Authentication microservice based on FastAPI
Clone the repository
git clone https://github.com/julleks/aviauth-api/
Install pyenv and dependencies (macOS)
brew install openssl readline sqlite3 xz zlib
curl https://pyenv.run | bash
pyenv install 3.10.1
Install poetry
curl -sSL https://raw.githubusercontent.com/python-poetry/poetry/master/get-poetry.py | python -
source $HOME/.poetry/env
cd aviauth-api
pyenv local 3.10.1
poetry install
peotry shell
Install pre-commit if you are going to make commits to repository
pre-commit install
Set debug to True
to disable HTTPSRedirectMiddleware locally:
export DEBUG=True
Run the application
./start.sh
OpenAPI schema is available at:
http://127.0.0.1:8000/latest/docs
http://127.0.0.1:8000/latest/redoc
http://127.0.0.1:8000/latest/openapi.json
Variable | Default value | Description |
---|---|---|
POSTGRES_DB | aviauth | |
POSTGRES_HOST | 127.0.0.1 | |
POSTGRES_PORT | 5432 | |
POSTGRES_USER | ||
POSTGRES_PASSWORD | ||
DEBUG | False | If set to True, logs to console SQL queries and disable HTTPSRedirectMiddleware. |
SECRET_KEY |
This project is following Conventional commits specification and Trunk-based development flow.
Common commit types:
feat:
fix:
build:
chore:
ci:
docs:
style:
refactor:
perf:
test:
Branch name patterns:
master
feature/{feature_name}
bugfix/{hotfix_name}
- installed pre-commit hook (
pre-commit install
) - included all the changes to the CHANGELOG.md under
Unreleased
section - created a branch according to the pattern described above (e.g.:
feature/{feature_name}
) - put a correct commit type according to presented above (e.g.:
feat: add new feature
) - put
!
after the commit type (e.g.:feat!: and new breaking change
) and placeBRAKING CHANGE:
in the beginning of commit body (optional) if you are introducing breaking changes
- Set proper release version in the CHANGELOG.md
- Ensure that CHANGELOG.md content is up-to-date
- Set the release date in the CHANGELOG.md
- Update
V{current_major}_VERSION
parameter in config according to the releasing one or create a new one ifBREAKING CHANGES
took place - Check that
LATEST_VERSION
is pointing to the correct major version parameter in config - After
master
branch is up-to-date, create a release on GitHub including the latest release notes
###Alembic
Initialize Alembic:
alembic init -t async migrations
Make migration:
alembic revision --autogenerate -m "migration massage"
Apply migration:
alembic upgrade head
Downgrade 1 revision:
alembic downgrade -1
Generate random secret key:
openssl rand -hex 32
This project provides authentication and authorization service for external applications. It allows using other applications without storing any user data in them.
Keeping all the data in a single place and clear management of access permissions for each authorized application is a goal of this project.
We can end up with 3 products:
- Independent application for integration with external apps
- Open source authentication microservice ready-to-use
- Pip package for FASTApi
Most of the web application require registration or authentication using external services (as google or facebook), that have almost unlimited access to users data. Easy management of applications and permissions they have is something that missing. Personal data is not personal anymore.
Implement a service that keeps all the user's data encrypted and providing it to external applications based on configured permissions.
- Running application in production environment
- Allowing to perform any user story described below
- Compliance with all requirements of the project
- Register accounts
- CRUD operations on user data
- Several emails / phone numbers / avatars per user
- Register / Manage applications
- Generate authentication tokens (multiple tokens per app)
- Manage permissions per app
- List / Delete active tokens
- See access history
- 2FA
- Only creation of the API is the scope of the project. No frontend or other UI is required.
- A service for checking username availability in some popular applications can be implemented in future iterations.
- FastAPI web framework
- SQLAlchemy ORM
- Test coverage with pytest
- OpenAPI specification
- GitHub actions as CI/CD tool
- AWS infrastructure
- Managing infrastructure with Terraform
- Trunk-based development
- Open Source
- REST API
- PostgreSQL
- Blockchain usage
- Data encryption
- Project structure
- Clean architecture
- Automatic changelog generation
- Automatic versioning / tagging