Tag Archives: Technology

Control Access to a FastAPI App

Leave a reply

Controlling access to a FastAPI app typically involves implementing authentication and authorization mechanisms. Here are some **decent approaches** to achieve this:

## 1. Authentication

– **OAuth2 with Password (and Bearer)**

    – Use FastAPI’s built-in support for OAuth2 for handling user login and issuing JWT tokens.

    – Users authenticate by providing a username and password, and receive a token which they then include in the Authorization header for subsequent API requests.

– **API Key**

    – Require clients to include a secret API key (in headers or query parameters) with each request.

    – Simple but less user-friendly and secure than OAuth2/JWT.

– **Session Authentication**

    – Use cookie-based sessions for traditional web apps.

## 2. Authorization

– **Role-Based Access Control (RBAC)**

    – Assign users roles (like admin, user, guest) and restrict certain endpoints or actions based on the user’s role.

– **Resource-Based Permissions**

    – Check user-specific access for resources (e.g., users can only access their own data).

## 3. Implementation in FastAPI

Example of using OAuth2/JWT bearer authentication:

“`python

from fastapi import FastAPI, Depends, HTTPException, status

from fastapi.security import OAuth2PasswordBearer

from jose import JWTError, jwt

app = FastAPI()

oauth2_scheme = OAuth2PasswordBearer(tokenUrl=”token”)

def verify_token(token: str = Depends(oauth2_scheme)):

    # Add your logic to verify JWT token here

    try:

        payload = jwt.decode(token, “your_secret_key”, algorithms=[“HS256”])

        return payload

    except JWTError:

        raise HTTPException(status_code=401, detail=”Invalid token”)

@app.get(“/protected-route”)

def protected_route(user=Depends(verify_token)):

    return {“message”: “You have access!”}

“`

## 4. Third-Party Libraries

– **fastapi-users**

Provides pluggable user authentication, registration, password management, and more.

– **Authlib**

Flexible library for implementing OAuth and JWT.

## 5. Additional Tips

– Always use HTTPS in production to protect credentials in transit.

– Regularly update dependencies to keep security patches up to date.

– Use environment variables to store secrets (never commit secrets in code).

This approach ensures robust access control suitable for both web and API-based FastAPI apps.

Deploy React – on AWS

Leave a reply

Deploy on to AWS EC2 running nginx

  1. ssh into the EC2 instance
  2. if npm is NOT installed, execute sudo apt install npm -y
  3. cd into <dev> dir
  4. git clone the repo
  5. cd into the repo
  6. execute npm install
  7. execute npm run build
  8. cp -R dist/* /var/www/<host>/html
  9. might have to re-launch nginx

– manzoor

React Hello World

Leave a reply

Create the App

  1. cd into a new / clean dir
  2. execute – npx create-react-app <app_name>
  3. a new sub-dir with this app_name will be created
  4. cd into the new sub-dir with the new app_name
  5. execute npm start – this will eventually list a local URL Open a browser to this to verify the new app is running
  6. Edit the App.js file in src dir and clear most of the content and simply replace it with “Hello World”. The app should now show “Hello World” text.

Customize the App

  1. stop the app (at least for the next step)
  2. Add bootstrap (for CSS styling)
    • execute npm install bootstrap
  3. at this point can re-launch the app by executing npm run dev

– manzoor

Deploy on to AWS

Deploy on to Heroku

Ephemeral Social Networking

Leave a reply

Fleets from twitter will be the most recent addition to a concept that first started with SnapChat. I must confess – I never quite understood the whole idea. But of course, I also don’t understand ever deleting / destroying / throwing away anything.

Of course things live out their “need” or “relevance”, i.e., the lives and then they go away naturally. That to me makes sense.

– manzoor

Building Blocks

Leave a reply

I am currently working on a User Authentication module for a Django project and am anticipating using this in other Django projects. Wondering, not just with the User Authentication module, but other similar common building block modules that I could be working on and using in various projects – how would I plan on doing that.

I am also, for now at least, using Django as my backend for not only the web and mobile applications I am currently working on but also the native iOS apps I have plans to begin soon.

– manzoor