Skip to content

naganathkm/rbac-fastapi

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
app
app
 
 
tests
tests
 
 
.env
.env
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

FastAPI JWT RBAC API

A simple RESTful API built with FastAPI and MongoDB (using MongoEngine) that supports JWT Authentication and Role-Based Access Control (RBAC). This API demonstrates secure user authentication, role-based access, and basic CRUD operations for resources, all deployable on AWS Lambda using API Gateway.

Features

  • User Registration and Login
    • Secure password hashing using bcrypt.
    • JWT token generation upon successful login.
  • JWT Authentication
    • Tokens include user ID, username, and role.
    • Tokens are validated for authentication.
  • Role-Based Access Control (RBAC)
    • admin role: Full access to CRUD operations.
    • user role: Read-only access.
  • CRUD Operations for Resources
    • Example resource: projects.
  • MongoDB Integration
    • MongoEngine as an ODM for user and resource data storage.
  • Swagger Documentation
    • Auto-generated Swagger UI available at /docs.

Prerequisites

  • Python 3.10 or above
  • MongoDB instance (local or cloud, e.g., MongoDB Atlas)

Installation

1. Clone the repository

git clone https://github.com/<username>/fastapi-jwt-rbac.git
cd fastapi-jwt-rbac

2. Set up a virtual environment

python3 -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

3. Install dependencies

pip install -r requirements.txt

4. Configure MongoDB connection

Update the MongoDB connection string in your app/models.py file:

from mongoengine import connect

connect(db="your_database_name", host="mongodb://localhost:27017")

For MongoDB Atlas, use:

connect(db="your_database_name", host="your_mongodb_atlas_connection_string")

Running the Application

Start the application using Uvicorn:

uvicorn app.main:app --reload

The API will be available at: http://127.0.0.1:8000/docs

API Endpoints

User Authentication

Endpoint Method Description
/auth/register POST Register a new user
/auth/login POST Login and get JWT token

Example Request Body (for /auth/register):

{
  "username": "example",
  "password": "password123",
  "role": "user"
}

Projects Resource

Endpoint Method Role Description
/projects GET user View all projects
/projects POST admin Create a new project
/projects/{id} GET user View a specific project
/projects/{id} PUT admin Update a specific project
/projects/{id} DELETE admin Delete a specific project

Example Request Body (for /projects POST):

{
  "name": "Project A",
  "description": "Description of the project"
}

Testing with Swagger

  • Open Swagger UI at http://127.0.0.1:8000/docs.
  • Use the Authorize button to enter the JWT token: 
    Bearer <JWT_TOKEN>
  • Test all the endpoints based on the user role.

Testing with Pytest

Run the tests using pytest:

pytest

Folder Structure

fastapi-jwt-rbac/
├── app/
│   ├── main.py             # FastAPI entry point
│   ├── models.py           # MongoEngine models for User and Project
│   ├── routes/
│   │   ├── auth.py         # Authentication endpoints
│   │   ├── projects.py     # CRUD endpoints for Projects
│   ├── services/
│   │   ├── auth_service.py # User authentication logic
│   │   ├── jwt_service.py  # JWT token creation and decoding
│   └── utils/
│       └── hashing.py      # Password hashing utilities
├── tests/
│   ├── test_auth.py        # Tests for authentication endpoints
│   ├── test_projects.py    # Tests for project CRUD endpoints
├── requirements.txt        # Python dependencies
├── README.md               # Documentation

Contributing

Feel free to fork the repository and submit pull requests for improvements or additional features.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages