Code Monkey home page Code Monkey logo

auth0-python-fastapi-sample's Introduction

Auth0 + Python + FastAPI API Seed

This is the seed project you need to use if you're going to create an API using FastAPI in Python and Auth0. If you just want to create a Regular Python WebApp, please check this project

Running the example

In order to run the example you need to have python3 (any version higher than 3.6) and pip3 installed.

Configuration

The configuration you'll need is mostly information from Auth0, you'll need both the tentant domain and the API information.

This app reads its configuration information from a .env file by default.

To create a .env file you can copy the .env.example file and fill the values accordingly:

cp .env.example .env

Alternatively you can use environment variables to define your application's settings (remember to update the values accordingly):

export AUTH0_DOMAIN='your.domain.auth0.com'
export AUTH0_API_AUDIENCE='your.api.audience'
export AUTH0_ISSUER='https://your.domain.auth0.com'
export AUTH0_ALGORITHMS='RS256'

Spin up the server

Once you've set your environment information below you'll find the commands you'll need.

  1. Create and activate a python environment:
python3 -m venv .venv
source .venv/bin/activate
  1. Install the needed dependencies with:
pip install -r requirements.txt
  1. Start the server with the following:
uvicorn application.main:app
  1. Try calling http://localhost:8000/api/public
curl -X 'GET' \
  'http://localhost:8000/api/public' \
  -H 'accept: application/json'

API documentation

Access http://localhost:8000/docs. From there you'll see all endpoints and can test your API

Testing the API

Private endpoint

You can then try to do a GET to http://localhost:8000/api/private which will throw an error if you don't send an access token signed with RS256 with the appropriate issuer and audience in the Authorization header.

curl -X 'GET' \
  'http://localhost:8000/api/private' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer  <FILL YOUR TOKEN HERE>'

Private-Scoped endpoint

You can also try to do a GET to http://localhost:8000/api/private-scoped which will throw an error if you don't send an access token with the scope read:messages signed with RS256 with the appropriate issuer and audience in the Authorization header.

curl -X 'GET' \
  'http://localhost:8000/api/private-scoped' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer  <FILL YOUR TOKEN WITH SCOPES HERE>'

auth0-python-fastapi-sample's People

Contributors

bajcmartinez avatar jtemporal avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.