Ready-to-use and customizable users management for FastAPI

Overview

FastAPI Users

FastAPI Users

Ready-to-use and customizable users management for FastAPI

build codecov PyPI version Downloads

All Contributors


Documentation: https://fastapi-users.github.io/fastapi-users/

Source Code: https://github.com/fastapi-users/fastapi-users


Add quickly a registration and authentication system to your FastAPI project. FastAPI Users is designed to be as customizable and adaptable as possible.

Features

  • Extensible base user model

  • Ready-to-use register, login, reset password and verify e-mail routes

  • Ready-to-use social OAuth2 login flow

  • Dependency callables to inject current user in route

  • Pluggable password validation

  • Customizable database backend

  • Multiple customizable authentication backends

    • JWT authentication backend included
    • Cookie authentication backend included
  • Full OpenAPI schema support, even with several authentication backends

📚 Discover my book: Building Data Science Applications with FastAPI

Building Data Science Applications with FastAPI

Develop, manage, and deploy efficient machine learning applications with Python

What is this book about?

This book covers the following exciting features:

  • Explore the basics of modern Python and async I/O programming
  • Get to grips with basic and advanced concepts of the FastAPI framework
  • Implement a FastAPI dependency to efficiently run a machine learning model
  • Integrate a simple face detection algorithm in a FastAPI backend
  • Integrate common Python data science libraries in a web backend
  • Deploy a performant and reliable web backend for a data science application

If you feel this book is for you, get your copy today!

Contributors and sponsors ☕️

Thanks goes to these wonderful people (emoji key):


François Voron

🚧

Paolo Dina

💵 💻

Dmytro Ohorodnik

🐛

Matthew D. Scholefield

🐛

roywes

🐛 💻

Satwik Kansal

📖

Edd Salkield

💻 📖

mark-todd

💻 📖

lill74

🐛 💻 📖

SelfhostedPro

🛡️ 💻

Oskar Gmerek

📖

Martin Collado

🐛 💻

Eric Lopes

📖 🛡️

Beau Breon

💻

Niyas Mohammed

📖

prostomarkeloff

📖 💻

Marius Mézerette

🐛 🤔

Nickolas Grigoriadis

🐛

Open Data Coder

🤔

Mohammed Alshehri

🤔

Tyler Renelle

🤔

collerek

💻

Robert Bracco

💵

Augusto Herrmann

📖

Smithybrewer

🐛

silllli

📖

alexferrari88

💵

sandalwoodbox

🐛

Vlad Hoi

📖

Joe Nudell

🐛

Ben

💻

BoYanZh

📖

David Brochart

📖

Daan Beverdam

💻

Stéphane Raimbault

⚠️ 🐛

Sondre Lillebø Gundersen

📖

Maxim

📖 🐛

scottdavort

💵

John Dukewich

📖

Yasser Tahiri

💻

Brandon H. Goding

💻

PovilasK

💻

Just van den Broecke

💵

jakemanger

🐛 💻

Ikko Ashimine

💻

Matyáš Richter

💻

This project follows the all-contributors specification. Contributions of any kind welcome!

Development

Setup environment

You should create a virtual environment and activate it:

python -m venv venv/
source venv/bin/activate

And then install the development dependencies:

pip install -r requirements.dev.txt

Run unit tests

You can run all the tests with:

make test

The command will start a MongoDB container for the related unit tests. So you should have Docker installed.

Alternatively, you can run pytest yourself. The MongoDB unit tests will be skipped if no server is available on your local machine:

pytest

There are quite a few unit tests, so you might run into ulimit issues where there are too many open file descriptors. You may be able to set a new, higher limit temporarily with:

ulimit -n 2048

Format the code

Execute the following command to apply isort and black formatting:

make format

License

This project is licensed under the terms of the MIT license.

Comments
  • Add routes for user activation

    Add routes for user activation

    Allow user accounts to be activated via an activation_callback, which is called in the /register route to handle user verification, resolving #106.

    User accounts created through the /register route have is_active == True if and only if activation_callback is supplied to get_register_router.

    The activation_callback expects a token, which if supplied to the /activate route will activate the user upon token verification.

