python

FastAPI ML Template Run Web API Local $ sh run.sh # poetry run uvicorn app.mai

29 Nov 20, 2022

High-performance Async REST API, in Python. FastAPI + GINO + Arq + Uvicorn (w/ Redis and PostgreSQL).

fastapi-gino-arq-uvicorn High-performance Async REST API, in Python. FastAPI + GINO + Arq + Uvicorn (powered by Redis & PostgreSQL). Contents Get Star

351 Jan 04, 2023

Fastapi-auth-middleware - Lightweight auth middleware for FastAPI that just works. Fits most auth workflows with only a few lines of code

FastAPI Auth Middleware We at Code Specialist love FastAPI for its simplicity an

27 Oct 16, 2022

This is an API developed in python with the FastApi framework and putting into practice the recommendations of the book Clean Architecture in Python by Leonardo Giordani,

0 Sep 24, 2022

Fastapi-auth-middleware - Lightweight auth middleware for FastAPI that just works. Fits most auth workflows with only a few lines of code

Related tags

Overview

FastAPI Auth Middleware

Install

Why FastAPI Auth Middlware?

Usage

Examples

Comments

tests multiple python versions in test pipeline

proper error handling in authentication middleware

OAuth2Middleware with automatic renewal added

TODO before merging:

Integrate with fastapi openapi authentication

Protected and Unprotected Endpoints

Releases(1.0.2)

1.0.2(Apr 7, 2022)

1.0.1(Mar 24, 2022)

What's Changed

1.0.0(Mar 15, 2022)

What's Changed

New Contributors

Owner

Code Specialist

A web application using [FastAPI + streamlit + Docker] Neural Style Transfer (NST) refers to a class of software algorithms that manipulate digital images

This repository contains learning resources for Python Fast API Framework and Docker

Generate Class & Decorators for your FastAPI project ✨🚀

Signalling for FastAPI.

🐍 Simple FastAPI template with factory pattern architecture

Repository for the Demo of using DVC with PyCaret & MLOps (DVC Office Hours - 20th Jan, 2022)

Regex Converter for Flask URL Routes

Code for my FastAPI tutorial

Fastapi-ml-template - Fastapi ml template with python

High-performance Async REST API, in Python. FastAPI + GINO + Arq + Uvicorn (w/ Redis and PostgreSQL).

Fastapi-auth-middleware - Lightweight auth middleware for FastAPI that just works. Fits most auth workflows with only a few lines of code

This is an API developed in python with the FastApi framework and putting into practice the recommendations of the book Clean Architecture in Python by Leonardo Giordani,

LuSyringe is a documentation injection tool for your classes when using Fast API

An alternative implement of Imjad API | Imjad API 的开源替代

FastAPI CRUD template using Deta Base

flask extension for integration with the awesome pydantic package

Pagination support for flask

A rate limiter for Starlette and FastAPI

🚀 Cookiecutter Template for FastAPI + React Projects. Using PostgreSQL, SQLAlchemy, and Docker

Sample project showing reliable data ingestion application using FastAPI and dramatiq