DEV Community

Dillion Huston
Dillion Huston

Posted on

Building a User Authentication and File Management API with FastAPI

#fastapi #python #backend #jwt

Over the past two weeks, I’ve been working on a backend API project using FastAPI. The goal is to build a solid foundation for user authentication and a file management system.

Week 1: User Authentication System

  • Initialized a FastAPI project with virtualenv and managed dependencies in requirements.txt.
  • Configured environment variables with python-dotenv for things like SECRET_KEY and DATABASE_URL.
  • Created the User model using SQLAlchemy with fields including id, email, hashed_password, and status flags.
  • Implemented JWT-based authentication including user registration, login, and token refresh.
  • Built user endpoints (/register, /login, /me) for managing user actions.
  • Added dependency injection for database sessions and authentication in the routes.
  • Wrote basic tests for authentication endpoints.

At the end of week one, the API supports user registration and login, returning JWT tokens for authorized access.

Week 2: File Management System

  • Added a File model linked to users, storing file metadata such as filename, hash, and upload date.
  • Created file endpoints to upload, list, and delete files (/upload, /list, /delete/{file_id}).
  • Handled file uploads with python-multipart, storing files on disk using unique filenames.
  • Computed and stored SHA-256 hashes for uploaded files to ensure integrity.
  • Restricted file access based on user authentication, enforcing ownership rules.
  • Implemented validation for file size and allowed extensions.
  • Started writing tests for the file management functionality.

What’s next?

Moving forward, I plan to:

  • Enhance file validation and error handling.
  • Add support for user roles and permissions.
  • Integrate background tasks for file maintenance using Celery.
  • Improve test coverage and add documentation.

Try it out

The project is open source and available on GitHub: Task Automation API

Feedback and contributions are welcome.

If you’re interested in backend APIs, FastAPI is a great framework that makes building async, secure APIs straightforward. This project is a good way to practice authentication, file handling, and database relationships.

Thanks for reading!

Top comments (0)