    The semantics of after_register have been changed slightly: it's called at the point when an activated user has been created. If no activation_callback is supplied, it's called after the /register route. Otherwise, it's called after the /activate route; then any desired behaviour to be run after /register should be put in the activation_callback.

    This PR additionally:

    • Adds new error codes to fastapi_users/router/common.py
    • Update documentation
    • Add tests
    • Is backward-compatible with all previous function interfaces.

    Co-authored-by: Mark Todd

    enhancement 
    opened by eddsalkield 24
  • Duplicate Key Error (maybe not related with Fastapi-user but help needed)

    Duplicate Key Error (maybe not related with Fastapi-user but help needed)

    Hi @frankie567

    Sometimes in a "production" application using fastapi-user (with Gunicorn and uvicorn and concurrency), I have this error I'm not unable to reproduce by myself in dev mode.

    It occurs sometime at registration when two users want to register in the same two minutes. I don't know if it's related to the use of Fastapi-user but maybe I can find some help here to understand this error :-)

    In fact this UUID mentioned in the error below appear to be the uuid of the previous saved user. I'm wondering if it's not a concurrency issue with gunicorn?

    DuplicateKeyError: E11000 duplicate key error collection: myproject_db.users index: id_1 dup key: { id: UUID("c8ff467d-d490-4e32-b0b6-21ac94905dd5") }, full error: {'index': 0, 'code': 11000, 'keyPattern': {'id': 1}, 'keyValue': {'id': UUID('c8ff467d-d490-4e32-b0b6-21ac94905dd5')}, 'errmsg': 'E11000 duplicate key error collection: myproject_db.users index: id_1 dup key: { id: UUID("c8ff467d-d490-4e32-b0b6-21ac94905dd5") }'} File "myprojectapp/core/proxy_headers_middleware.py", line 43, in call return await self.app(scope, receive, send) File "starlette/middleware/cors.py", line 86, in call await self.simple_response(scope, receive, send, request_headers=headers) File "starlette/middleware/cors.py", line 142, in simple_response await self.app(scope, receive, send) File "starlette/exceptions.py", line 82, in call raise exc from None File "starlette/exceptions.py", line 71, in call await self.app(scope, receive, sender) File "starlette/routing.py", line 566, in call await route.handle(scope, receive, send) File "starlette/routing.py", line 227, in handle await self.app(scope, receive, send) File "starlette/routing.py", line 41, in app response = await func(request) File "fastapi/routing.py", line 183, in app dependant=dependant, values=values, is_coroutine=is_coroutine File "fastapi/routing.py", line 133, in run_endpoint_function return await dependant.call(**values) File "fastapi_users/router/register.py", line 38, in register created_user = await user_db.create(db_user) File "fastapi_users/db/mongodb.py", line 64, in create await self.collection.insert_one(user.dict()) File "concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "pymongo/collection.py", line 701, in insert_one session=session), File "pymongo/collection.py", line 615, in _insert bypass_doc_val, session) File "pymongo/collection.py", line 603, in _insert_one acknowledged, _insert_command, session) File "pymongo/mongo_client.py", line 1498, in _retryable_write return self._retry_with_session(retryable, func, s, None) File "pymongo/mongo_client.py", line 1384, in _retry_with_session return self._retry_internal(retryable, func, session, bulk) File "pymongo/mongo_client.py", line 1416, in _retry_internal return func(session, sock_info, retryable) File "pymongo/collection.py", line 600, in _insert_command _check_write_command_response(result) File "pymongo/helpers.py", line 230, in _check_write_command_response _raise_last_write_error(write_errors) File "pymongo/helpers.py", line 211, in _raise_last_write_error raise DuplicateKeyError(error.get("errmsg"), 11000, error)

    question 
    opened by MariusMez 19
  • Use sqlalchemy.orm.session instead of databases?

    Use sqlalchemy.orm.session instead of databases?

