A full-featured authentication API built with FastAPI, SQLAlchemy, JWT, and Passlib. Supports user registration, login, token-based authentication, and protected routes.
- User registration with hashed passwords
- Login with email & password
- JWT access and refresh tokens
- Protected endpoints requiring authentication
- Password hashing with bcrypt
- Simple SQLAlchemy-based database integration
- Clone the repository:
git clone https://github.com/Seyed-Cj/TelegramBot-FastAPI-Panel.git
cd FastAPI-Auth- Create and activate a virtual environment:
python -m venv venv
source venv/bin/activate # On Windows: venv\Scripts\activate- Install dependencies:
pip install -r requirements.txt- Set up environment variables in .env:
SECRET_KEY=123456
MYSQL_USER=root
MYSQL_PASSWORD=
MYSQL_HOST=127.0.0.1
MYSQL_PORT=3306
MYSQL_DB=fastapi_auth
ACCESS_TOKEN_EXPIRE_MINUTES=15
REFRESH_TOKEN_EXPIRE_DAYS=7- Run the application:
uvicorn app.main:app --reload- Register
- POST /auth/register
- Request (JSON):
{
"user_name": "seyed",
"email": "seyed@example.com",
"password": "securepassword"
}- Login
- POST /auth/login
- Request (JSON):
{
"email": "seyed@example.com",
"password": "securepassword"
}- Refresh Access Token
- POST /auth/refresh
- Request (JSON):
{
"refresh_token": "jwt_refresh_token"
}- Passwords are bcrypt-hashed and never stored in plaintext.
- Tokens are JWT-based with expiry.
- Always protect .env secrets.
- Truncate passwords manually if longer than 72 bytes due to bcrypt limitation.