fastapi-fullauth 0.4.0__tar.gz → 0.6.0__tar.gz

fastapi_fullauth-0.6.0/.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,60 @@
+name: Bug Report
+description: Report a bug in fastapi-fullauth
+labels: ["bug"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for reporting a bug! Please fill out the details below.
+
+  - type: input
+    id: version
+    attributes:
+      label: fastapi-fullauth version
+      placeholder: "0.5.0"
+    validations:
+      required: true
+
+  - type: input
+    id: python-version
+    attributes:
+      label: Python version
+      placeholder: "3.12"
+    validations:
+      required: true
+
+  - type: dropdown
+    id: adapter
+    attributes:
+      label: Adapter
+      options:
+        - SQLModel
+        - SQLAlchemy
+        - InMemory
+        - Custom
+    validations:
+      required: true
+
+  - type: textarea
+    id: description
+    attributes:
+      label: Description
+      description: What happened? What did you expect to happen?
+    validations:
+      required: true
+
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Steps to reproduce
+      description: Minimal code or steps to reproduce the bug.
+      render: python
+    validations:
+      required: true
+
+  - type: textarea
+    id: logs
+    attributes:
+      label: Error output / traceback
+      description: Paste any relevant error messages or tracebacks.
+      render: shell

fastapi_fullauth-0.6.0/.github/ISSUE_TEMPLATE/feature_request.yml

@@ -0,0 +1,30 @@
+name: Feature Request
+description: Suggest a new feature for fastapi-fullauth
+labels: ["enhancement"]
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for suggesting a feature! Please describe what you'd like.
+
+  - type: textarea
+    id: problem
+    attributes:
+      label: Problem
+      description: What problem does this feature solve? What's the use case?
+    validations:
+      required: true
+
+  - type: textarea
+    id: solution
+    attributes:
+      label: Proposed solution
+      description: How would you like this to work? Code examples are welcome.
+    validations:
+      required: true
+
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: Any workarounds or alternative approaches you've considered?

fastapi_fullauth-0.6.0/.github/pull_request_template.md

@@ -0,0 +1,17 @@
+## Summary
+
+<!-- What does this PR do? Keep it brief. -->
+
+## Changes
+
+<!-- Bullet list of what changed. -->
+
+-
+
+## Test plan
+
+<!-- How was this tested? -->
+
+- [ ] All existing tests pass
+- [ ] New tests added for new functionality
+- [ ] Lint and format clean (`ruff check .` + `ruff format --check .`)

fastapi_fullauth-0.6.0/.github/workflows/docs.yml

@@ -0,0 +1,26 @@
+name: Docs
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - "docs/**"
+      - "mkdocs.yml"
+  workflow_dispatch:
+
+permissions:
+  contents: write
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: "3.12"
+
+      - run: pip install mkdocs-material
+
+      - run: mkdocs gh-deploy --force

{fastapi_fullauth-0.4.0 → fastapi_fullauth-0.6.0}/.gitignore

@@ -28,7 +28,13 @@ Thumbs.db
 .coverage
 htmlcov/
 
+# Linting
+.ruff_cache/
+
 # Distribution
 *.tar.gz
 *.whl
 architecture.md
+
+# Docs build
+site/