    Got a decent-sized project already built on SQLAlchemy. I'm using fastapi-sqlalchemy to inject a Session object into routes. Alternatively, FastAPI's documentation uses samples of SessionLocal = sessionmaker(... bind=engine) used with injection:

    # Dependency
    def get_db():
        db = SessionLocal()
        try:
            yield db
        finally:
            db.close()
    ...
    @app.post("/users")
    def create_user(..., db: Session = Depends(get_db)):
        ...
    

    I figured: that's fine, I'll have fastapi-users's use of databases alongside my use of SQLAlchemy. But I'm hitting all sorts of snags in how fastapi-users loads the user model for downstream tasks, and how my app intends to work with such. Pretty vague, I'll update this ticket with specific issues as I unravel them (currently just error-mania and hard to wrap my head around). But in the meantime, I'm wondering what your thoughts are on supporting passing a sqlalchemy.orm.session object into SQLAlchemyUserDatabase instead of a databases.Database object? Something like:

    # change this
    database = databases.Database(DB_URL)
    fastapi_users = FastAPIUsers(
        SQLAlchemyUserDatabase(UserDB, database, User.__table__), 
        [jwt_authentication], User, UserCreate, UserUpdate, UserDB,
    )
    # to this
    engine = sqlalchemy.create_engine(DB_URL)
    Sess = sqlalchemy.orm.sessionmaker(autocommit=False, autoflush=False, bind=engine)
    fastapi_users = FastAPIUsers(
        SQLAlchemyUserDatabase(UserDB, Sess, User.__table__), 
        [jwt_authentication], User, UserCreate, UserUpdate, UserDB,
    )
    
    question 
    opened by lefnire 14
  • Routes for email verification

    Routes for email verification

    First of all, well done 👏🏼 I'm really impressed by the ideas, quality of code and documentation.

    I'm thinking about adding email verification. Yes, it has some complexity, because you need to verify email after registration and when changing email but it's still essential for many apps.

    I got inspired by forgot-password and reset-password routes. Here is my idea:

    1. generate-token route that takes an email as input and returns a token.
    2. on_after_generate_token event to handle email sending or what ever.
    3. verify-token route that takes the generated token and returns a relevant status code.

    Do you think it would work that way or there is a better way?

    enhancement feedback 
    opened by mhalshehri 13
  • trying to migrate 0.8.x ➡️ 1.0.x

    trying to migrate 0.8.x ➡️ 1.0.x

    I am trying to migrate from old version but suggested script for MongoDB

    db.getCollection('users').find().forEach(function(user) {
      var uuid = UUID(user.id);
      db.getCollection('users').update({_id: user._id}, [{$set: {id: uuid}}]);
    });
    

    gives an error

    [thread1] Error: Invalid UUID string: UUID("49caa9b2-a1f1-4459-bc4c-7e5a5d7d88e1") :

    so later i created new account and clearly see, that something have changed image

    Update I managed to update user in DB(?) well I think so, but nothing have changed(still same as showed in first picture) image using admin user (which one was created in old version), I can't login, using a new one I can

    documentation question 
    opened by galvakojis 12
  • Cookie transport must return empty json and not `null` in `response.data` on login

    Cookie transport must return empty json and not `null` in `response.data` on login

    This causes issues when integrating the openapi schema into openapi-generator. Because the code generator expects the response to be a JSON, as it should be.

    opened by caniko 11
  • Swagger issue for endpoints register & update

    Swagger issue for endpoints register & update

    Hi, First of all, great job. It's a very useful library.

    However, after having setup my project. I noticed a few issues in the generated Swagger documentation. Indeed, the request body is pre-filled with the following information:

    {
      "id": "string",
      "email": "[email protected]",
      "is_active": true,
      "is_superuser": false,
      "password": "string"
    }
    

    However, according to your documentation, only the fields email & password are required. It can lead to some misunderstandings for someone wanting to use the API for the first time since the Swagger (or redoc) should describe how to use the API.

    I think it's a cheap fix that can be very useful for when you'll find a solution for adding auth in the Swagger. Indeed, after having had a look at your code, one solution could be to make the models BaseUserCreate and BaseUserUpdate not to inherit from BaseUser but BaseModel instead.

