Authx
Ready-to-use and customizable Authentications and Oauth2 management for FastAPI ⚡
| Project | Status |
|---|---|
| CI |    |
| Meta |      |
Source Code: https://github.com/yezz123/authx
Documentation: https://authx.yezz.me/
Add a fully featured authentication and authorization system to your FastAPI project. AuthX is designed to be simple, customizable, and secure.
Installation#
Quick Start#
Here's a complete working example you can copy and run:
from fastapi import FastAPI, Depends, HTTPException
from authx import AuthX, AuthXConfig
app = FastAPI()
# Configure AuthX
config = AuthXConfig(
JWT_SECRET_KEY="your-secret-key", # Change this in production!
JWT_TOKEN_LOCATION=["headers"],
)
auth = AuthX(config=config)
auth.handle_errors(app) # Register error handlers for proper responses
@app.post("/login")
def login(username: str, password: str):
if username == "test" and password == "test":
token = auth.create_access_token(uid=username)
return {"access_token": token}
raise HTTPException(401, detail="Invalid credentials")
@app.get("/protected", dependencies=[Depends(auth.access_token_required)])
def protected():
return {"message": "Hello World"}
Test it:
# Login to get a token
curl -X POST "http://localhost:8000/login?username=test&password=test"
# {"access_token": "eyJ..."}
# Access protected route
curl -H "Authorization: Bearer <your-token>" http://localhost:8000/protected
# {"message": "Hello World"}
Features#
- Support for Python 3.9+ and Pydantic 2
- JWT authentication with multiple token locations:
- Headers (Bearer token)
- Cookies (with CSRF protection)
- Query parameters
- JSON body
- Access and refresh token support
- Token freshness for sensitive operations
- Token blocklist/revocation
- Extensible error handling
Extra Features#
Install authx-extra for additional features:
- Redis session store and cache
- HTTP caching
- Performance profiling with pyinstrument
- Prometheus metrics
Note: Check Release Notes for the latest updates.