FastAPI native extension, easy and simple JWT auth
Documentation: k4black.github.io/fastapi-jwt
Source Code: github.com/k4black/fastapi-jwt
- OpenAPI schema generation
- Native integration with FastAPI
- Access/Refresh JWT
- JTI
- Cookie setting
You can access package fastapi-jwt in pypi
pip install fastapi-jwt[authlib]
# or
pip install fastapi-jwt[python_jose]
The fastapi-jwt will choose the backend automatically if library is installed with the following priority:
- authlib
- python_jose (deprecated)
This library made in fastapi style, so it can be used as standard security features
from fastapi import FastAPI, Security, Response
from fastapi_jwt import JwtAuthorizationCredentials, JwtAccessBearer
app = FastAPI()
access_security = JwtAccessBearer(secret_key="secret_key", auto_error=True)
@app.post("/auth")
def auth():
subject = {"username": "username", "role": "user"}
return {"access_token": access_security.create_access_token(subject=subject)}
@app.post("/auth_cookie")
def auth(response: Response):
subject = {"username": "username", "role": "user"}
access_token = access_security.create_access_token(subject=subject)
access_security.set_access_cookie(response, access_token)
return {"access_token": access_token}
@app.get("/users/me")
def read_current_user(
credentials: JwtAuthorizationCredentials = Security(access_security),
):
return {"username": credentials["username"], "role": credentials["role"]}
For more examples see usage docs
-
FastAPI docs suggest writing it manually, but
- code duplication
- opportunity for bugs
-
There is nice fastapi-jwt-auth, but
- poorly supported
- not "FastAPI-style" (not native functions parameters)
There it is open and maintained Pull Request #3305 to the fastapi
repo. Currently, not considered.
fastapi
authlib
orpython-jose[cryptography]
(deprecated)
This project is licensed under the terms of the MIT license.