91405a6195
- Setup project structure and dependencies - Create SQLite database with SQLAlchemy models - Initialize Alembic for database migrations - Implement JWT-based authentication utilities - Create API endpoints for signup, login, and logout - Add health check endpoint - Implement authentication middleware for protected routes - Update README with setup and usage instructions - Add linting with Ruff
Authentication Service
A simple authentication service built with FastAPI and SQLite, providing JWT-based authentication for user signup, login, and logout functionality.
Features
- User registration (signup)
- User authentication (login)
- User logout
- JWT-based authentication
- Protected routes
- Health check endpoint
- SQLite database with SQLAlchemy ORM
- Database migrations with Alembic
Project Structure
.
├── alembic.ini # Alembic configuration
├── app # Application package
│ ├── api # API endpoints
│ │ └── endpoints.py # Auth endpoints
│ ├── core # Core modules
│ │ ├── auth.py # Auth utilities
│ │ ├── config.py # App configuration
│ │ └── security.py # Security utilities
│ ├── db # Database
│ │ ├── base.py # Base DB imports
│ │ └── session.py # DB session
│ ├── middleware # Middleware
│ │ └── auth.py # JWT middleware
│ ├── models # Database models
│ │ └── user.py # User model
│ └── schemas # Pydantic schemas
│ ├── token.py # Token schemas
│ └── user.py # User schemas
├── init_db.py # DB initialization script
├── main.py # Application entry point
├── migrations # Alembic migrations
│ ├── env.py # Migration env
│ ├── script.py.mako # Migration template
│ └── versions # Migration scripts
│ └── 001_create_users_table.py
└── requirements.txt # Project dependencies
Installation
- Clone the repository
- Install dependencies:
pip install -r requirements.txt
- Initialize the database:
python init_db.py
Running the Application
uvicorn main:app --reload
The application will be available at http://localhost:8000
API Documentation
Once the application is running, you can access:
- Swagger UI: http://localhost:8000/docs
- ReDoc: http://localhost:8000/redoc
API Endpoints
Authentication
POST /api/v1/auth/signup- Create a new userPOST /api/v1/auth/login- Login and get access tokenPOST /api/v1/auth/logout- Logout (client-side token invalidation)
User
GET /api/v1/users/me- Get current user information (protected)
Health Check
GET /health- Check application health and database connectivity
Authentication Flow
- Signup: Send a POST request to
/api/v1/auth/signupwith user information - Login: Send a POST request to
/api/v1/auth/loginto get an access token - Authenticated Requests: Include the token in the Authorization header as
Bearer <token> - Logout: Client should remove the token from storage
Security
- Passwords are hashed using Bcrypt
- JWT tokens are used for authentication
- Token expiration is configurable in settings
- Protected routes are secured with OAuth2PasswordBearer dependency
Configuration
Configuration is handled through environment variables and the app/core/config.py file.
Important settings:
SECRET_KEY: Used for JWT token signing (change in production)ACCESS_TOKEN_EXPIRE_MINUTES: Token expiration timeSQLALCHEMY_DATABASE_URL: Database connection string