Over the past two weeks, I’ve been working on a backend API project using FastAPI. The goal is to build a solid foundation for user authentication and a file management system.
Week 1: User Authentication System
- Initialized a FastAPI project with virtualenv and managed dependencies in requirements.txt.
- Configured environment variables with python-dotenv for things like
SECRET_KEY
andDATABASE_URL
. - Created the User model using SQLAlchemy with fields including
id
,email
,hashed_password
, and status flags. - Implemented JWT-based authentication including user registration, login, and token refresh.
- Built user endpoints (
/register
,/login
,/me
) for managing user actions. - Added dependency injection for database sessions and authentication in the routes.
- Wrote basic tests for authentication endpoints.
At the end of week one, the API supports user registration and login, returning JWT tokens for authorized access.
Week 2: File Management System
- Added a File model linked to users, storing file metadata such as filename, hash, and upload date.
- Created file endpoints to upload, list, and delete files (
/upload
,/list
,/delete/{file_id}
). - Handled file uploads with python-multipart, storing files on disk using unique filenames.
- Computed and stored SHA-256 hashes for uploaded files to ensure integrity.
- Restricted file access based on user authentication, enforcing ownership rules.
- Implemented validation for file size and allowed extensions.
- Started writing tests for the file management functionality.
What’s next?
Moving forward, I plan to:
- Enhance file validation and error handling.
- Add support for user roles and permissions.
- Integrate background tasks for file maintenance using Celery.
- Improve test coverage and add documentation.
Try it out
The project is open source and available on GitHub: Task Automation API
Feedback and contributions are welcome.
If you’re interested in backend APIs, FastAPI is a great framework that makes building async, secure APIs straightforward. This project is a good way to practice authentication, file handling, and database relationships.
Thanks for reading!
Top comments (0)