We have been using FastAPI along with the Test-Driven Development process to come up with an authentication system. Till now we can register to own a tiny application using a username and password. We are also able to generate a JWT token to be classified as a logged-in user. But there is no point in logging in until the logged-in user can do something privileged. In this iteration of the series, we'd see how to access a protected endpoint using FastAPI and JWT.
In the last couple of posts in TDD Auth with FastAPI series, we've been sustainably moved towards a web service that can let users register with the service. Now what? We have already done the easy part. The next part is to look at the authorization. This involves letting the user log in. And only give access to what they are authorized for. Let us look at the login part first.
If you are following this series from start, you know that we can already create user from our API. But we have our tests failing right now, which is kind of smelly. In this post, we takle with the problem in our hand and discuss some methods we can do it with. One of them is dependency injection.
In the last post in the series we did the project setup and seen some FastAPI basics along with red-green-refactor mantra of TDD. In this post, we talk about setting up the database and and implementing the user registration.
I have been tinkering with this new framework and have a little bit of experience with FastAPI as of now. What I've though of is to do a post about authentication and authorization. I'm sure going to do a registration and login system and nothing fancy this time. I am going to use JWT as authorization mechanism.