    Looking forward to hearing from you :)

    enhancement 
    opened by anancarv 11
  • Return 403 instead of 401 when a user is known

    Return 403 instead of 401 when a user is known

    Hi @frankie567,

    I would like to propose to return a 403 whenever a user is known but doesn't have enough privileges to access a resource and return a 401 if a user could not be authenticated at all (wrong or no credentials provided). This follows the conventions outlined in rfc7235 and lets fastapi-users play nicely with frontend frameworks such as vue-auth which will log you out on receiving a 401.

    Let me know if you agree, so I can also update the tests.

    opened by daanbeverdam 10
  • Tortoise-orm custom user

    Tortoise-orm custom user

    Iḿ trying make custom user with fastapi_users,

    so

    from fastapi_users import models from fastapi_users.db import TortoiseBaseUserModel, TortoiseUserDatabase import datetime

    class User(models.BaseUser):

    nome: str = "defaultuserteste"
    data_criado: str = datetime.datetime.now()
    is_fund: bool = False
    is_agendador: bool = False
    is_revisor: bool = False
    is_aprovador: bool = False
    

    class UserCreate(models.BaseUserCreate):

    nome: str = "defaultuserteste"
    data_criado: str = datetime.datetime.now()
    is_fund: bool = False
    is_agendador: bool = False
    is_revisor: bool = False
    is_aprovador: bool = False
    

    class UserUpdate(User, models.BaseUserUpdate):

    nome: str = "defaultuserteste"
    data_criado: str = datetime.datetime.now()
    is_fund: bool = False
    is_agendador: bool = False
    is_revisor: bool = False
    is_aprovador: bool = False
    

    class UserDB(User, models.BaseUserDB):

    nome: str = "defaultuserteste"
    data_criado: str = datetime.datetime.now()
    is_fund: bool = False
    is_agendador: bool = False
    is_revisor: bool = False
    is_aprovador: bool = False
    

    class UserModel(TortoiseBaseUserModel):

    nome: str = "defaultuserteste"
    data_criado: str = datetime.datetime.now()
    is_fund: bool = False
    is_agendador: bool = False
    is_revisor: bool = False
    is_aprovador: bool = False
    

    user_db = TortoiseUserDatabase(UserDB, UserModel)

    Database not changed i'm using mysql ... nothings happening.

    documentation question 
    opened by ScrimForever 10
  • Issue with tortoise orm 0.18.1

    Issue with tortoise orm 0.18.1

    Describe the bug

    There is an error with tortoise orm 0.18.1 using aerich, when I ugrade to 0.19.0 the error goes away but the tortoise orm adapter lock to versions below 0.19.0, there is already a PR from a dependatbot fixing this, it just needs to be reviewed. The error in question is AttributeError: 'NoneType' object has no attribute 'acquire' when using the aerich upgrade command.

    To Reproduce

    Steps to reproduce the behavior:

    1. Install fastapi-users
    2. Setup Tortoise orm with fastapi-users
    3. Install aerich
    4. Initialize your database with aerich
    5. Make a DB model change
    6. Run aerich upgrade

    Expected behavior

    AttributeError: 'NoneType' object has no attribute 'acquire'
    

    Configuration

    • Python version : 3.10
    • FastAPI version : 0.75.2
    • FastAPI Users version : 9.3.2
    • Tortoise Orm version: 0.18.1

    This is not specific to fastapi users and the fix is quite simple.

    bug 
    opened by Tobi-De 9
  • login Response when user not found

    login Response when user not found

    I send the login params and if the user is not found on db, the app just raise an internal console exception with this message:

    tortoise.exceptions.DoesNotExist: Object does not exist

    I have a frontend interface running on different port...so when I try to see the response from the login request, there is no message on browser console, just error 500, with no description. Is there a way of add one ?

    question 
    opened by Master-Y0da 9
  • Refresh tokens, freshness pattern and scopes

    Refresh tokens, freshness pattern and scopes

    This is a draft for feedback, and follows on from this discussion earlier in the year: https://github.com/fastapi-users/fastapi-users/discussions/350

    I've made a first attempt here at implementing refresh tokens and the "freshness pattern" from fastapi-jwt-auth. It doesn't yet have any updates to docs, etc, as I'd like to get your initial input first.

