Category Archives: Implementing Technology

Control Access to a FastAPI App

Leave a reply

Controlling access to a FastAPI app typically involves implementing authentication and authorization mechanisms. Here are some **decent approaches** to achieve this:

## 1. Authentication

– **OAuth2 with Password (and Bearer)**

    – Use FastAPI’s built-in support for OAuth2 for handling user login and issuing JWT tokens.

    – Users authenticate by providing a username and password, and receive a token which they then include in the Authorization header for subsequent API requests.

– **API Key**

    – Require clients to include a secret API key (in headers or query parameters) with each request.

    – Simple but less user-friendly and secure than OAuth2/JWT.

– **Session Authentication**

    – Use cookie-based sessions for traditional web apps.

## 2. Authorization

– **Role-Based Access Control (RBAC)**

    – Assign users roles (like admin, user, guest) and restrict certain endpoints or actions based on the user’s role.

– **Resource-Based Permissions**

    – Check user-specific access for resources (e.g., users can only access their own data).

## 3. Implementation in FastAPI

Example of using OAuth2/JWT bearer authentication:

“`python

from fastapi import FastAPI, Depends, HTTPException, status

from fastapi.security import OAuth2PasswordBearer

from jose import JWTError, jwt

app = FastAPI()

oauth2_scheme = OAuth2PasswordBearer(tokenUrl=”token”)

def verify_token(token: str = Depends(oauth2_scheme)):

    # Add your logic to verify JWT token here

    try:

        payload = jwt.decode(token, “your_secret_key”, algorithms=[“HS256”])

        return payload

    except JWTError:

        raise HTTPException(status_code=401, detail=”Invalid token”)

@app.get(“/protected-route”)

def protected_route(user=Depends(verify_token)):

    return {“message”: “You have access!”}

“`

## 4. Third-Party Libraries

– **fastapi-users**

Provides pluggable user authentication, registration, password management, and more.

– **Authlib**

Flexible library for implementing OAuth and JWT.

## 5. Additional Tips

– Always use HTTPS in production to protect credentials in transit.

– Regularly update dependencies to keep security patches up to date.

– Use environment variables to store secrets (never commit secrets in code).

This approach ensures robust access control suitable for both web and API-based FastAPI apps.

Deploy FastAPI App onto AWS

Leave a reply

Here’s a comprehensive guide for deploying a FastAPI application with Docker on AWS:This comprehensive guide covers multiple deployment strategies for FastAPI applications on AWS. Here are the key approaches:

For “production” applications:

  • ECS with Fargate for scalable, managed container orchestration
  • Application Load Balancer for high availability and SSL termination
  • ECR for private container registry
  • CloudWatch for monitoring and logging

For simple/low-traffic applications:

  • Lambda with Mangum for serverless deployment (cost-effective for sporadic traffic)
  • EC2 with Docker Compose for full control

Key considerations:

  • Use multi-stage builds to minimize image size
  • Implement proper health checks
  • Set up auto-scaling policies
  • Use infrastructure as code (Terraform/CloudFormation)
  • Implement CI/CD pipelines for automated deployments

– manzoor

Computing Power YT

SQLAlchemy

Leave a reply

SQLAlchemy is an ORM that allows interacting with DB using Python objects instead of writing raw SQL queries. Which in turn allows for developing Python solutions more in it’s own without having to jump out into SQL.

In addition, SQLAlchemy supports SQLite, PostgreSQL, MySQL and many many other DBs. Which takes yet another layer of abstraction for the development.

– manzoor

Large Language Models

Leave a reply

ChatGPT became publicly available in late 2022 and ever since there seems to have been a race in this AI domain. I have not really been really into the whole thing but am getting really interested.

A very high level timeline (will need to update / correct at some point)

2017 – some scientists at Google publish a paper, “Attention is all you need” proposing a new model called Transformer

2018 – GPT-1 with 117M Parameters

2019 – GPT-2 with 1.5B

2020 – GPT-3 175B

2022 – we have RLHF, Reinforcement Learning from Human Feedback, and ChatGPT

2023 – GPT-4 1T

2024 – GPT-4o

– manzoor

Cloud Storage – Amazon S3 vs Google Cloud Storage

Leave a reply

I find myself at an interesting crossroad – for the first time I am considering Web Services from someone other than Amazon AWS. To be fair, I do find myself at this position because for the first time I am the one making these technological choices as opposed to being handed choices that were already made.

I have always wanted to try other services and this is the perfect situation.

I am choosing to deploy my react app on GCP with Firebase and will try to use both S3 and Google Cloud Storage to be able to compare.

– manzoor

  • Four critical differences between Google Cloud Storage AND Amazon S3 APIS
  • Google Cloud Storage vs. Amazon S3

    • Deploy React – on AWS

    Leave a reply

    Deploy on to AWS EC2 running nginx

    1. ssh into the EC2 instance
    2. if npm is NOT installed, execute sudo apt install npm -y
    3. cd into <dev> dir
    4. git clone the repo
    5. cd into the repo
    6. execute npm install
    7. execute npm run build
    8. cp -R dist/* /var/www/<host>/html
    9. might have to re-launch nginx

    – manzoor