Skip to content

Create a centralized Authentication and Authorization token server. Easily secure FastAPI endpoints based on Users, Groups, Roles or Permissions with very little database usage.

License

Notifications You must be signed in to change notification settings

codemation/easyauth

Repository files navigation



Create a centralized Authentication and Authorization token server. Easily secure FastAPI endpoints based on Users, Groups, Roles or Permissions to minimize database access requirements of Auth.

Documentation Status PyPI version

Documentation

https://easyauth.readthedocs.io/en/latest/

Key Features

  • Centralized Auth - Single location for Users & Permissions to share across apps
  • Granular Endpoint Security - Verify user identity, and define explicitly who and what each user or groups of users may access
  • Admin GUI - easy management of users, permissions, tokens, oauth and more!
  • Advanced JWT - Token Based Client authorization with built in invalidation capabilities
  • Google Oauth - Easy to configure google login
  • Integrated Login & Cookie Management - Users are not just authenticated and authorized, they are re-directed on token expiration to login pages via cookie system and sent back to last location afterwards

Quick Start

$ virtualenv -p <python3.X> easy-auth-env
$ source easy-auth-env/bin/activate

(easy-auth) $ pip install easy-auth[server]

(easy-auth) $ pip install easy-auth[client] # without db

Basic Server

Configure require env variables via a .json

$ cat > server_env.json <<EOF
{
    "DB_TYPE": "sqlite",
    "DB_NAME": "auth",
    "ISSUER": "EasyAuth",
    "SUBJECT": "EasyAuthAuth",
    "AUDIENCE": "EasyAuthApis",
    "KEY_PATH": "/my_key-location",
    "KEY_NAME": "test_key"
}
EOF
#test_server.py
from fastapi import FastAPI

from easyauth.server import EasyAuthServer

server = FastAPI()

server.auth = EasyAuthServer.create(
    server,
    '/auth/token',
    auth_secret='abcd1234',
    admin_title='EasyAuth - Company',
    admin_prefix='/admin',
    env_from_file='server_env.json'
)

Start Sever

uvicorn --host 0.0.0.0 --port 8330 test_server:server

Basic Client

#test_client.py
from fastapi import FastAPI

from easyauth.client import EasyAuthClient
from easyauth import get_user

server = FastAPI()

server.auth = EasyAuthClient.create(
    server,
    token_server='0.0.0.0',
    token_server_port=8090,
    auth_secret='abcd1234',
    default_permissions={'groups': ['users']}
)

# grants access to users matching default_permissions
@server.auth.get('/default')
async def default():
    return f"I am default"

# grants access to only specified users
@server.auth.get('/', users=['jane'])
async def root():
    return f"I am root"

# grants access to members of 'users' or 'admins' group.
@server.auth.get('/groups', groups=['users', 'admins'])
async def groups(user: str = get_user()):
    return f"{user} is in groups"

# grants access to all members of 'users' group
# or a groups with role of 'basic' or advanced
@server.auth.get('/roles', roles=['basic', 'advanced'], groups=['users'])
async def roles():
    return f"Roles and Groups"

# grants access to all members of groups with a roles granting 'BASIC_CREATE'
@server.auth.get('/actions', actions=['BASIC_CREATE'])
async def action():
    return f"I am actions"

Server

See 0.0.0.0:8330/docs

GUI

Client