Skip to content

fastkit-org/fastkit-auth

Repository files navigation

🔐 FastKit Auth

Authentication package for FastKit / FastAPI applications

PyPI version Python 3.12+ License: MIT


What is FastKit Auth?

FastKit Auth is part of the FastKit ecosystem. It provides ready-to-use authentication building blocks for FastAPI applications built on top of fastkit-core.

⚠️ Early release. The API may change before 1.0. Not recommended for production yet.


Features

  • JWT Authentication — Access + refresh token flow
  • User Registration — With email verification via OTP token
  • Password Reset — Token-based reset flow via email
  • Profile Management — Get and update authenticated user profile
  • Password Hashing — Bcrypt via passlib
  • Auth Dependenciesget_current_user, get_current_verified_user, get_current_superuser
  • Email Sending — Integrated with mailbridge

Roadmap

  • 2FA (TOTP + Backup codes)
  • RBAC (Roles + Permissions)
  • Decorators (@require_permission, @require_role)
  • Audit Logging
  • Rate Limiting + Account Locking

Requirements

  • Python 3.12+
  • PostgreSQL
  • fastkit-core >= 0.4.0
  • mailbridge >= 2.0.0

Installation

pip install fastkit-auth

Configuration

FastKit Auth reads configuration through fastkit-core's ConfigManager. You need app and auth config modules in your project.

config/auth.py (example):

JWT_ALGORITHM = "HS256"
JWT_TOKEN_SECRET = "your-secret"
JWT_LIFETIME_SECONDS = 3600
JWT_REFRESH_SECRET_KEY = "your-refresh-secret"
JWT_REFRESH_LIFETIME_SECONDS = 604800
PASSWORD_ENCRYPTION_SCHEMES = ["bcrypt"]

config/app.py (example):

MAIL_PROVIDER = "smtp"
MAIL_API_KEY = ""
MAIL_ENDPOINT = "smtp://localhost:1025"
MAIL_FROM = "noreply@example.com"

Quick Start

from fastapi import FastAPI
from fastkit_auth.authentication.router import router as auth_router
from fastkit_auth.users.router import registration_router, profile_router
from fastkit_core.database import init_async_database
from fastkit_core.config import ConfigManager
from fastkit_core.http.exception_handlers import register_exception_handlers

configuration = ConfigManager(modules=['app', 'database', 'auth'])
init_async_database(configuration)

app = FastAPI()
register_exception_handlers(app=app)

app.include_router(auth_router)
app.include_router(registration_router)
app.include_router(profile_router)

Endpoints

Method Path Description
POST /registration Register a new user
PUT /verify-email?token= Verify email with OTP token
POST /auth/login Login, returns JWT tokens
POST /auth/reset-password Request password reset email
POST /auth/update-password Set new password using reset token
GET /profile Get authenticated user profile
PUT /profile Update authenticated user profile

Auth Dependencies

Use these in your route dependencies:

from fastkit_auth.authentication.dependencies import (
    get_current_user,
    get_current_verified_user,
    get_current_superuser,
)
@router.get("/me")
async def me(user = Depends(get_current_user)):
    return user

@router.get("/admin")
async def admin_only(user = Depends(get_current_superuser)):
    ...

User Model

from fastkit_auth.users.models import User
Field Type Description
id UUID Primary key
first_name str
last_name str
email str Unique
hashed_password str Bcrypt
is_active bool Activated after email verification
is_verified bool Email verified
is_superuser bool Superuser flag
email_verified_at datetime Timestamp of verification

Links

About

FastKit Authentication & authorization module (JWT, OAuth2, permissions)

Resources

Stars

0 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors