91405a6195
- Setup project structure and dependencies - Create SQLite database with SQLAlchemy models - Initialize Alembic for database migrations - Implement JWT-based authentication utilities - Create API endpoints for signup, login, and logout - Add health check endpoint - Implement authentication middleware for protected routes - Update README with setup and usage instructions - Add linting with Ruff
115 lines
3.6 KiB
Markdown
115 lines
3.6 KiB
Markdown
# Authentication Service
|
|
|
|
A simple authentication service built with FastAPI and SQLite, providing JWT-based authentication for user signup, login, and logout functionality.
|
|
|
|
## Features
|
|
|
|
- User registration (signup)
|
|
- User authentication (login)
|
|
- User logout
|
|
- JWT-based authentication
|
|
- Protected routes
|
|
- Health check endpoint
|
|
- SQLite database with SQLAlchemy ORM
|
|
- Database migrations with Alembic
|
|
|
|
## Project Structure
|
|
|
|
```
|
|
.
|
|
├── alembic.ini # Alembic configuration
|
|
├── app # Application package
|
|
│ ├── api # API endpoints
|
|
│ │ └── endpoints.py # Auth endpoints
|
|
│ ├── core # Core modules
|
|
│ │ ├── auth.py # Auth utilities
|
|
│ │ ├── config.py # App configuration
|
|
│ │ └── security.py # Security utilities
|
|
│ ├── db # Database
|
|
│ │ ├── base.py # Base DB imports
|
|
│ │ └── session.py # DB session
|
|
│ ├── middleware # Middleware
|
|
│ │ └── auth.py # JWT middleware
|
|
│ ├── models # Database models
|
|
│ │ └── user.py # User model
|
|
│ └── schemas # Pydantic schemas
|
|
│ ├── token.py # Token schemas
|
|
│ └── user.py # User schemas
|
|
├── init_db.py # DB initialization script
|
|
├── main.py # Application entry point
|
|
├── migrations # Alembic migrations
|
|
│ ├── env.py # Migration env
|
|
│ ├── script.py.mako # Migration template
|
|
│ └── versions # Migration scripts
|
|
│ └── 001_create_users_table.py
|
|
└── requirements.txt # Project dependencies
|
|
```
|
|
|
|
## Installation
|
|
|
|
1. Clone the repository
|
|
2. Install dependencies:
|
|
|
|
```bash
|
|
pip install -r requirements.txt
|
|
```
|
|
|
|
3. Initialize the database:
|
|
|
|
```bash
|
|
python init_db.py
|
|
```
|
|
|
|
## Running the Application
|
|
|
|
```bash
|
|
uvicorn main:app --reload
|
|
```
|
|
|
|
The application will be available at http://localhost:8000
|
|
|
|
## API Documentation
|
|
|
|
Once the application is running, you can access:
|
|
|
|
- Swagger UI: http://localhost:8000/docs
|
|
- ReDoc: http://localhost:8000/redoc
|
|
|
|
## API Endpoints
|
|
|
|
### Authentication
|
|
|
|
- `POST /api/v1/auth/signup` - Create a new user
|
|
- `POST /api/v1/auth/login` - Login and get access token
|
|
- `POST /api/v1/auth/logout` - Logout (client-side token invalidation)
|
|
|
|
### User
|
|
|
|
- `GET /api/v1/users/me` - Get current user information (protected)
|
|
|
|
### Health Check
|
|
|
|
- `GET /health` - Check application health and database connectivity
|
|
|
|
## Authentication Flow
|
|
|
|
1. **Signup**: Send a POST request to `/api/v1/auth/signup` with user information
|
|
2. **Login**: Send a POST request to `/api/v1/auth/login` to get an access token
|
|
3. **Authenticated Requests**: Include the token in the Authorization header as `Bearer <token>`
|
|
4. **Logout**: Client should remove the token from storage
|
|
|
|
## Security
|
|
|
|
- Passwords are hashed using Bcrypt
|
|
- JWT tokens are used for authentication
|
|
- Token expiration is configurable in settings
|
|
- Protected routes are secured with OAuth2PasswordBearer dependency
|
|
|
|
## Configuration
|
|
|
|
Configuration is handled through environment variables and the `app/core/config.py` file.
|
|
|
|
Important settings:
|
|
- `SECRET_KEY`: Used for JWT token signing (change in production)
|
|
- `ACCESS_TOKEN_EXPIRE_MINUTES`: Token expiration time
|
|
- `SQLALCHEMY_DATABASE_URL`: Database connection string |