101591 Views
79842 Views
45596 Views
44332 Views
40991 Views
33419 Views
Raspberry Pi Time machine
Now Ad-Free
Guiding Light
Sync Files on your Pis, with Syncthing
NextCloud
Buddy Jr.
Introduction to FreeCAD for Beginners
Building a Robot Arm with Raspberry Pi and PCA9685
Building User Authentication for Static Sites with FastAPI
Mastering Pydantic for Robust Data Validation
Mastering Markdown for Documentation with Jekyll
Introduction to Rust
KevsRobots Learning Platform
66% Percent Complete
By Kevin McAleer, 3 Minutes
With our user models in place, we can now implement the registration and login functionalities. This process involves securely handling passwords, verifying user credentials, and generating authentication tokens.
Before saving a user’s password to the database, we must hash it. Using a library like passlib, we can securely hash passwords.
passlib
from passlib.context import CryptContext pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto") def get_password_hash(password): return pwd_context.hash(password)
Our registration endpoint will accept username, email, and password, validate the data, hash the password, and then save the new user to the database.
from fastapi import FastAPI, HTTPException, Depends from sqlalchemy.orm import Session from . import models, schemas from .database import SessionLocal, engine app = FastAPI() # Dependency def get_db(): db = SessionLocal() try: yield db finally: db.close() @app.post("/register/") def register_user(user: schemas.UserCreate, db: Session = Depends(get_db)): db_user = db.query(models.User).filter(models.User.email == user.email).first() if db_user: raise HTTPException(status_code=400, detail="Email already registered") hashed_password = get_password_hash(user.password) db_user = models.User(username=user.username, email=user.email, hashed_password=hashed_password) db.add(db_user) db.commit() db.refresh(db_user) return {"username": db_user.username, "email": db_user.email}
To log in a user, we need to verify their email and password. This involves fetching the user from the database and checking the password hash.
def verify_password(plain_password, hashed_password): return pwd_context.verify(plain_password, hashed_password) def authenticate_user(email: str, password: str, db: Session = Depends(get_db)): user = db.query(models.User).filter(models.User.email == email).first() if not user or not verify_password(password, user.hashed_password): return False return user
After verifying the user, we generate a JWT token for session management. This token is sent back to the user and used in subsequent requests.
from datetime import datetime, timedelta import jwt SECRET_KEY = "your_secret_key" ALGORITHM = "HS256" def create_access_token(data: dict, expires_delta: timedelta = None): to_encode = data.copy() if expires_delta: expire = datetime.utcnow() + expires_delta else: expire = datetime.utcnow() + timedelta(minutes=15) to_encode.update({"exp": expire}) encoded_jwt = jwt.encode(to_encode, SECRET_KEY, algorithm=ALGORITHM) return encoded_jwt
You’ve now implemented the registration and login functionalities, including secure password handling and JWT token generation. These are key components of our user authentication system. In the next lessons, we’ll explore how to use these tokens for authenticating API requests and managing user sessions.
Implement an endpoint for logging out users. Consider how you would invalidate the JWT token and what impact this has on the server and client side of your application.
< Previous Next >