{fastapi_fullauth-0.4.0 → fastapi_fullauth-0.6.0}/CHANGELOG.md

@@ -1,5 +1,68 @@
 # Changelog
 
+## 0.6.0
+
+### Breaking changes
+
+- **Config-only API** — `FullAuth` no longer accepts `secret_key=`, `**config_kwargs`, or positional `config`. Pass `config=FullAuthConfig(SECRET_KEY="...")` or set `FULLAUTH_SECRET_KEY` env var. All params are keyword-only.
+- **`enabled_routes` removed** — replaced by composable routers. Include only the routers you need instead of filtering route names.
+- **`RouteName` type removed** — no longer needed with composable routers.
+- **`configure_hasher()` removed** — hash algorithm is now passed explicitly from config through flows. No more global mutable state.
+- **Schema auto-derivation removed** — `_derive_user_schema()` and `_resolve_create_schema()` deleted from all adapters and FullAuth. Define your own schemas extending `UserSchema` / `CreateUserSchema` and pass them to the adapter.
+- **`create_user_schema` moved to adapter** — pass it to the adapter, not FullAuth: `InMemoryAdapter(user_schema=MyUser, create_user_schema=MyCreate)`.
+
+### Added
+
+- **Generic type parameters** — `AbstractUserAdapter[UserSchemaType, CreateUserSchemaType]`, `FullAuth[UserSchemaType, CreateUserSchemaType]` with PEP 696 defaults for full type safety
+- **Composable routers** — `fullauth.auth_router`, `fullauth.profile_router`, `fullauth.verify_router`, `fullauth.admin_router`, `fullauth.oauth_router`. Each lazily created, include only what you need
+- **Typed dependency factories** — `get_current_user_dependency(MyUser)`, `get_verified_user_dependency(MyUser)`, `get_superuser_dependency(MyUser)` for custom schema type safety
+- `create_blacklist(config)` — extracted from FullAuth to `core/tokens.py`
+- `create_rate_limiter(config, max, window)` — extracted from FullAuth to `protection/ratelimit.py`
+- `UserSchemaType`, `CreateUserSchemaType` TypeVars exported from top-level package
+- `UserSchema`, `CreateUserSchema` base classes exported from top-level package
+
+### Changed
+
+- **Router split** — 613-line monolithic `create_auth_router()` split into `create_auth_router()` (login/register/logout/refresh), `create_profile_router()` (me/update/delete/change-password), `create_verify_router()` (email verify/password reset), `create_admin_router()` (roles/permissions)
+- **FullAuth slimmed** — factory methods extracted, composable router properties added, `_OAUTH_PROVIDER_REGISTRY` stays on class for now
+- `fullauth.router` still works as before (composes all sub-routers), `fullauth.init_app(app)` unchanged
+- `hash_password()` and `password_needs_rehash()` now accept explicit `algorithm` parameter (default `argon2id`)
+- Shared request/response models extracted to `router/_models.py`
+- RBAC permissions (`require_role`, `require_permission`) available via `fastapi_fullauth.dependencies` (removed `rbac/` re-export package will happen in next release)
+
+### Removed
+
+- `FullAuth._resolve_create_schema()` — auto-derivation of create schema from ORM model
+- `SQLModelAdapter._derive_user_schema()` — auto-derivation of user schema
+- `SQLAlchemyAdapter._derive_user_schema()` — auto-derivation of user schema
+- `_SA_TYPE_MAP` and `_get_sa_type_map()` — SQLAlchemy type mapping for auto-derivation
+- `FullAuth._create_blacklist()` — moved to `core/tokens.create_blacklist()`
+- `FullAuth._create_rate_limiter()` — moved to `protection.ratelimit.create_rate_limiter()`
+- `configure_hasher()` and `_algorithm` global from `core/crypto.py`
+
+## 0.5.0
+
+### Added
+
+- **Structured logging** across all auth flows, security middleware, and OAuth — failed logins, account lockouts, token reuse, CSRF violations, rate limit hits, role changes, and account deletions are all logged via `logging.getLogger("fastapi_fullauth.*")`
+- **Documentation site** — MkDocs with Material theme, auto-deployed to GitHub Pages via CI
+- **Proxy-aware rate limiting** — new `TRUSTED_PROXY_HEADERS` config to read real client IPs from `X-Forwarded-For` and similar headers
+- **SQLAlchemy example app** (`examples/sqlalchemy_app/`)
+- **`update_user` field validation** — rejects unknown fields with 422 instead of passing them to the DB
+- SQLModel adapter now accepts both SQLModel's and SQLAlchemy's `AsyncSession`
+- `OAuthAccountRecord` exported from `fastapi_fullauth.adapters.sqlmodel`
+
+### Fixed
+
+- **OAuth state token TTL was ignored** — `OAUTH_STATE_EXPIRE_SECONDS` config had no effect; state tokens used `ACCESS_TOKEN_EXPIRE_MINUTES` (30 min) instead of the configured 5 min
+- **Refresh token reuse detection race condition** — two concurrent `/refresh` requests could both succeed before either revoked the token; added explicit blacklist check before issuing new tokens
+- **OAuth error messages leaked provider internals** — raw API responses from Google/GitHub were exposed in HTTP error details; now logged internally and replaced with generic messages
+
+### Changed
+
+- README rewritten with centered hero layout, badges, and documentation links
+- Documentation URL updated in `pyproject.toml` to point to GitHub Pages
+
 ## 0.4.0
 