    Breaking changes

    Any implementation of these features involves breaking changes to parts of the API. This is, unfortunately, inevitable because any solution will need to address these challenges:

    Token metadata

    It's no longer sufficient to determine whether a token simply exists for a given user and strategy, because we now also need to:

    • Determine a token's "fresh" status
    • Distinguish between an access token and a refresh token

    For JWTStrategy this is straightforward (adding additional claims to the token), but for other strategies this requires non-backward-compatible changes. In this solution, that includes storing JSON in the Redis value for RedisStrategy and adding additional fields for DatabaseStrategy.

    We also need to consider how to store and retrieve this metadata with the Strategy. For this I propose a Pydantic model, UserTokenData, which wraps the user object (conforming to UserProtocol) and its metadata. In this first draft I've created four metadata fields:

    | Field | Description | | --- | --- | | created_at: datetime | the UTC datetime when the token was issued | | expires_at: Optional[datetime] | the UTC datetime when the token expires - this is no longer set by the Strategy but passed in by the AuthenticationBackend (see below) | | last_authenticated: datetime | the UTC datetime when the user was last explicitly authenticated (not with a refresh token) - a token is considered "fresh" when created_at == last_authenticated | | scopes: Set[str] | distinguishes between an access and refresh token, and can be extended for other purposes later |

    Token response model

    It's now no longer sufficient for a Transport instance to receive a string as a token, as it now needs to process an access tokan and (optionally) a refresh token. In this draft I've created a model

    class TransportTokenResponse(BaseModel):
        access_token: str
        refresh_token: Optional[str] = None
    

    which replaces the previous str type expected by Transport.get_login_response.

    Moving token lifetime to AuthenticationBackend

    As access tokens and refresh tokens have different lifetimes - and this could be extended to other token types in future - I've proposed removing the token lifetime configuration from Strategy and instead setting it in AuthenticationBackend, as well as whether refresh tokens should be generated and accepted:

        access_token_lifetime_seconds: Optional[int] = 3600,
        refresh_token_enabled: bool = False,
        refresh_token_lifetime_seconds: Optional[int] = 86400,
    

    New features

    New refresh router

    I've added an OAuth2-compatible token refresh router, get_refresh_router in refresh.py for processing refresh tokens.

    New "fresh" keyword arg in Authenticator methods

    • The public methods in Authenticator now have a fresh: bool keyword arg, which, when true, will throw 403 Forbidden if the token is not fresh.
    • I've also added an additional method, current_token, for users who need to inspect the token metadata.

    Scopes

    I've borrowed the concept of OAuth2 scopes to distinguish between access tokens and refresh tokens, and I've also defined some additional scopes to distinguish between classes of users.

    | Enum | String | Description | | --- | --- | --- | | SystemScope.USER | "fastapi-users:user" | An access token belonging to an active user | | SystemScope.SUPERUSER | "fastapi-users:superuser" | An access token belonging to an active superuser | | SystemScope.VERIFIED | "fastapi-users:verified" | An access token belonging to an active and verified user | | SystemScope.REFRESH | "fastapi-users:refresh" | A refresh token |

    This could be developed further - for example, both system- and user-defined routes could have "required scopes" that restrict what routes a particular token is permitted to access. By adding user-defined scopes, this could be used as a basis for a general-purpose user permissions system.

    Potential additional features

    The following additional security measures might be valuable but would require additional work:

    • Preventing refresh token reuse: store the created_at datetime for the most recently used refresh token so that it (and any older refresh token) cannot be reused.
    • Refreshing OAuth2 tokens: on token refresh, refresh an associated OAuth2 token with the original provider if it has expired
    • Checking for revoked OAuth2 tokens: on token refresh, re-verify an associated OAuth2 token with the original provider

    Open questions

    • How should CookieTransport handle the concept of refresh tokens? Currently it ignores them entirely.

    Alternative ideas

    • This could be implemented in a non-breaking way by implementing it only for IWTStrategy and BearerTransport and having any use of refresh tokens / freshness with other strategies raise a NotImplementedError, but I do think it's possible that users will want this for other strategies and transports.
    • I also considered using separate strategies for access and refresh tokens by adding a get_refresh_strategy to AuthenticationBackend, but this adds additional complexity. If this is something that user feedback indicates would be likely to be used I could add it back in.

