Authx

Ready-to-use and customizable Authentications and Oauth2 management for FastAPI ⚡

---

Project	Status
CI
Meta

---

Source Code: https://github.com/yezz123/authx

Documentation: https://authx.yezz.me/

---

Add a Fully registration and authentication or authorization system to your FastAPI project. AuthX is designed to be as customizable and adaptable as possible.

Features

• Support Python 3.8+ & Pydantic 1.7+.
• Multiple customizable authentication backend:
  • JWT authentication backend included
    • JWT encoding/decoding for application authentication
    • Automatic detection of JWTs in requests:
      • JWTs in headers
      • JWTs in cookies
      • JWTs in query parameters
      • JWTs in request bodies
  • Cookie authentication backend included
• Middleware for authentication and authorization through JWT.
• Extensible Error Handling System.

Extra Features

AuthX is designed to be as customizable and adaptable as possible.

So you need to install authx-extra to get extra features.

• Using Redis as a session store & cache.
• Support HTTPCache.
• Support Sessions and Pre-built CRUD functions and Instance to launch Redis.
• Support Middleware of pyinstrument to check your service performance.
• Support Middleware for collecting and exposing Prometheus metrics.

Note: Check Release Notes.

Project using

Here is a simple way to kickstart your project with AuthX:

from fastapi import FastAPI, Depends, HTTPException
from authx import AuthX, AuthXConfig, RequestToken

app = FastAPI()

config = AuthXConfig(
     JWT_ALGORITHM = "HS256",
     JWT_SECRET_KEY = "SECRET_KEY",
     JWT_TOKEN_LOCATION = ["headers"],
)

auth = AuthX(config=config)
auth.handle_errors(app)

@app.get('/login')
def login(username: str, password: str):
     if username == "xyz" and password == "xyz":
          token = auth.create_access_token(uid=username)
          return {"access_token": token}
     raise HTTPException(401, detail={"message": "Invalid credentials"})

@app.get("/protected", dependencies=[Depends(auth.get_token_from_request)])
def get_protected(token: RequestToken = Depends()):
     try:
          auth.verify_token(token=token)
          return {"message": "Hello world !"}
     except Exception as e:
          raise HTTPException(401, detail={"message": str(e)}) from e

Contributors and sponsors

Thanks goes to these wonderful people (emoji key):

Yasser Tahiri 💻 📖 🚧 🚇	Abderrahim SOUBAI-ELIDRISI 👀 📖	Ismail Ghallou 💻 🛡️	MojixCoder 💻 🐛	Stéphane Raimbault 💻 🔌	theoohoho 📖	Yogesh Upadhyay 🐛
Roman 🐛	Alvaro Lopez Ortega 📖	Devy Santo 🚇	pg365 🚇	Jorrit 📦	Callam 💻	Maxim 💻

This project follows the all-contributors specification. Contributions of any kind welcome!

License

This project is licensed under the terms of the MIT License.