 ### Added

fastapi_fullauth-0.6.0/CONTRIBUTING.md

@@ -0,0 +1,83 @@
+# Contributing to FastAPI FullAuth
+
+Thanks for your interest in contributing! Here's how to get started.
+
+## Development setup
+
+```bash
+git clone https://github.com/mdfarhankc/fastapi-fullauth.git
+cd fastapi-fullauth
+uv sync --dev --extra sqlalchemy --extra sqlmodel --extra redis --extra oauth
+```
+
+## Running tests
+
+```bash
+uv run pytest tests/ -v
+```
+
+## Linting and formatting
+
+```bash
+uv run ruff check .
+uv run ruff format .
+```
+
+Both must pass before submitting a PR. CI enforces this.
+
+## Making changes
+
+1. Fork the repo and create a branch from `main`
+2. Make your changes
+3. Add tests for new functionality
+4. Ensure all tests pass and lint is clean
+5. Submit a pull request
+
+## Branch naming
+
+- `feat/description` — new features
+- `fix/description` — bug fixes
+- `refactor/description` — code improvements
+- `docs/description` — documentation changes
+
+## Commit messages
+
+Keep them short and descriptive. Use imperative mood:
+
+- `add permission-based RBAC`
+- `fix OAuth state token TTL`
+- `update README with docs link`
+
+## What to contribute
+
+- Bug fixes
+- New OAuth providers (Apple, Discord, Microsoft, etc.)
+- Adapter implementations (MongoDB, Tortoise ORM, etc.)
+- Documentation improvements
+- Test coverage improvements
+- Performance improvements
+
+## Reporting bugs
+
+Use the [bug report template](https://github.com/mdfarhankc/fastapi-fullauth/issues/new?template=bug_report.yml) on GitHub Issues. Include:
+
+- Python version
+- fastapi-fullauth version
+- Minimal reproduction steps
+- Expected vs actual behavior
+
+## Requesting features
+
+Use the [feature request template](https://github.com/mdfarhankc/fastapi-fullauth/issues/new?template=feature_request.yml) on GitHub Issues.
+
+## Code style
+
+- Follow existing patterns in the codebase
+- Use type annotations
+- Keep functions focused and small
+- Log security-sensitive events via `logging.getLogger("fastapi_fullauth.*")`
+- Don't add docstrings/comments unless the logic isn't self-evident
+
+## License
+
+By contributing, you agree that your contributions will be licensed under the MIT License.