    Feedback welcome

    Please let me know whether this is heading in the right direction and what other changes / different approaches you might have in mind!

    opened by jtv8 3
  • FastAPI-Users v10.1.2 issue with cookie authentication

    FastAPI-Users v10.1.2 issue with cookie authentication

    Discussed in https://github.com/fastapi-users/fastapi-users/discussions/1047

    Originally posted by davidbrochart July 25, 2022 It seems that #1037 breaks cookie authentication in jupyverse. Not sure what's going on, do you have any clue?

    bug 
    opened by frankie567 1
  • Add CSRF recipe into the documentation

    Add CSRF recipe into the documentation

    It's possible to have it thanks to asgi-csrf. A detailed explanation and example in the doc would be nice.

    Add an alert in the Cookie authentication backend to invite the user to check it out.

    documentation 
    opened by frankie567 3
Releases(v10.2.1)
  • v10.2.1(Nov 4, 2022)

  • v10.2.0(Oct 18, 2022)

  • v10.1.5(Aug 11, 2022)

  • v10.1.4(Jul 25, 2022)

  • v10.1.3(Jul 23, 2022)

  • v10.1.2(Jul 22, 2022)

  • v10.1.1(Jun 21, 2022)

  • v10.1.0(Jun 21, 2022)

    New features and improvements

    • Account e-mail association when authenticating with OAuth is now disabled by default for security reasons. It can be re-enabled on the router using the associate_by_email flag. [Documentation]
    • New router to associate an OAuth account with an authenticated user account. [Documentation]
    • New hooks on_before_delete and on_after_delete. [Documentation] Thanks @schwannden 🎉
    • Bump dependencies:
      • httpx-oauth >=0.4,<=0.7 Thanks @carloe 🎉
    Source code(tar.gz)
    Source code(zip)
  • v10.0.7(Jun 7, 2022)

    Improvements

    • FastAPI dependency is now unconstrained, meaning FastAPI Users will always be installable with the latest version of FastAPI. Thanks @austinorr 🎉
    • Optional Redis dependency now uses the main redis package, as async support has been merged into it. Thanks @applied-mathematician 🎉
    Source code(tar.gz)
    Source code(zip)
  • v10.0.6(May 27, 2022)

  • v10.0.5(May 25, 2022)

  • v10.0.4(May 19, 2022)

  • v10.0.3(May 10, 2022)

  • v10.0.2(May 6, 2022)

  • v10.0.1(May 6, 2022)

    Bug fixes

    • Fix generic typing on AuthenticationBackend class
    • Move exceptions in a dedicated module to avoid circular imports (related to #978)
    Source code(tar.gz)
    Source code(zip)
  • v10.0.0(May 5, 2022)

    Breaking changes

    Version 10 marks important changes in how we manage User models and their ID.

    Before, we were relying only on Pydantic models to work with users. In particular the current_user dependency would return you an instance of UserDB, a Pydantic model. This proved to be quite problematic with some ORM if you ever needed to retrieve relationship data or make specific requests.

    Now, FastAPI Users is designed to always return you a native object for your ORM model, whether it's an SQLAlchemy model or a Beanie document. Pydantic models are now only used for validation and serialization inside the API.

    Before, we were forcing the use of UUID as primary key ID; a consequence of the design above. This proved to be quite problematic on some databases, like MongoDB which uses a special ObjectID format by default. Some SQL folks also prefer to use traditional auto-increment integers.

    Now, FastAPI Users is designed to use generic ID type. It means that you can use any type you want for your user's ID. By default, SQLAlchemy adapter still use UUID; but you can quite easily switch to another thing, like an integer. Beanie adapter for MongoDB will use native ObjectID by default, but it also can be overriden.

