Python FastAPI Authorization
About
This module covers the fundamentals of authorization in FastAPI, ensuring that users can only access and modify the data they are allowed to. Students will learn how to secure API routes using route-level permissions and enforce object-level permissions based on data ownership.By the end of this module, students will be able to implement authentication checks, manage user access, and restrict actions on protected resources.
Content
| Lesson | Est. Delivery Time | Skills |
|---|---|---|
| Setup | 5 min | Set up the development environment. |
| Concepts | 5 min | Learn how authorization techniques control access to API routes using route-level and object-level permissions. |
FastAPI’s Depends Function |
10 min | Understand FastAPI’s Depends function for handling dependencies in route processing. |
| Decoding JWT Tokens | 10 min | Implement JWT token decoding to authenticate API requests. |
| Securing FastAPI Routes | 15 min | Implement the get_current_user dependency to verify login tokens and protect routes. |
| Managing Model Relationships | 15 min | Update FastAPI data models to define and enforce relationships between different entities. |
| Modifying the Tea Serializer | 10 min | Modify the teas serializer to reflect changes in relationships with users. |
| Updating the Seed File | 10 min | Update the seed file to create and link related data entities in the database. |
| Associating User Data with New Records | 15 min | Associate the current logged-in user’s data with newly created records in FastAPI. |
Verifying Permissions for PUT and DELETE |
15 min | Implement controller logic to verify data permissions for PUT and DELETE routes based on the current user’s data. |
| Total content | 110 min |