backend.im/userauthenticationservice-altocj
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

User Authentication Service

A FastAPI-based user authentication service with JWT token authentication, user management, and token refresh functionality.

Features

  • User registration and login
  • JWT token-based authentication
  • Token refresh mechanism
  • User profile management
  • Admin user management
  • SQLite database with Alembic migrations

Technology Stack

  • Framework: FastAPI
  • Database: SQLite with SQLAlchemy ORM
  • Migrations: Alembic
  • Authentication: JWT (JSON Web Tokens)
  • Password Hashing: Bcrypt
  • Dependency Management: pip

Getting Started

Prerequisites

  • Python 3.8+
  • pip (Python package manager)

Installation

  1. Clone the repository:

    git clone <repository-url>
cd userauthenticationservice-altocj

  2. Install dependencies:

    pip install -r requirements.txt

  3. Run database migrations:

    alembic upgrade head

  4. Start the development server:

    uvicorn main:app --reload

The API will be available at http://localhost:8000. API documentation is available at http://localhost:8000/docs or http://localhost:8000/redoc.

Project Structure

app/
├── api/
│   └── v1/
│       ├── endpoints/
│       │   ├── auth.py        # Authentication routes
│       │   └── users.py       # User management routes
│       └── router.py          # API router configuration
├── core/
│   ├── config.py              # Application configuration
│   ├── database.py            # Database connection setup
│   ├── dependencies.py        # Dependency injection
│   └── security.py            # Authentication utilities
├── models/
│   ├── token.py               # Token database model
│   └── user.py                # User database model
├── schemas/
│   ├── message.py             # Response message schemas
│   ├── token.py               # Token validation schemas
│   └── user.py                # User validation schemas
├── services/
│   ├── token.py               # Token service functions
│   └── user.py                # User service functions
└── utils/                     # Utility functions
migrations/                    # Alembic migration files
main.py                        # Application entry point
requirements.txt               # Project dependencies

Authentication Flow

Registration

  1. Client sends a POST request to /api/v1/auth/register with email, username, and password
  2. Server validates the request data
  3. If the user doesn't already exist, it creates a new user with a hashed password
  4. Server returns an access token and a refresh token

Login

  1. Client sends a POST request to /api/v1/auth/login with username/email and password
  2. Server authenticates the user
  3. If successful, server returns an access token and a refresh token

Authentication

  1. Client includes the access token in the Authorization header for protected endpoints:

    Authorization: Bearer {access_token}

  2. Server validates the token and identifies the user

Token Refresh

  1. When the access token expires, client sends a POST request to /api/v1/auth/refresh with the refresh token
  2. Server validates the refresh token and issues a new access token and refresh token
  3. The old refresh token is revoked

Logout

  1. Client sends a POST request to /api/v1/auth/logout with the refresh token
  2. Server revokes the refresh token, invalidating the session

Logout All Sessions

  1. Client sends a POST request to /api/v1/auth/logout-all with a valid access token
  2. Server revokes all refresh tokens for the user, invalidating all sessions

API Endpoints

Authentication

  • POST /api/v1/auth/register - Register a new user
  • POST /api/v1/auth/login - Login with username/email and password
  • POST /api/v1/auth/refresh - Refresh access token
  • POST /api/v1/auth/logout - Logout (revoke refresh token)
  • POST /api/v1/auth/logout-all - Logout from all devices

User Management

  • GET /api/v1/users/me - Get current user profile
  • PUT /api/v1/users/me - Update current user profile
  • GET /api/v1/users - Get all users (admin only)
  • POST /api/v1/users - Create a new user (admin only)
  • GET /api/v1/users/{user_id} - Get user by ID (admin or self)
  • PUT /api/v1/users/{user_id} - Update user by ID (admin only)

Health Check

  • GET /health - Check API health status

Environment Variables

The project uses .env file for configuration. Here's an example:

SECRET_KEY=your-secret-key
ACCESS_TOKEN_EXPIRE_MINUTES=1440  # 24 hours
BACKEND_CORS_ORIGINS=["http://localhost:3000"]

Security Considerations

  • Passwords are hashed using bcrypt
  • JWT tokens are signed with a secret key
  • Refresh tokens are stored in the database and can be revoked
  • Role-based access control for admin functions
Description
Project: User Authentication Service
Readme 57 KiB
Languages
Python 98.2%
Mako 1.8%