    READ THE MIGRATION PATH

    Documentation improvements

    • From this day, the documentation is versioned. It means that you'll be able read the documentation for older versions, starting at v9.3. There is a menu switch on top!
    Source code(tar.gz)
    Source code(zip)
  • v9.3.2(May 5, 2022)

  • v9.3.1(Apr 21, 2022)

    Bug fixes and improvements

    • Fix a bug where OAuth accounts could collide if providers use the same ID. Thanks @ricfri 🎉
    • Bump dependencies:
      • httpx-oauth >=0.4,<0.7
    Source code(tar.gz)
    Source code(zip)
  • v9.3.0(Mar 22, 2022)

    Fixes and improvements

    • Allow to use RS256/ES256 algorithms to sign JWT. [Documentation] Thanks @jtv8 🎉
    • Allow to customize password hash strategy and algorithms [Documentation]
      • ⚠️ For SQLAlchemy (v3.0.0) and Tortoise ORM (v2.0.0), models have been updated so that the password_hash column can store longer strings. You'll likely need to perform a database migration.
    Source code(tar.gz)
    Source code(zip)
  • v9.2.6(Mar 16, 2022)

  • v9.2.5(Feb 18, 2022)

    Fixes and improvements

    • Improve route names to avoid duplicates. Thanks @gaganpreet 🎉
    • Improve DependencyCallable type to allow for AsyncGenerator and Generator.
    • Bump dependencies:
      • fastapi >=0.65.2,<0.75.0
    Source code(tar.gz)
    Source code(zip)
  • v9.2.4(Feb 7, 2022)

  • v9.2.3(Feb 1, 2022)

  • v9.2.2(Jan 15, 2022)

    Bug fixes and improvements

    • Fix #865: fastapi_users.db module exports were not discovered correctly by IDE. Thanks @Ae-Mc 🎉
    • Improve typing for classes and functions expecting a dependency callable.
    Source code(tar.gz)
    Source code(zip)
  • v9.2.1(Jan 10, 2022)

    Bug fixes and improvements

    • Fix #846: cookies are now correctly deleted when using custom SameSite option. Thanks @Hazedd 🎉
    • Bump dependencies
      • fastapi >=0.65.2,<0.72.0
      • makefun >=1.11.2,<1.14
    Source code(tar.gz)
    Source code(zip)
  • v9.2.0(Jan 4, 2022)

    New features and improvements

    • Revamp of SQLAlchemy database adapter using pure SQLAlchemy ORM with asyncio support. [Documentation]
      • You can install it with pip install fastapi-users[sqlalchemy2]
      • The previous one is still available on fastapi-users[sqlalchemy] but is now deprecated.
    Source code(tar.gz)
    Source code(zip)
  • v9.1.1(Jan 3, 2022)

  • v8.1.5(Jan 3, 2022)

    This is a critical bug fix for v8 branch. Still, I can't commit to maintain both versions, so consider upgrading to v9 as soon as possible.

    Bug fixes

    • Fix #834: backend name were incorrectly set during OAuth request. Thanks @Hazedd 🎉
    Source code(tar.gz)
    Source code(zip)
  • v9.1.0(Jan 3, 2022)

  • v9.0.1(Dec 30, 2021)

Owner
FastAPI Users
Ready-to-use and customizable users management for FastAPI
FastAPI Users
FastAPI-Amis-Admin is a high-performance, efficient and easily extensible FastAPI admin framework. Inspired by django-admin, and has as many powerful functions as django-admin.

简体中文 | English 项目介绍 FastAPI-Amis-Admin fastapi-amis-admin是一个拥有高性能,高效率,易拓展的fastapi管理后台框架. 启发自Django-Admin,并且拥有不逊色于Django-Admin的强大功能. 源码 · 在线演示 · 文档 · 文

AmisAdmin 318 Dec 31, 2022
fastapi-admin2 is an upgraded fastapi-admin, that supports ORM dialects, true Dependency Injection and extendability

FastAPI2 Admin Introduction fastapi-admin2 is an upgraded fastapi-admin, that supports ORM dialects, true Dependency Injection and extendability. Now

Glib 14 Dec 5, 2022
:rocket: CLI tool for FastAPI. Generating new FastAPI projects & boilerplates made easy.

