Implementing JWT Authentication in FastAPI

JSON Web Tokens (JWT) provide a robust and compact way of securing your FastAPI applications.

JWTs are widely used for securely transmitting information between parties as a JSON object. In this guide, we'll walk you through implementing JWT authentication in FastAPI, a modern, fast (high-performance), web framework for building APIs with Python 3.6+.

What is JWT?

JWT (JSON Web Token) is an open standard (RFC 7519) that defines a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that can be digitally signed using a secret or a public/private key pair.

Steps to Implement JWT Authentication

1. Setup FastAPI

   Start by creating a new directory for your FastAPI project and set up a virtual environment:

   mkdir fastapi-jwt
   cd fastapi-jwt
   python3 -m venv env
   source env/bin/activate
   

   Next, install FastAPI and a server like Uvicorn:

   pip install fastapi uvicorn
   

2. Install PyJWT

   We'll need a library to encode and decode JWT tokens. PyJWT is a popular choice:

   pip install PyJWT
   

3. Create a main.py File

   Inside your project directory, create a main.py file and import the required modules:

   from fastapi import FastAPI, HTTPException, Depends
   from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
   import jwt
   from datetime import datetime, timedelta
   
   SECRET_KEY = "your-secret-key"
   ALGORITHM = "HS256"
   

4. Setup OAuth2PasswordBearer

   OAuth2PasswordBearer is a class that manages OAuth2 authentication. Initialize it with a token URL:

   oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
   

5. Create User Authentication Logic

   Define a function that verifies the username and password and returns a JWT token upon successful authentication:

   def authenticate_user(username: str, password: str):
       user_dict = {"username": "user", "password": "pass"}
       if username != user_dict["username"] or password != user_dict["password"]:
           return False
       return True
   
   def create_access_token(data: dict, expires_delta: timedelta = timedelta(minutes=30)):
       to_encode = data.copy()
       expire = datetime.utcnow() + expires_delta
       to_encode.update({"exp": expire})
       encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM)
       return encoded_jwt
   

6. Generate and Return JWT Token

   Create an endpoint that validates user credentials and generates a JWT:

   app = FastAPI()
   
   @app.post("/token")
   async def login(form_data: OAuth2PasswordRequestForm = Depends()):
       if not authenticate_user(form_data.username, form_data.password):
           raise HTTPException(status_code=400, detail="Incorrect username or password")
       access_token_expires = timedelta(minutes=30)
       access_token = create_access_token(data={"sub": form_data.username}, expires_delta=access_token_expires)
       return {"access_token": access_token, "token_type": "bearer"}
   

7. Securing an Endpoint with JWT

   You can secure your endpoints by adding a dependency on the token verification:

   def verify_token(token: str = Depends(oauth2_scheme)):
       try:
           payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM])
           username: str = payload.get("sub")
           if username is None:
               raise HTTPException(status_code=401, detail="Invalid token")
       except jwt.PyJWTError:
           raise HTTPException(status_code=401, detail="Invalid token")
       return username
   
   @app.get("/secure-data")
   async def read_secure_data(current_user: str = Depends(verify_token)):
       return {"data": "Secure data accessible to authenticated users"}
   

Conclusion

By following these steps, you have set up a basic JWT authentication system in FastAPI. JWT allows your application to securely verify the user's identity and access secured endpoints.

Further Reading

To explore more about FastAPI and how it can work with different data and models, check out these resources:

• Resizing Images in FastAPI:
  Learn how to efficiently handle image processing in FastAPI applications.

• FastAPI Field Retrieval:
  Discover techniques for retrieving list fields using FastAPI.

• FastAPI Python:
  Explore how to pass an array of strings to FastAPI and utilize Python's dynamic capabilities.

• FastAPI MongoDB Bulk Insert:
  Dive into integrating FastAPI with MongoDB for efficient bulk inserting operations.

• FastAPI Base Model:
  Understand how to create and manage base models in FastAPI for structured data handling.

This article provides a comprehensive overview of implementing JWT authentication in FastAPI while maximizing SEO through keyword-rich content and internal linking to specify related topics.