Backend Development
Python Tutorial
How to use JWT token for authentication and authorization in FastAPI
How to use JWT token for authentication and authorization in FastAPI
How to use JWT tokens for authentication and authorization in FastAPI
Introduction:
With the development of web applications, user authentication and authorization have become a vital part. Authentication and authorization functions can be easily implemented using JWT (JSON Web Token) tokens. FastAPI is a modern Python-based web framework that provides simple and easy-to-use functionality to handle authentication and authorization. This article will explain how to use JWT tokens for authentication and authorization in FastAPI.
- Install dependent libraries
First, we need to install some dependent libraries, including FastAPI, PyJWT and Passlib. You can install it using the pip command:
pip install fastapi pip install pyjwt pip install passlib
- Generate secret key
We need to generate a secret key for signing and verifying JWT tokens. You can use the following code to generate a secret key:
import secrets secret_key = secrets.token_urlsafe(32)
- Create user model
In FastAPI, we need to define a user model to represent users in the application. The user model can be created using the following code:
from pydantic import BaseModel
class User(BaseModel):
username: str
password: str- Create routing and handling functions
Next, we need to create routing and handling functions to handle the user's authentication and authorization requests. Routing and handling functions can be created using the following code:
from fastapi import FastAPI, HTTPException
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from passlib.context import CryptContext
from datetime import datetime, timedelta
import jwt
app = FastAPI()
pwd_context = CryptContext(schemes=["bcrypt"])
security = HTTPBearer()
# 模拟数据库中的用户
users_db = {
"admin": {
"username": "admin",
"password": pwd_context.hash("admin123")
}
}
@app.post("/login")
def login(user: User):
if user.username not in users_db:
raise HTTPException(status_code=401, detail="Invalid username")
stored_user = users_db[user.username]
if not pwd_context.verify(user.password, stored_user["password"]):
raise HTTPException(status_code=401, detail="Invalid password")
token = generate_token(user.username)
return {"access_token": token}
def generate_token(username: str) -> str:
expiration = datetime.utcnow() + timedelta(minutes=30)
payload = {"username": username, "exp": expiration}
return jwt.encode(payload, secret_key, algorithm="HS256")
@app.get("/users/me")
def get_user_profile(credentials: HTTPAuthorizationCredentials = security):
token = credentials.credentials
try:
payload = jwt.decode(token, secret_key, algorithms=["HS256"])
username = payload["username"]
if username not in users_db:
raise HTTPException(status_code=401, detail="Invalid username")
return {"username": username}
except jwt.DecodeError:
raise HTTPException(status_code=401, detail="Invalid token")- Testing the Function
Now we can use Postman or other HTTP client tools to test our functionality. First, we need to send a login request using a POST request and include the username and password in the request body. As shown below:
Request URL: http://localhost:8000/login
Request body:
{
"username": "admin",
"password": "admin123"
}After successful login, we will receive an access token containing card response. For example:
{
"access_token": "xxxxxxxxxxxxx"
}Then, we can send a request to obtain the user profile using a GET request, sending the access token as the Bearer token in the Authorization header. As shown below:
Request URL: http://localhost:8000/users/me
Request header: Authorization: Bearer xxxxxxxxxxxxx
If the token verification is successful, the response will be returned A JSON object containing the username. For example:
{
"username": "admin"
}Conclusion:
This article explains how to use JWT tokens for authentication and authorization in FastAPI. By using the PyJWT library, we generated the JWT token and used the Passlib library for password hash verification. Using this approach, we can easily implement user authentication and authorization functionality to secure our web application.
The above is the detailed content of How to use JWT token for authentication and authorization in FastAPI. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
How to use Nginx with FastAPI for reverse proxy and load balancing
Aug 01, 2023 am 09:44 AM
How to use Nginx with FastAPI for reverse proxy and load balancing Introduction: FastAPI and Nginx are two very popular web development tools. FastAPI is a high-performance Python framework, and Nginx is a powerful reverse proxy server. Using these two tools together can improve the performance and reliability of your web applications. In this article, we will learn how to use Nginx with FastAPI for reverse proxy and load balancing. What is reverse generation
How to achieve high concurrency and load balancing of requests in FastAPI
Jul 31, 2023 pm 01:50 PM
How to achieve high concurrency and load balancing of requests in FastAPI Introduction: With the development of the Internet, high concurrency of web applications has become a common problem. When handling a large number of requests, we need to use efficient frameworks and technologies to ensure system performance and scalability. FastAPI is a high-performance Python framework that can help us achieve high concurrency and load balancing. This article will introduce how to use FastAPI to achieve high concurrency and load balancing of requests. We will use Python3.7
How to use push notifications in FastAPI to update data in real time
Jul 29, 2023 pm 06:09 PM
How to use push notifications in FastAPI to update data in real time Introduction: With the continuous development of the Internet, real-time data updates are becoming more and more important. For example, in application scenarios such as real-time trading, real-time monitoring, and real-time gaming, we need to update data in a timely manner to provide the most accurate information and the best user experience. FastAPI is a modern Python-based web framework that provides a simple and efficient way to build high-performance web applications. This article will introduce how to use FastAPI to implement
How to implement request security protection and vulnerability repair in FastAPI
Jul 29, 2023 am 10:21 AM
How to implement request security protection and vulnerability repair in FastAPI Introduction: In the process of developing web applications, it is very important to ensure the security of the application. FastAPI is a fast (high-performance), easy-to-use, Python web framework with automatic documentation generation. This article will introduce how to implement request security protection and vulnerability repair in FastAPI. 1. Use the secure HTTP protocol. Using the HTTPS protocol is the basis for ensuring application communication security. FastAPI provides
How to implement file upload and processing in FastAPI
Jul 28, 2023 pm 03:01 PM
How to implement file upload and processing in FastAPI FastAPI is a modern, high-performance web framework that is easy to use and powerful. It provides native support for file upload and processing. In this article, we will learn how to implement file upload and processing functions in the FastAPI framework, and provide code examples to illustrate specific implementation steps. First, we need to import the required libraries and modules: fromfastapiimportFastAPI,UploadF
How to implement failover and retry of requests in FastAPI
Jul 28, 2023 pm 01:33 PM
How to implement request failure recovery and retry in FastAPI Introduction: In developing web applications, we often need to communicate with other services. However, these services may experience failures, such as temporary network outages or response timeouts. To keep our applications reliable, we need to recover from failures and retry when necessary. In this article, we will learn how to implement failover and retry of requests in FastAPI. FastAPI is a modern web application based on Python
How to use caching in FastAPI to speed up responses
Jul 28, 2023 pm 08:17 PM
How to use caching in FastAPI to speed up responses Introduction: In modern web development, performance is an important concern. If our application cannot respond to customer requests quickly, it may lead to a decline in user experience or even user churn. Using cache is one of the common methods to improve the performance of web applications. In this article, we will explore how to use caching to speed up the response speed of the FastAPI framework and provide corresponding code examples. 1. What is cache? A cache is a cache that will be accessed frequently
How to implement load balancing and high availability in FastAPI
Jul 28, 2023 pm 02:13 PM
Introduction to how to implement load balancing and high availability in FastAPI: With the development of Internet applications, the requirements for system load balancing and high availability are getting higher and higher. FastAPI is a high-performance Python-based web framework that provides a simple and powerful way to build, deploy and scale web applications. This article will introduce how to implement load balancing and high availability in FastAPI and provide corresponding code examples. Using Nginx to achieve load balancingNginx is a popular
