Create a centralized Authentication and Authorization token server. Easily secure FastAPI endpoints based on Users, Groups, Roles or Permissions to minimize database access requirements of Auth.
https://easyauth.readthedocs.io/en/latest/
- Centralized Auth - Single location for Users & Permissions to share across apps
- Granular Endpoint Security - Verify user identity, and define explicitly who and what each user or groups of users may access
- Admin GUI - easy management of users, permissions, tokens, oauth and more!
- Advanced JWT - Token Based Client authorization with built in invalidation capabilities
- Google Oauth - Easy to configure google login
- Integrated Login & Cookie Management - Users are not just authenticated and authorized, they are re-directed on token expiration to login pages via cookie system and sent back to last location afterwards
$ virtualenv -p <python3.X> easy-auth-env $ source easy-auth-env/bin/activate (easy-auth) $ pip install easy-auth[server] (easy-auth) $ pip install easy-auth[client] # without dbConfigure require env variables via a .json
$ cat > server_env.json <<EOF{ "DB_TYPE": "sqlite", "DB_NAME": "auth", "ISSUER": "EasyAuth", "SUBJECT": "EasyAuthAuth", "AUDIENCE": "EasyAuthApis", "KEY_PATH": "/my_key-location", "KEY_NAME": "test_key"}EOF#test_server.pyfromfastapiimportFastAPIfromeasyauth.serverimportEasyAuthServerserver=FastAPI() @server.on_event('startup')asyncdefstartup(): server.auth=awaitEasyAuthServer.create( server, '/auth/token', auth_secret='abcd1234', admin_title='EasyAuth - Company', admin_prefix='/admin', env_from_file='server_env.json' )Start Sever
uvicorn --host 0.0.0.0 --port 8330 test_server:server#test_client.pyfromfastapiimportFastAPIfromeasyauth.clientimportEasyAuthClientserver=FastAPI() @server.on_event('startup')asyncdefstartup(): server.auth=awaitEasyAuthClient.create( server, token_server='0.0.0.0', token_server_port=8090, auth_secret='abcd1234', default_permissions={'groups': ['users']} ) # grants access to users matching default_permissions@server.auth.get('/default')asyncdefdefault(): returnf"I am default"# grants access to only specified users@server.auth.get('/', users=['jane'])asyncdefroot(): returnf"I am root"# grants access to members of 'users' or 'admins' group.@server.auth.get('/groups', groups=['users', 'admins'])asyncdefgroups(): returnf"I am groups"# grants access to all members of 'users' group# or a groups with role of 'basic' or advanced@server.auth.get('/roles', roles=['basic', 'advanced'], groups=['users'])asyncdefroles(): returnf"Roles and Groups"# grants access to all members of groups with a roles granting 'BASIC_CREATE'@server.auth.get('/actions', actions=['BASIC_CREATE'])asyncdefaction(): returnf"I am actions"