fastapi_fullauth-0.6.0/PKG-INFO

@@ -0,0 +1,338 @@
+Metadata-Version: 2.4
+Name: fastapi-fullauth
+Version: 0.6.0
+Summary: Production-grade, async-native authentication and authorization library for FastAPI
+Project-URL: Homepage, https://github.com/mdfarhankc/fastapi-fullauth
+Project-URL: Documentation, https://mdfarhankc.github.io/fastapi-fullauth
+Project-URL: Repository, https://github.com/mdfarhankc/fastapi-fullauth
+License-Expression: MIT
+License-File: LICENSE
+Keywords: argon2,authentication,authorization,fastapi,jwt,security
+Classifier: Development Status :: 3 - Alpha
+Classifier: Framework :: FastAPI
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Programming Language :: Python :: 3.14
+Classifier: Topic :: Security
+Classifier: Typing :: Typed
+Requires-Python: >=3.10
+Requires-Dist: argon2-cffi>=23.0
+Requires-Dist: fastapi>=0.110
+Requires-Dist: pydantic-settings>=2.0
+Requires-Dist: pydantic[email]>=2.0
+Requires-Dist: pyjwt>=2.8
+Requires-Dist: uuid-utils>=0.14.1
+Provides-Extra: all
+Requires-Dist: alembic>=1.13; extra == 'all'
+Requires-Dist: httpx>=0.25; extra == 'all'
+Requires-Dist: redis>=5.0; extra == 'all'
+Requires-Dist: sqlalchemy[asyncio]>=2.0; extra == 'all'
+Requires-Dist: sqlmodel>=0.0.16; extra == 'all'
+Provides-Extra: oauth
+Requires-Dist: httpx>=0.25; extra == 'oauth'
+Provides-Extra: redis
+Requires-Dist: redis>=5.0; extra == 'redis'
+Provides-Extra: sqlalchemy
+Requires-Dist: alembic>=1.13; extra == 'sqlalchemy'
+Requires-Dist: sqlalchemy[asyncio]>=2.0; extra == 'sqlalchemy'
+Provides-Extra: sqlmodel
+Requires-Dist: alembic>=1.13; extra == 'sqlmodel'
+Requires-Dist: sqlmodel>=0.0.16; extra == 'sqlmodel'
+Description-Content-Type: text/markdown
+
+<p align="center">
+  <img src="https://img.icons8.com/fluency/96/shield.png" alt="FastAPI FullAuth" width="96" height="96">
+</p>
+
+<h1 align="center">FastAPI FullAuth</h1>
+
+<p align="center">
+  <em>Production-grade, async-native authentication and authorization for FastAPI.</em>
+</p>
+
+<p align="center">
+  <a href="https://pypi.org/project/fastapi-fullauth/"><img src="https://img.shields.io/pypi/v/fastapi-fullauth?color=009688&label=pypi" alt="PyPI"></a>
+  <a href="https://pypi.org/project/fastapi-fullauth/"><img src="https://img.shields.io/pypi/pyversions/fastapi-fullauth?color=009688" alt="Python"></a>
+  <a href="https://github.com/mdfarhankc/fastapi-fullauth/actions/workflows/ci.yml"><img src="https://github.com/mdfarhankc/fastapi-fullauth/actions/workflows/ci.yml/badge.svg" alt="CI"></a>
+  <a href="https://opensource.org/licenses/MIT"><img src="https://img.shields.io/badge/license-MIT-009688" alt="License"></a>
+  <a href="https://mdfarhankc.github.io/fastapi-fullauth"><img src="https://img.shields.io/badge/docs-mdfarhankc.github.io-009688" alt="Docs"></a>
+</p>
+
+<p align="center">
+  <strong>Documentation</strong>: <a href="https://mdfarhankc.github.io/fastapi-fullauth">https://mdfarhankc.github.io/fastapi-fullauth</a>
+  <br>
+  <strong>Source Code</strong>: <a href="https://github.com/mdfarhankc/fastapi-fullauth">https://github.com/mdfarhankc/fastapi-fullauth</a>
+</p>
+
+---
+
+Add a complete authentication and authorization system to your **FastAPI** project. FastAPI FullAuth is designed to be production-ready, async-native, and pluggable — handling JWT tokens, refresh rotation, password hashing, email verification, OAuth2 social login, and role-based access out of the box.
+
+## Features
+
+- **JWT access + refresh tokens** with configurable expiry
+- **Refresh token rotation** with reuse detection — revokes entire session family on replay
+- **Password hashing** via Argon2id (default) or bcrypt, with transparent rehashing
+- **Email verification** and **password reset** flows with event hooks
+- **OAuth2 social login** — Google and GitHub, with multi-redirect-URI support
+- **Role-based access control** — `CurrentUser`, `VerifiedUser`, `SuperUser`, `require_role()`
+- **Rate limiting** — per-route auth limits + global middleware (memory or Redis)
+- **CSRF protection** and **security headers** middleware, auto-wired
+- **Pluggable adapters** — SQLModel, SQLAlchemy, or in-memory
+- **Generic type parameters** — define your own schemas with full IDE support and type safety
+- **Composable routers** — include only the route groups you need
+- **Event hooks** — `after_register`, `after_login`, `send_verification_email`, etc.
+- **Custom JWT claims** — embed app-specific data in tokens
+- **Structured logging** — all auth events, security violations, and failures logged
+- **Redis support** — token blacklist and rate limiter backends
+- **Python 3.10 – 3.14** supported
+
+## Installation
+
+```bash
+pip install fastapi-fullauth
+
+# with an ORM adapter
+pip install fastapi-fullauth[sqlmodel]
+pip install fastapi-fullauth[sqlalchemy]
+
+# with Redis for token blacklisting
+pip install fastapi-fullauth[sqlmodel,redis]
+
+# with OAuth2 social login
+pip install fastapi-fullauth[sqlmodel,oauth]
+
+# everything
+pip install fastapi-fullauth[all]
+```
+
+## Quick start
+
+```python
+from fastapi import FastAPI
+from fastapi_fullauth import FullAuth, FullAuthConfig
+from fastapi_fullauth.adapters.memory import InMemoryAdapter
+
+app = FastAPI()
+
+fullauth = FullAuth(
+    adapter=InMemoryAdapter(),
+    config=FullAuthConfig(SECRET_KEY="your-secret-key"),
+)
+fullauth.init_app(app)
+```
+
+That's it — all auth routes are registered under `/api/v1/auth/` automatically.
+
+Omit `config` in dev and a random secret key is generated (tokens won't survive restarts).
+
+### Composable routers
+
+Include only the route groups you need:
+
+```python
+app = FastAPI()
+app.state.fullauth = fullauth
+
+# pick what you want
+app.include_router(fullauth.auth_router, prefix="/api/v1/auth")
+app.include_router(fullauth.profile_router, prefix="/api/v1/auth")
+# skip verify, admin, oauth
+```
+
+| Router | Routes |
+|--------|--------|
+| `auth_router` | register, login, logout, refresh |
+| `profile_router` | me, verified-me, update profile, delete account, change password |
+| `verify_router` | email verification, password reset |
+| `admin_router` | assign/remove roles and permissions (superuser) |
+| `oauth_router` | OAuth provider routes (only if configured) |
+
+`fullauth.init_app(app)` includes all of them. Use individual routers for granular control.
+
+## Routes
+
+| Method | Path | Description |
+|--------|------|-------------|
+| `POST` | `/auth/register` | Create a new user |
+| `POST` | `/auth/login` | Authenticate, get tokens |
+| `POST` | `/auth/logout` | Blacklist token |
+| `POST` | `/auth/refresh` | Rotate token pair |
+| `GET` | `/auth/me` | Get current user |
+| `GET` | `/auth/me/verified` | Verified users only |
+| `PATCH` | `/auth/me` | Update profile |
+| `DELETE` | `/auth/me` | Delete account |
+| `POST` | `/auth/change-password` | Change password |
+| `POST` | `/auth/verify-email/request` | Request verification email |
+| `POST` | `/auth/verify-email/confirm` | Confirm email |
+| `POST` | `/auth/password-reset/request` | Request password reset |
+| `POST` | `/auth/password-reset/confirm` | Reset password |
+| `POST` | `/auth/admin/assign-role` | Assign role (superuser) |
+| `POST` | `/auth/admin/remove-role` | Remove role (superuser) |
+| `POST` | `/auth/admin/assign-permission` | Assign permission to role (superuser) |
+| `POST` | `/auth/admin/remove-permission` | Remove permission from role (superuser) |
+| `GET` | `/auth/admin/role-permissions/{role}` | List role's permissions (superuser) |
+
+With OAuth enabled, additional routes are registered under `/auth/oauth/`. All routes are prefixed with `/api/v1` by default.
+
+## Custom user schemas
+
+Define your model and schemas — pass them explicitly to the adapter:
+
+```python
+from sqlmodel import Field, Relationship
+from fastapi_fullauth import FullAuth, FullAuthConfig, UserSchema, CreateUserSchema
+from fastapi_fullauth.adapters.sqlmodel import (
+    UserBase, Role, UserRoleLink, RefreshTokenRecord, SQLModelAdapter,
+)
+
+class User(UserBase, table=True):
