Please enable JavaScript.
Coggle requires JavaScript to display documents.
Authorization and Authentication, steps of Authorization and Authetication…
Authorization and Authentication
Authorization
Purpose: Authorization controls what actions a user or system can perform after authentication.
Process: It determines the level of access based on roles, permissions, or policies.
Outcome: Authorized users can access specific resources or perform certain operations.
Example: A user with “admin” privileges can create, modify, or delete records in a database.
Authentication
Purpose: Authentication verifies the identity of a user or system.
Process: It involves validating credentials (such as username and password) to ensure that the user is who they claim to be.
Outcome: Successful authentication grants access to the system or application.
Example: Logging into an email account with a valid username and password.
steps of Authorization and Authetication
pip install fastapi uvicorn pydantic[dotenv] python-jose[pyjwt] passlib
this is not as such important you can directly import from fastapi
main.py
from fastapi import FastAPI
from fastapi.security import OAuth2PasswordBearer
from typing_extensions import Annotated
app = FastAPI()
oauth2_scheme = OAuth2PasswordBearer(tokenUrl="token")
app.post("/token")
async def login(username: str, password: str):
Validate user credentials (e.g., check against a database)
Generate a JWT token
Return the token
pass
app.get("/items/")
async def read_items(current_user: Annotated[str, Depends(get_current_user)]):
Only authorized users can access this route
Use
current_user
for further processing
pass
UTC 1917 + 2024 -2028
1917 + current time + 15 minutes plus = 900 sec