backend.im/userauthenticationservice-w0c0be
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
userauthenticationservice-w.../README.md

149 lines
4.1 KiB
Markdown
Raw Permalink Blame History

# User Authentication Service
A FastAPI service that provides user authentication functionality including registration, login, and user management.
## Features
- User registration and login
- JWT-based authentication
- Password hashing with bcrypt
- User profile management
- Role-based access control (superuser capabilities)
- Email verification flags
- SQLite database with SQLAlchemy and Alembic migrations
- Health check endpoint
## Requirements
- Python 3.8+
- FastAPI
- SQLAlchemy
- Alembic
- Uvicorn
- See `requirements.txt` for complete list
## Setup
### 1. Clone the repository
```bash
git clone <repository-url>
cd userauthenticationservice
```
### 2. Set up a virtual environment (optional but recommended)
```bash
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate
```
### 3. Install dependencies
```bash
pip install -r requirements.txt
```
### 4. Set environment variables
Create a `.env` file in the project root with the following content:
```
SECRET_KEY=your-secret-key-here
ACCESS_TOKEN_EXPIRE_MINUTES=10080 # 7 days
```
### 5. Run migrations to create the database
```bash
alembic upgrade head
```
### 6. Start the application
```bash
uvicorn main:app --reload
```
The API will be available at http://localhost:8000
## API Endpoints
### Authentication
- `POST /api/v1/auth/register` - Register a new user
- `POST /api/v1/auth/login` - OAuth2 compatible token login (form)
- `POST /api/v1/auth/login/json` - JSON compatible token login
### Users
- `GET /api/v1/users/me` - Get current user information (requires authentication)
- `PUT /api/v1/users/me` - Update current user information (requires authentication)
- `GET /api/v1/users` - List all users (requires superuser)
- `GET /api/v1/users/{user_id}` - Get user by ID (requires authentication)
- `PUT /api/v1/users/{user_id}` - Update user by ID (requires superuser)
### Health Check
- `GET /health` - Check API health status
## API Documentation
Interactive API documentation is available at:
- Swagger UI: http://localhost:8000/docs
- ReDoc: http://localhost:8000/redoc
## Environment Variables
| Variable | Description | Default |
|----------|-------------|---------|
| SECRET_KEY | JWT secret key | "CHANGE_THIS_TO_A_SECURE_SECRET_IN_PRODUCTION" |
| ALGORITHM | JWT algorithm | "HS256" |
| ACCESS_TOKEN_EXPIRE_MINUTES | Token expiration time in minutes | 10080 (7 days) |
| PROJECT_NAME | Project name | "User Authentication Service" |
## Project Structure
```
.
├── alembic.ini
├── app
│ ├── api
│ │ ├── deps.py # Dependency functions
│ │ ├── endpoints
│ │ │ ├── auth.py # Authentication endpoints
│ │ │ └── users.py # User management endpoints
│ │ └── api.py # API router
│ ├── core
│ │ ├── config.py # App configuration
│ │ ├── database.py # Database setup
│ │ ├── errors.py # Error handling
│ │ ├── health.py # Health check endpoint
│ │ └── security.py # Security utilities
│ ├── crud
│ │ └── user.py # User CRUD operations
│ ├── models
│ │ ├── health.py # Health check model
│ │ └── user.py # User database model
│ └── schemas
│ └── user.py # User Pydantic schemas
├── main.py # Application entry point
├── migrations # Alembic migrations
│ ├── env.py
│ ├── script.py.mako
│ └── versions
│ └── initial_migration.py # Initial database schema
└── requirements.txt # Dependencies
```
## Security Notes
For production deployment:
1. Replace the default SECRET_KEY with a secure random key
2. Consider setting up HTTPS
3. Review the default token expiration time
4. Implement rate limiting for auth endpoints
5. Add more robust logging
6. Consider additional security measures like IP-based blocking
Reference in New Issue View Git Blame Copy Permalink