+    __tablename__ = "fullauth_users"
+
+    display_name: str = Field(default="", max_length=100)
+    phone: str = Field(default="", max_length=20)
+
+    roles: list[Role] = Relationship(link_model=UserRoleLink)
+    refresh_tokens: list[RefreshTokenRecord] = Relationship()
+
+class MyUserSchema(UserSchema):
+    display_name: str = ""
+    phone: str = ""
+
+class MyCreateSchema(CreateUserSchema):
+    display_name: str = ""
+
+fullauth = FullAuth(
+    adapter=SQLModelAdapter(
+        session_maker,
+        user_model=User,
+        user_schema=MyUserSchema,
+        create_user_schema=MyCreateSchema,
+    ),
+    config=FullAuthConfig(SECRET_KEY="..."),
+)
+```
+
+Full IDE autocompletion and type checking on custom fields. Use `get_current_user_dependency()` for typed dependencies:
+
+```python
+from typing import Annotated
+from fastapi import Depends
+from fastapi_fullauth.dependencies import get_current_user_dependency
+
+MyCurrentUser = Annotated[MyUserSchema, Depends(get_current_user_dependency(MyUserSchema))]
+
+@app.get("/profile")
+async def profile(user: MyCurrentUser):
+    return {"name": user.display_name}  # IDE knows this field exists
+```
+
+## Protected routes
+
+```python
+from fastapi import Depends
+from fastapi_fullauth.dependencies import CurrentUser, VerifiedUser, SuperUser, require_role
+
+@app.get("/profile")
+async def profile(user: CurrentUser):
+    return user
+
+@app.get("/dashboard")
+async def dashboard(user: VerifiedUser):
+    return {"email": user.email}
+
+@app.delete("/admin/users/{id}")
+async def delete_user(user: SuperUser):
+    ...
+
+@app.get("/editor")
+async def editor_panel(user=Depends(require_role("editor"))):
+    ...
+```
+
+## OAuth2 social login
+
+```python
+fullauth = FullAuth(
+    adapter=adapter,
+    config=FullAuthConfig(
+        SECRET_KEY="...",
+        OAUTH_PROVIDERS={
+            "google": {
+                "client_id": "your-google-client-id",
+                "client_secret": "your-google-secret",
+                "redirect_uris": [
+                    "http://localhost:3000/auth/callback",
+                    "https://myapp.com/auth/callback",
+                ],
+            },
+            "github": {
+                "client_id": "your-github-client-id",
+                "client_secret": "your-github-secret",
+                "redirect_uri": "http://localhost:3000/auth/callback",
+            },
+        },
+    ),
+)
+```
+
+Requires `httpx`: `pip install fastapi-fullauth[oauth]`
+
+## Event hooks
+
+```python
+async def welcome(user):
+    await send_email(user.email, "Welcome!")
+
+async def send_verify(email, token):
+    await send_email(email, f"Verify: https://myapp.com/verify?token={token}")
+
+fullauth.hooks.on("after_register", welcome)
+fullauth.hooks.on("send_verification_email", send_verify)
+```
+
+Events: `after_register`, `after_login`, `after_logout`, `after_password_change`, `after_password_reset`, `after_email_verify`, `send_verification_email`, `send_password_reset_email`, `after_oauth_login`
+
+## Configuration
+
+Pass a `FullAuthConfig` object or set env vars with `FULLAUTH_` prefix.
+
+```python
+fullauth = FullAuth(
+    adapter=adapter,
+    config=FullAuthConfig(
+        SECRET_KEY="...",
+        ACCESS_TOKEN_EXPIRE_MINUTES=60,
+        API_PREFIX="/api/v2",
+        LOGIN_FIELD="username",
+        PASSWORD_HASH_ALGORITHM="bcrypt",
+        BLACKLIST_BACKEND="redis",
+        REDIS_URL="redis://localhost:6379/0",
+        AUTH_RATE_LIMIT_ENABLED=True,
+        TRUSTED_PROXY_HEADERS=["X-Forwarded-For"],
+    ),
+)
+```
+
+See [Configuration docs](https://mdfarhankc.github.io/fastapi-fullauth/configuration/) for all options.
+
+## Development
+
+```bash
+git clone https://github.com/mdfarhankc/fastapi-fullauth.git
+cd fastapi-fullauth
+uv sync --dev --extra sqlalchemy --extra sqlmodel
+uv run pytest tests/ -v
+
+# run examples
+uv run uvicorn examples.memory_app.main:app --reload
+uv run uvicorn examples.sqlmodel_app.main:app --reload
+```
+
+## License
+
+MIT