User Authentication Service
A FastAPI-based user authentication service with JWT token authentication, SQLite database, and full user management capabilities.
Features
- User registration and login
- JWT token-based authentication
- User profile management (read, update)
- Role-based access control (normal users vs. superusers)
- Email and username validation
- Password hashing with bcrypt
- SQLite database with SQLAlchemy ORM
- Database migrations with Alembic
- OpenAPI documentation
Project Structure
├── app/ # Application package
│ ├── api/ # API endpoints
│ │ ├── deps.py # API dependencies
│ │ └── v1/ # API v1 endpoints
│ │ ├── endpoints/ # API endpoint modules
│ │ │ ├── auth.py # Authentication endpoints
│ │ │ └── users.py # User endpoints
│ │ └── api.py # API router
│ ├── core/ # Core modules
│ │ ├── config.py # Application settings
│ │ └── security.py # Security utilities
│ ├── crud/ # CRUD operations
│ │ ├── base.py # Base CRUD class
│ │ └── crud_user.py # User CRUD operations
│ ├── db/ # Database setup
│ │ ├── base.py # Import all models
│ │ ├── base_class.py # Base model class
│ │ └── session.py # Database session
│ ├── models/ # SQLAlchemy models
│ │ └── user.py # User model
│ └── schemas/ # Pydantic schemas
│ ├── token.py # Token schemas
│ └── user.py # User schemas
├── migrations/ # Alembic migrations
│ ├── versions/ # Migration versions
│ ├── env.py # Alembic environment
│ ├── README # Migrations README
│ └── script.py.mako # Migration script template
├── alembic.ini # Alembic configuration
├── main.py # Application entry point
└── requirements.txt # Project dependencies
Requirements
- Python 3.8+
- Dependencies listed in requirements.txt
Installation
- Clone the repository
- Install dependencies:
pip install -r requirements.txt - Set up environment variables (or create a .env file):
SECRET_KEY=your-secret-key ACCESS_TOKEN_EXPIRE_MINUTES=30
Database Setup
The application uses SQLite database. The database file will be created at /app/storage/db/db.sqlite.
Initialize the database with Alembic:
alembic upgrade head
Running the Application
Start the application with Uvicorn:
uvicorn main:app --host 0.0.0.0 --port 8000 --reload
API Documentation
Once the application is running, you can access:
- Swagger UI: http://localhost:8000/docs
- ReDoc: http://localhost:8000/redoc
- OpenAPI JSON: http://localhost:8000/openapi.json
API Endpoints
Authentication
POST /api/v1/auth/register- Register a new userPOST /api/v1/auth/login- Login and get access token
User Management
GET /api/v1/users/me- Get current userPUT /api/v1/users/me- Update current userGET /api/v1/users/{user_id}- Get user by ID (current user or superuser only)GET /api/v1/users/- List users (superuser only)
Health Check
GET /health- Check application health
Environment Variables
| Variable | Description | Default |
|---|---|---|
| SECRET_KEY | JWT secret key | "YOUR_SECRET_KEY_CHANGE_THIS" |
| ACCESS_TOKEN_EXPIRE_MINUTES | Token expiration in minutes | 30 |
| ALGORITHM | JWT algorithm | "HS256" |
| EMAILS_ENABLED | Enable email features | False |
| EMAILS_FROM_NAME | Sender name for emails | "User Authentication Service" |
| EMAILS_FROM_EMAIL | Sender email | "info@example.com" |
| SMTP_HOST | SMTP host | "" |
| SMTP_PORT | SMTP port | 587 |
| SMTP_USER | SMTP user | "" |
| SMTP_PASSWORD | SMTP password | "" |
Security Considerations
- In production, change the default SECRET_KEY
- Use HTTPS in production
- Consider rate limiting for login endpoints
- Implement additional security measures as needed