Skip to content

julleks/aviauth-api

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits

.github

.github

 
 

app

app

 
 

docs

docs

 
 

.flake8

.flake8

 
 

.gitignore

.gitignore

 
 

.pre-commit-config.yaml

.pre-commit-config.yaml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

alembic.ini

alembic.ini

 
 

poetry.lock

poetry.lock

 
 

pyproject.toml

pyproject.toml

 
 

start.sh

start.sh

 
 

Repository files navigation

aviauth-api

Release Version License: GPL v3 CI codecov

Authentication microservice based on FastAPI

Installation guide

Clone the repository

git clone https://github.com/julleks/aviauth-api/

Install pyenv and dependencies (macOS)

brew install openssl readline sqlite3 xz zlib

curl https://pyenv.run | bash

pyenv install 3.10.1

Install poetry

curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python -

source $HOME/.poetry/env
cd aviauth-api

pyenv local 3.10.1

poetry install

peotry shell

Install pre-commit if you are going to make commits to repository

pre-commit install

Set debug to True to disable HTTPSRedirectMiddleware locally:

export DEBUG=True

Run the application

./start.sh

OpenAPI schema is available at:

http://127.0.0.1:8000/latest/docs
http://127.0.0.1:8000/latest/redoc
http://127.0.0.1:8000/latest/openapi.json

List of the environmental variables used in project:

Variable Default value Description
POSTGRES_DB aviauth
POSTGRES_HOST 127.0.0.1
POSTGRES_PORT 5432
POSTGRES_USER
POSTGRES_PASSWORD
DEBUG False If set to True, logs to console SQL queries and disable HTTPSRedirectMiddleware.
SECRET_KEY

Hints & Tips

Commits

This project is following Conventional commits specification and Trunk-based development flow.

Common commit types:

feat: fix: build: chore: ci: docs: style: refactor: perf: test:

Branch name patterns:

master feature/{feature_name} bugfix/{hotfix_name}

Before committing, ensure that you have:

  • installed pre-commit hook (pre-commit install)
  • included all the changes to the CHANGELOG.md under Unreleased section
  • created a branch according to the pattern described above (e.g.: feature/{feature_name})
  • put a correct commit type according to presented above (e.g.: feat: add new feature)
  • put ! after the commit type (e.g.: feat!: and new breaking change) and place BRAKING CHANGE: in the beginning of commit body (optional) if you are introducing breaking changes

Before the release:

  • Set proper release version in the CHANGELOG.md
  • Ensure that CHANGELOG.md content is up-to-date
  • Set the release date in the CHANGELOG.md
  • Update V{current_major}_VERSION parameter in config according to the releasing one or create a new one if BREAKING CHANGES took place
  • Check that LATEST_VERSION is pointing to the correct major version parameter in config
  • After master branch is up-to-date, create a release on GitHub including the latest release notes

###Alembic

Initialize Alembic:

alembic init -t async migrations

Make migration:

alembic revision --autogenerate -m "migration massage"

Apply migration:

alembic upgrade head

Downgrade 1 revision:

alembic downgrade -1

Security

Generate random secret key:

openssl rand -hex 32

Overview

This project provides authentication and authorization service for external applications. It allows using other applications without storing any user data in them.

Keeping all the data in a single place and clear management of access permissions for each authorized application is a goal of this project.

We can end up with 3 products:

  • Independent application for integration with external apps
  • Open source authentication microservice ready-to-use
  • Pip package for FASTApi

Problem Statement

Most of the web application require registration or authentication using external services (as google or facebook), that have almost unlimited access to users data. Easy management of applications and permissions they have is something that missing. Personal data is not personal anymore.

Proposed Solution

Implement a service that keeps all the user's data encrypted and providing it to external applications based on configured permissions.

Success Criteria

  • Running application in production environment
  • Allowing to perform any user story described below
  • Compliance with all requirements of the project

User Stories

  • Register accounts
  • CRUD operations on user data
  • Several emails / phone numbers / avatars per user
  • Register / Manage applications
  • Generate authentication tokens (multiple tokens per app)
  • Manage permissions per app
  • List / Delete active tokens
  • See access history
  • 2FA

Scope

  • Only creation of the API is the scope of the project. No frontend or other UI is required.
  • A service for checking username availability in some popular applications can be implemented in future iterations.

Requirements

Non-Requirements

Conventions

Under discussion

  • Blockchain usage
  • Data encryption
  • Project structure
  • Clean architecture
  • Automatic changelog generation
  • Automatic versioning / tagging

About

Authentication microservice based on FastAPI

docs.aviauth.com

Topics

python fastapi

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

2 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages