fastapi-async-auth-kit 0.1.0__tar.gz

fastapi_async_auth_kit-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 kmistry1110
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

fastapi_async_auth_kit-0.1.0/PKG-INFO

@@ -0,0 +1,21 @@
+Metadata-Version: 2.4
+Name: fastapi-async-auth-kit
+Version: 0.1.0
+Summary: Async FastAPI auth with JWT, refresh tokens, logout
+Author-email: Keyurkumar <kmistry1110@gmail.com>
+Requires-Python: >=3.8
+License-File: LICENSE
+Requires-Dist: fastapi
+Requires-Dist: pydantic
+Requires-Dist: python-jose
+Requires-Dist: argon2-cffi
+Requires-Dist: sqlalchemy>=2.0
+Provides-Extra: postgres
+Requires-Dist: asyncpg; extra == "postgres"
+Provides-Extra: mysql
+Requires-Dist: aiomysql; extra == "mysql"
+Provides-Extra: sqlite
+Requires-Dist: aiosqlite; extra == "sqlite"
+Provides-Extra: mongodb
+Requires-Dist: motor; extra == "mongodb"
+Dynamic: license-file

fastapi_async_auth_kit-0.1.0/README.md

@@ -0,0 +1,175 @@
+# FastAPI Auth 🔐
+
+Production-ready authentication system for FastAPI with async support, JWT, refresh tokens, and pluggable database backends.
+
+---
+
+## 🚀 Features
+
+* ⚡ Fully async (no blocking I/O)
+* 🔐 JWT authentication (access + refresh tokens)
+* 🔁 Refresh token flow
+* 🚪 Logout with token blacklist
+* 🧱 Multi-database support:
+
+  * PostgreSQL (asyncpg)
+  * MySQL (aiomysql)
+  * SQLite (aiosqlite)
+  * MongoDB (motor)
+* 🧠 Dependency-based auth (FastAPI native)
+* 📦 Plug-and-play integration
+* 🛡️ Password hashing with Argon2 (modern standard)
+* 📄 Clean OpenAPI (Swagger) docs with Pydantic schemas
+
+---
+
+## 📦 Installation
+
+```bash
+pip install fastapi-auth[<db>]
+```
+
+### With database support
+
+```bash
+pip install fastapi-auth[postgres]
+pip install fastapi-auth[mysql]
+pip install fastapi-auth[mongodb]
+pip install fastapi-auth[sqlite]
+```
+
+---
+
+## ⚙️ Quick Start
+
+### Step 1: How to initiate auth on startup
+```python
+from fastapi import FastAPI
+from fastapi_auth_ import init_auth, AuthConfig
+
+app = FastAPI()
+
+@app.on_event("startup")
+async def startup():
+    await init_auth(
+        app,
+        AuthConfig(
+            secret_key="your-secret",
+            db_url="postgresql+asyncpg://user:pass@localhost/db",
+            db_type="postgres"
+        )
+    )
+```
+
+### Step 2: How to validate token for all your FastAPIs
+```python
+from fastapi import APIRouter, Depends
+from fastapi_auth.dependencies.auth import get_current_user
+router = APIRouter()
+
+@router.get("/user")
+async def me(user=Depends(get_current_user)):
+    return user
+```
+
+
+---
+
+## 🔐 Available Endpoints
+
+| Endpoint            | Description             |
+| ------------------- | ----------------------- |
+| POST /auth/register | Register new user       |
+| POST /auth/login    | Login and get tokens    |
+| POST /auth/refresh  | Refresh access token    |
+| POST /auth/logout   | Logout and revoke token |
+| GET /auth/me        | Get current user        |
+
+---
+
+## 🧪 Example
+
+### Login
+
+```json
+POST /auth/login
+
+{
+  "username": "john",
+  "password": "Strong@123"
+}
+```
+
+### Response
+
+```json
+{
+  "access": "jwt_token",
+  "refresh": "refresh_token"
+}
+```
+
+---
+
+## 🧠 Architecture
+
+```
+FastAPI App
+   ↓
+Auth Service
+   ↓
+Repository Layer
+   ↓
+Database (Async)
+```
+
+---
+
+## 🛡️ Security
+
+* Argon2 password hashing
+* JWT token expiration
+* Refresh token blacklist
+* No sensitive data exposure
+* Clean error handling
+
+---
+
+## 🧩 Extensibility
+
+* Add RBAC (roles & permissions)
+* Plug custom user models
+* Add OAuth providers (Google, GitHub)
+* Integrate Redis for token storage
+
+---
+
+## 🛠 Tech Stack
+
+* FastAPI
+* SQLAlchemy (async)
+* Pydantic
+* python-jose (JWT)
+* Argon2 (password hashing)
+
+---
+
+## 📌 Roadmap
+
+* [ ] RBAC support
+* [ ] Redis token blacklist
+* [ ] OAuth integration
+* [ ] Rate limiting
+* [ ] Email verification
+
+---
+
+## 🤝 Contributing
+
+Pull requests are welcome. For major changes, open an issue first.
+
+---
+
+## 📄 License
+
+MIT License

fastapi_async_auth_kit-0.1.0/fastapi_async_auth_kit.egg-info/PKG-INFO

@@ -0,0 +1,21 @@
+Metadata-Version: 2.4
+Name: fastapi-async-auth-kit
+Version: 0.1.0
+Summary: Async FastAPI auth with JWT, refresh tokens, logout
+Author-email: Keyurkumar <kmistry1110@gmail.com>
+Requires-Python: >=3.8
+License-File: LICENSE
+Requires-Dist: fastapi
+Requires-Dist: pydantic
+Requires-Dist: python-jose
+Requires-Dist: argon2-cffi
+Requires-Dist: sqlalchemy>=2.0
+Provides-Extra: postgres
+Requires-Dist: asyncpg; extra == "postgres"
+Provides-Extra: mysql
+Requires-Dist: aiomysql; extra == "mysql"
+Provides-Extra: sqlite
+Requires-Dist: aiosqlite; extra == "sqlite"
+Provides-Extra: mongodb
+Requires-Dist: motor; extra == "mongodb"
+Dynamic: license-file

fastapi_async_auth_kit-0.1.0/fastapi_async_auth_kit.egg-info/SOURCES.txt

@@ -0,0 +1,21 @@
+LICENSE
+README.md
+pyproject.toml
+fastapi_async_auth_kit.egg-info/PKG-INFO
+fastapi_async_auth_kit.egg-info/SOURCES.txt
+fastapi_async_auth_kit.egg-info/dependency_links.txt
+fastapi_async_auth_kit.egg-info/requires.txt
+fastapi_async_auth_kit.egg-info/top_level.txt
+fastapi_auth_kit/__init__.py
+fastapi_auth_kit/api/auth.py
+fastapi_auth_kit/core/config.py
+fastapi_auth_kit/core/security.py
+fastapi_auth_kit/core/setup.py
+fastapi_auth_kit/db/base.py
+fastapi_auth_kit/db/factory.py
+fastapi_auth_kit/db/mongo_repo.py
+fastapi_auth_kit/db/sqlalchemy_repo.py
+fastapi_auth_kit/dependencies/auth.py
+fastapi_auth_kit/schemas/auth.py
+fastapi_auth_kit/services/auth_service.py
+tests/test_auth.py

fastapi_async_auth_kit-0.1.0/fastapi_async_auth_kit.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

fastapi_async_auth_kit-0.1.0/fastapi_async_auth_kit.egg-info/requires.txt

@@ -0,0 +1,17 @@
+fastapi
+pydantic
+python-jose
+argon2-cffi
+sqlalchemy>=2.0
+
+[mongodb]
+motor
+
+[mysql]
+aiomysql
+
+[postgres]
+asyncpg
+
+[sqlite]
+aiosqlite

fastapi_async_auth_kit-0.1.0/fastapi_async_auth_kit.egg-info/top_level.txt

@@ -0,0 +1 @@
+fastapi_auth_kit

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/__init__.py

@@ -0,0 +1,5 @@
+from fastapi_auth_kit.core.setup import init_auth
+from fastapi_auth_kit.core.config import AuthConfig
+from fastapi_auth_kit.dependencies.auth import get_current_user
+
+__all__ = ["init_auth", "AuthConfig", "get_current_user"]

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/api/auth.py

@@ -0,0 +1,34 @@
+from fastapi import APIRouter, Request, Depends
+from fastapi_auth_kit.schemas.auth import (
+    RegisterRequest,
+    LoginRequest,
+    RefreshRequest,
+    TokenResponse
+)
+from fastapi_auth_kit.dependencies.auth import get_current_user
+
+router = APIRouter()
+
+
+@router.post("/register")
+async def register(req: Request, data: RegisterRequest):
+    return await req.app.state.auth.register(data.username, data.password)
+
+
+@router.post("/login", response_model=TokenResponse)
+async def login(req: Request, data: LoginRequest):
+    return await req.app.state.auth.login(data.username, data.password)
+
+
+@router.post("/refresh")
+async def refresh(req: Request, data: RefreshRequest):
+    return await req.app.state.auth.refresh(data.refresh)
+
+
+@router.post("/logout")
+async def logout(req: Request, data: RefreshRequest):
+    return await req.app.state.auth.logout(data.refresh)
+
+@router.get("/me")
+async def me(user=Depends(get_current_user)):
+    return user

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/core/config.py

@@ -0,0 +1,6 @@
+from pydantic import BaseModel
+
+class AuthConfig(BaseModel):
+    secret_key: str
+    db_url: str
+    db_type: str  # postgres | mysql | sqlite | mongodb

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/core/security.py

@@ -0,0 +1,33 @@
+from passlib.context import CryptContext
+from jose import jwt
+from datetime import datetime, timedelta
+
+pwd = CryptContext(schemes=["argon2"], deprecated="auto")
+
+ALGO = "HS256"
+
+
+def hash_password(password: str) -> str:
+    return pwd.hash(password)
+
+
+def verify_password(password: str, hashed: str) -> bool:
+    valid = pwd.verify(password, hashed)
+
+    if valid and pwd.needs_update(hashed):
+        new_hash = pwd.hash(password)
+
+    return valid
+
+
+def create_token(data, secret, minutes, ttype):
+    payload = data.copy()
+    payload.update({
+        "exp": datetime.utcnow() + timedelta(minutes=minutes),
+        "type": ttype
+    })
+    return jwt.encode(payload, secret, algorithm=ALGO)
+
+
+def decode_token(token, secret):
+    return jwt.decode(token, secret, algorithms=[ALGO])

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/core/setup.py

@@ -0,0 +1,14 @@
+from fastapi_auth_kit.db.factory import get_repo
+from fastapi_auth_kit.services.auth_service import AuthService
+from fastapi_auth_kit.api.auth import router
+from fastapi_auth_kit.dependencies import auth
+
+async def init_auth(app, config):
+    repo = await get_repo(config)
+
+    service = AuthService(repo, config.secret_key)
+
+    auth.SECRET = config.secret_key
+
+    app.state.auth = service
+    app.include_router(router, prefix="/auth")

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/db/base.py

@@ -0,0 +1,6 @@
+class UserRepository:
+    async def get_user(self, username): ...
+    async def create_user(self, username, password): ...
+    async def save_refresh_token(self, token): ...
+    async def is_token_blacklisted(self, token): ...
+    async def blacklist_token(self, token): ...

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/db/factory.py

@@ -0,0 +1,10 @@
+from fastapi_auth_kit.db.sqlalchemy_repo import SQLRepo
+from fastapi_auth_kit.db.mongo_repo import MongoRepo
+
+async def get_repo(config):
+    if config.db_type == "mongodb":
+        return MongoRepo(config.db_url)
+
+    repo = SQLRepo(config.db_url)
+    await repo.init()
+    return repo

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/db/mongo_repo.py

@@ -0,0 +1,27 @@
+from motor.motor_asyncio import AsyncIOMotorClient
+
+class MongoRepo:
+    def __init__(self, url):
+        client = AsyncIOMotorClient(url)
+        db = client["auth"]
+        self.users = db["users"]
+        self.tokens = db["tokens"]
+
+    async def get_user(self, username):
+        return await self.users.find_one({"username": username})
+
+    async def create_user(self, u, p):
+        await self.users.insert_one({"username": u, "password": p})
+
+    async def save_refresh_token(self, token):
+        await self.tokens.insert_one({"token": token, "blacklisted": False})
+
+    async def is_token_blacklisted(self, token):
+        t = await self.tokens.find_one({"token": token})
+        return t and t["blacklisted"]
+
+    async def blacklist_token(self, token):
+        await self.tokens.update_one(
+            {"token": token},
+            {"$set": {"blacklisted": True}}
+        )

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/db/sqlalchemy_repo.py

@@ -0,0 +1,61 @@
+from sqlalchemy.ext.asyncio import create_async_engine, AsyncSession
+from sqlalchemy.orm import sessionmaker, declarative_base
+from sqlalchemy import Column, String, Integer, select
+
+Base = declarative_base()
+
+class User(Base):
+    __tablename__ = "users"
+    id = Column(Integer, primary_key=True)
+    username = Column(String, unique=True)
+    password = Column(String)
+
+class Token(Base):
+    __tablename__ = "tokens"
+    token = Column(String, primary_key=True)
+    blacklisted = Column(Integer, default=0)
+
+
+class SQLRepo:
+    def __init__(self, url):
+        self.engine = create_async_engine(url, future=True)
+        self.Session = sessionmaker(
+            self.engine,
+            class_=AsyncSession,
+            expire_on_commit=False
+        )
+
+    async def init(self):
+        async with self.engine.begin() as conn:
+            await conn.run_sync(Base.metadata.create_all)
+
+    async def get_user(self, username):
+        async with self.Session() as db:
+            res = await db.execute(select(User).where(User.username == username))
+            return res.scalar_one_or_none()
+
+    async def create_user(self, u, p):
+        async with self.Session() as db:
+            user = User(username=u, password=p)
+            db.add(user)
+            await db.commit()
+            return user
+
+    async def save_refresh_token(self, token):
+        async with self.Session() as db:
+            db.add(Token(token=token))
+            await db.commit()
+
+    async def is_token_blacklisted(self, token):
+        async with self.Session() as db:
+            res = await db.execute(select(Token).where(Token.token == token))
+            t = res.scalar_one_or_none()
+            return t and t.blacklisted == 1
+
+    async def blacklist_token(self, token):
+        async with self.Session() as db:
+            res = await db.execute(select(Token).where(Token.token == token))
+            t = res.scalar_one_or_none()
+            if t:
+                t.blacklisted = 1
+                await db.commit()

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/dependencies/auth.py

@@ -0,0 +1,14 @@
+from fastapi import Depends, HTTPException
+from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
+from fastapi_auth_kit.core.security import decode_token
+
+security = HTTPBearer()
+
+async def get_current_user(
+    credentials: HTTPAuthorizationCredentials = Depends(security)
+):
+    try:
+        token = credentials.credentials
+        return decode_token(token, SECRET)
+    except:
+        raise HTTPException(401, "Invalid token")

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/schemas/auth.py

@@ -0,0 +1,49 @@
+from pydantic import BaseModel, Field, field_validator
+import re
+
+
+USERNAME_REGEX = r"^[a-zA-Z][a-zA-Z0-9_]{2,29}$"
+PASSWORD_REGEX = r"^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&]).{8,}$"
+
+
+class RegisterRequest(BaseModel):
+    username: str = Field(
+        ...,
+        description="3-30 chars, letters/numbers/_ only, must start with letter"
+    )
+    password: str = Field(
+        ...,
+        description="Min 8 chars, include uppercase, lowercase, number, special char"
+    )
+
+    @field_validator("username")
+    @classmethod
+    def validate_username(cls, v):
+        if not re.match(USERNAME_REGEX, v):
+            raise ValueError(
+                "Username must be 3-30 chars, start with letter, and contain only letters, numbers, underscores"
+            )
+        return v
+
+    @field_validator("password")
+    @classmethod
+    def validate_password(cls, v):
+        if not re.match(PASSWORD_REGEX, v):
+            raise ValueError(
+                "Password must be at least 8 characters long and include uppercase, lowercase, number, and special character"
+            )
+        return v
+
+
+class LoginRequest(BaseModel):
+    username: str
+    password: str
+
+
+class RefreshRequest(BaseModel):
+    refresh: str
+
+
+class TokenResponse(BaseModel):
+    access: str
+    refresh: str

fastapi_async_auth_kit-0.1.0/fastapi_auth_kit/services/auth_service.py

@@ -0,0 +1,100 @@
+from fastapi import HTTPException, status
+from fastapi_auth_kit.core.security import *
+
+class AuthService:
+    def __init__(self, repo, secret):
+        self.repo = repo
+        self.secret = secret
+
+    async def register(self, username: str, password: str):
+        existing_user = await self.repo.get_user(username)
+
+        if existing_user:
+            raise HTTPException(
+                status_code=status.HTTP_409_CONFLICT,
+                detail="User already exists"
+            )
+
+        user = await self.repo.create_user(
+            username,
+            hash_password(password)
+        )
+
+        return {
+            "message": "User registered successfully",
+            "username": username
+        }
+
+    async def login(self, username: str, password: str):
+        user = await self.repo.get_user(username)
+
+        if not user or not verify_password(password, user.password):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid username or password"
+            )
+
+        access = create_token({"sub": username}, self.secret, 15, "access")
+        refresh = create_token({"sub": username}, self.secret, 60*24, "refresh")
+
+        await self.repo.save_refresh_token(refresh)
+
+        return {
+            "access": access,
+            "refresh": refresh
+        }
+
+    async def refresh(self, token: str):
+        try:
+            data = decode_token(token, self.secret)
+        except Exception:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid or expired refresh token"
+            )
+
+        if data.get("type") != "refresh":
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Invalid token type (expected refresh token)"
+            )
+
+        if await self.repo.is_token_blacklisted(token):
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Token has been revoked (logout)"
+            )
+
+        return {
+            "access": create_token(
+                {"sub": data["sub"]},
+                self.secret,
+                15,
+                "access"
+            )
+        }
+
+    async def logout(self, token: str):
+        try:
+            data = decode_token(token, self.secret)
+        except Exception:
+            raise HTTPException(
+                status_code=status.HTTP_401_UNAUTHORIZED,
+                detail="Invalid or expired refresh token"
+            )
+
+        if data.get("type") != "refresh":
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Invalid token type"
+            )
+
+        if await self.repo.is_token_blacklisted(token):
+            raise HTTPException(
+                status_code=status.HTTP_400_BAD_REQUEST,
+                detail="Token already logged out"
+            )
+
+        await self.repo.blacklist_token(token)
+
+        return {"message": "Logged out successfully"}

fastapi_async_auth_kit-0.1.0/pyproject.toml

@@ -0,0 +1,28 @@
+[project]
+name = "fastapi-async-auth-kit"
+version = "0.1.0"
+description = "Async FastAPI auth with JWT, refresh tokens, logout"
+authors = [{ name="Keyurkumar", email="kmistry1110@gmail.com" }]
+requires-python = ">=3.8"
+
+dependencies = [
+    "fastapi",
+    "pydantic",
+    "python-jose",
+    "argon2-cffi",
+    "sqlalchemy>=2.0"
+]
+
+[project.optional-dependencies]
+postgres = ["asyncpg"]
+mysql = ["aiomysql"]
+sqlite = ["aiosqlite"]
+mongodb = ["motor"]
+
+[build-system]
+requires = ["setuptools", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[tool.setuptools.packages.find]
+where = ["."]
+include = ["fastapi_auth_kit*"]

fastapi_async_auth_kit-0.1.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

fastapi_async_auth_kit-0.1.0/tests/test_auth.py

@@ -0,0 +1,53 @@
+import pytest
+from httpx import AsyncClient
+from fastapi import FastAPI
+from fastapi_auth_kit import init_auth, AuthConfig
+
+
+@pytest.mark.asyncio
+async def test_auth_flow():
+    app = FastAPI()
+
+    @app.on_event("startup")
+    async def setup():
+        await init_auth(
+            app,
+            AuthConfig(
+                secret_key="test",
+                db_url="sqlite+aiosqlite:///:memory:",
+                db_type="sqlite"
+            )
+        )
+
+    async with AsyncClient(app=app, base_url="http://test") as ac:
+
+        # register
+        r = await ac.post("/auth/register", json={
+            "username": "test",
+            "password": "123"
+        })
+        assert r.status_code == 200
+
+        # login
+        r = await ac.post("/auth/login", json={
+            "username": "test",
+            "password": "123"
+        })
+        data = r.json()
+
+        assert "access" in data
+        assert "refresh" in data
+
+        refresh = data["refresh"]
+
+        # refresh token
+        r = await ac.post("/auth/refresh", json={"refresh": refresh})
+        assert r.status_code == 200
+
+        # logout
+        r = await ac.post("/auth/logout", json={"refresh": refresh})
+        assert r.status_code == 200
+
+        # refresh again (should fail)
+        r = await ac.post("/auth/refresh", json={"refresh": refresh})
+        assert r.status_code != 200