Project generator and manager for FastAPI. Source Code: View it on Github Features ?? Creates customizable project boilerplate. Creates customizable a

Yagiz Degirmenci 1k Jan 2, 2023
Simple FastAPI Example : Blog API using FastAPI : Beginner Friendly

fastapi_blog FastAPI : Simple Blog API with CRUD operation Steps to run the project: git clone https://github.com/mrAvi07/fastapi_blog.git cd fastapi-

Avinash Alanjkar 1 Oct 8, 2022
Пример использования GraphQL Ariadne с FastAPI и сравнение его с GraphQL Graphene FastAPI

FastAPI Ariadne Example Пример использования GraphQL Ariadne с FastAPI и сравнение его с GraphQL Graphene FastAPI - GitHub ###Запуск на локальном окру

ZeBrains Team 9 Nov 10, 2022
Sample-fastapi - A sample app using Fastapi that you can deploy on App Platform

Getting Started We provide a sample app using Fastapi that you can deploy on App

Erhan BÜTE 2 Jan 17, 2022
Flask-vs-FastAPI - Understanding Flask vs FastAPI Web Framework. A comparison of two different RestAPI frameworks.

Flask-vs-FastAPI Understanding Flask vs FastAPI Web Framework. A comparison of two different RestAPI frameworks. IntroductionIn Flask is a popular mic

Mithlesh Navlakhe 1 Jan 1, 2022
Code Specialist 27 Oct 16, 2022
Fastapi-ml-template - Fastapi ml template with python

FastAPI ML Template Run Web API Local $ sh run.sh # poetry run uvicorn app.mai

Yuki Okuda 29 Nov 20, 2022
A FastAPI WebSocket application that makes use of ncellapp package by @hemantapkh

ncellFastAPI author: @awebisam Used FastAPI to create WS application. Ncellapp module by @hemantapkh NOTE: Not following best practices and, needs ref

Aashish Bhandari 7 Oct 1, 2021
A utility that allows you to use DI in fastapi without Depends()

fastapi-better-di What is this ? fastapi-better-di is a utility that allows you to use DI in fastapi without Depends() Installation pip install fastap

Maxim 9 May 24, 2022
A RESTful API for creating and monitoring resource components of a hypothetical build system. Built with FastAPI and pydantic. Complete with testing and CI.

diskspace-monitor-CRUD Background The build system is part of a large environment with a multitude of different components. Many of the components hav

Nick Hopewell 67 Dec 14, 2022
Prometheus exporter for Starlette and FastAPI

starlette_exporter Prometheus exporter for Starlette and FastAPI. The middleware collects basic metrics: Counter: starlette_requests_total Histogram:

Steve Hillier 225 Jan 5, 2023
🚀 Cookiecutter Template for FastAPI + React Projects. Using PostgreSQL, SQLAlchemy, and Docker

FastAPI + React · A cookiecutter template for bootstrapping a FastAPI and React project using a modern stack. Features FastAPI (Python 3.8) JWT authen

Gabriel Abud 1.4k Jan 2, 2023
A rate limiter for Starlette and FastAPI

SlowApi A rate limiting library for Starlette and FastAPI adapted from flask-limiter. Note: this is alpha quality code still, the API may change, and

Laurent Savaete 562 Jan 1, 2023
Opentracing support for Starlette and FastApi

Starlette-OpenTracing OpenTracing support for Starlette and FastApi. Inspired by: Flask-OpenTracing OpenTracing implementations exist for major distri

Rene Dohmen 63 Dec 30, 2022
FastAPI application and service structure for a more maintainable codebase

Abstracting FastAPI Services See this article for more information: https://camillovisini.com/article/abstracting-fastapi-services/ Poetry poetry inst

Camillo Visini 309 Jan 4, 2023
A rate limiter for Starlette and FastAPI

SlowApi A rate limiting library for Starlette and FastAPI adapted from flask-limiter. Note: this is alpha quality code still, the API may change, and

Laurent Savaete 154 Feb 16, 2021
Prometheus exporter for Starlette and FastAPI

starlette_exporter Prometheus exporter for Starlette and FastAPI. The middleware collects basic metrics: Counter: starlette_requests_total Histogram:

Steve Hillier 82 Feb 13, 2021