87 lines
2.7 KiB
Markdown
87 lines
2.7 KiB
Markdown
|
# Auth0 + Python + FastAPI API Seed
|
||
|
|
||
|
This is the seed project you need to use if you're going to create an API using FastAPI in Python and Auth0. If you just want to create a Regular Python WebApp, please check [this project](https://github.com/auth0-samples/auth0-python-web-app/tree/master/01-Login)
|
||
|
|
||
|
## Running the example
|
||
|
|
||
|
In order to run the example you need to have `python3` (any version higher than `3.6`) and `pip3` installed.
|
||
|
|
||
|
### Configuration
|
||
|
|
||
|
The configuration you'll need is mostly information from Auth0, you'll need both the tentant domain and the API information.
|
||
|
|
||
|
This app reads its configuration information from a `.env` file by default.
|
||
|
|
||
|
To create a `.env` file you can copy the `.env.example` file and fill the values accordingly:
|
||
|
|
||
|
```console
|
||
|
cp .env.example .env
|
||
|
```
|
||
|
|
||
|
Alternatively you can use environment variables to define your application's settings (remember to update the values accordingly):
|
||
|
|
||
|
```console
|
||
|
export AUTH0_DOMAIN='your.domain.auth0.com'
|
||
|
export AUTH0_API_AUDIENCE='your.api.audience'
|
||
|
export AUTH0_ISSUER='https://your.domain.auth0.com'
|
||
|
export AUTH0_ALGORITHMS='RS256'
|
||
|
```
|
||
|
|
||
|
### Spin up the server
|
||
|
|
||
|
Once you've set your environment information below you'll find the commands you'll need.
|
||
|
|
||
|
1. Create and activate a python environment:
|
||
|
|
||
|
```console
|
||
|
python3 -m venv .venv
|
||
|
source .venv/bin/activate
|
||
|
```
|
||
|
|
||
|
2. Install the needed dependencies with:
|
||
|
|
||
|
```console
|
||
|
pip install -r requirements.txt
|
||
|
```
|
||
|
3. Start the server with the following:
|
||
|
|
||
|
```console
|
||
|
uvicorn application.main:app
|
||
|
```
|
||
|
|
||
|
4. Try calling [http://localhost:8000/api/public](http://localhost:8000/api/public)
|
||
|
|
||
|
```
|
||
|
curl -X 'GET' \
|
||
|
'http://localhost:8000/api/public' \
|
||
|
-H 'accept: application/json'
|
||
|
```
|
||
|
|
||
|
## API documentation
|
||
|
|
||
|
Access [http://localhost:8000/docs](http://localhost:8000/docs). From there you'll see all endpoints and can test your API
|
||
|
|
||
|
### Testing the API
|
||
|
|
||
|
#### Private endpoint
|
||
|
|
||
|
You can then try to do a GET to [http://localhost:8000/api/private](http://localhost:8000/api/private) which will throw an error if you don't send an access token signed with RS256 with the appropriate issuer and audience in the Authorization header.
|
||
|
|
||
|
```console
|
||
|
curl -X 'GET' \
|
||
|
'http://localhost:8000/api/private' \
|
||
|
-H 'accept: application/json' \
|
||
|
-H 'Authorization: Bearer <FILL YOUR TOKEN HERE>'
|
||
|
```
|
||
|
|
||
|
#### Private-Scoped endpoint
|
||
|
|
||
|
You can also try to do a GET to [http://localhost:8000/api/private-scoped](http://localhost:8000/api/private-scoped) which will throw an error if you don't send an access token with the scope `read:messages` signed with RS256 with the appropriate issuer and audience in the Authorization header.
|
||
|
|
||
|
```console
|
||
|
curl -X 'GET' \
|
||
|
'http://localhost:8000/api/private-scoped' \
|
||
|
-H 'accept: application/json' \
|
||
|
-H 'Authorization: Bearer <FILL YOUR TOKEN WITH SCOPES HERE>'
|
||
|
```
|