Create a centralized Authentication and Authorization token server. Easily secure FastAPI endpoints based on Users, Groups, Roles or Permissions to minimize database access requirements of Auth.
https://easyauth.readthedocs.io/en/latest/
- Centralized Auth - Single location for Users & Permissions to share across apps
- Granular Endpoint Security - Verify user identity, and define explicitly who and what each user or groups of users may access
- Admin GUI - easy management of users, permissions, tokens, oauth and more!
- Advanced JWT - Token Based Client authorization with built in invalidation capabilities
- Google Oauth - Easy to configure google login
- Integrated Login & Cookie Management - Users are not just authenticated and authorized, they are re-directed on token expiration to login pages via cookie system and sent back to last location afterwards
$ virtualenv -p <python3.X> easy-auth-env $ source easy-auth-env/bin/activate (easy-auth) $ pip install easy-auth[server] (easy-auth) $ pip install easy-auth[client] # without db Configure require env variables via a .json
$ cat > server_env.json <<EOF { "DB_TYPE": "sqlite", "DB_NAME": "auth", "ISSUER": "EasyAuth", "SUBJECT": "EasyAuthAuth", "AUDIENCE": "EasyAuthApis", "KEY_PATH": "/my_key-location", "KEY_NAME": "test_key" } EOF#test_server.py from fastapi import FastAPI from easyauth.server import EasyAuthServer server = FastAPI() server.auth = EasyAuthServer.create( server, '/auth/token', auth_secret='abcd1234', admin_title='EasyAuth - Company', admin_prefix='/admin', env_from_file='server_env.json' )Start Sever
uvicorn --host 0.0.0.0 --port 8330 test_server:server#test_client.py from fastapi import FastAPI from easyauth.client import EasyAuthClient from easyauth import get_user server = FastAPI() server.auth = EasyAuthClient.create( server, token_server='0.0.0.0', token_server_port=8090, auth_secret='abcd1234', default_permissions={'groups': ['users']} ) # grants access to users matching default_permissions @server.auth.get('/default') async def default(): return f"I am default" # grants access to only specified users @server.auth.get('/', users=['jane']) async def root(): return f"I am root" # grants access to members of 'users' or 'admins' group. @server.auth.get('/groups', groups=['users', 'admins']) async def groups(user: str = get_user()): return f"{user} is in groups" # grants access to all members of 'users' group # or a groups with role of 'basic' or advanced @server.auth.get('/roles', roles=['basic', 'advanced'], groups=['users']) async def roles(): return f"Roles and Groups" # grants access to all members of groups with a roles granting 'BASIC_CREATE' @server.auth.get('/actions', actions=['BASIC_CREATE']) async def action(): return f"I am actions"
