Skip to content

Authx

AuthX

Ready-to-use and customizable Authentications and Oauth2 management for FastAPI ⚡

lint pre-commit.ci status Package version Total Downloads Pydantic Version 2 Ruff


Source Code: https://github.com/yezz123/authx

Documentation: https://authx.yezz.me/


Add a Fully registration and authentication or authorization system to your FastAPI project. AuthX is designed to be as customizable and adaptable as possible.

Installation

$ pip install authx

---> 100%

Features

  • Support Python 3.8+ & Pydantic 2.0+.
  • Multiple customizable authentication backend:
  • JWT authentication backend included
    • JWT encoding/decoding for application authentication
    • Automatic detection of JWTs in requests:
    • JWTs in headers
    • JWTs in cookies
    • JWTs in query parameters
    • JWTs in request bodies
  • Cookie authentication backend included
  • Middleware for authentication and authorization through JWT.
  • Extensible Error Handling System.

Extra Features

Notes

AuthX is designed to be as customizable and adaptable as possible.

So you need to install authx-extra to get extra features.

  • Using Redis as a session store & cache.
  • Support HTTPCache.
  • Support Sessions and Pre-built CRUD functions and Instance to launch Redis.
  • Support Middleware of pyinstrument to check your service performance.
  • Support Middleware for collecting and exposing Prometheus metrics.

Note: Check Release Notes.

Project using

Here is a simple way to kickstart your project with AuthX:

from fastapi import FastAPI, Depends, HTTPException
from authx import AuthX, AuthXConfig, RequestToken

app = FastAPI()

config = AuthXConfig(
     JWT_ALGORITHM = "HS256",
     JWT_SECRET_KEY = "SECRET_KEY",
     JWT_TOKEN_LOCATION = ["headers"],
)

auth = AuthX(config=config)
auth.handle_errors(app)

@app.get('/login')
def login(username: str, password: str):
     if username == "xyz" and password == "xyz":
          token = auth.create_access_token(uid=username)
          return {"access_token": token}
     raise HTTPException(401, detail={"message": "Invalid credentials"})

@app.get("/protected", dependencies=[Depends(auth.get_token_from_request)])
def get_protected(token: RequestToken = Depends()):
     try:
          auth.verify_token(token=token)
          return {"message": "Hello world !"}
     except Exception as e:
          raise HTTPException(401, detail={"message": str(e)}) from e