DEV Community: Jean-Gaël

Building a Production-Ready FastAPI Boilerplate with Clean Architecture

Jean-Gaël — Thu, 22 Jan 2026 11:38:33 +0000

I Built a Production-Ready FastAPI Boilerplate (So You Don't Have To)

Starting a new FastAPI project? You know the drill: configure linting, set up auth, write Docker files, configure tests... Hours wasted before writing a single feature.

So I built a boilerplate that does all of this for you.

🎯 What's Inside?

Architecture

✅ Clean Architecture (routes → services → repositories → models)
✅ Repository Pattern
✅ Dependency Injection
✅ Type hints everywhere

Authentication

✅ Complete JWT implementation
✅ Refresh tokens (stored in database)
✅ Password hashing (bcrypt)

Developer Experience

✅ All tools pre-configured: Black, Ruff, MyPy, Bandit
✅ Pre-commit hooks
✅ Makefile with useful commands
✅ 1500+ lines of documentation

Testing & DevOps

✅ Pytest with fixtures
✅ Docker & Docker Compose
✅ GitHub Actions CI/CD
✅ PostgreSQL + SQLite support

🏗️ Architecture

API Layer (FastAPI)
    ↓
Schemas (Pydantic DTOs)
    ↓
Services (Business Logic)
    ↓
Repositories (Data Access)
    ↓
Models (SQLAlchemy)

Why this structure?

Each layer has one responsibility
Easy to test (mock any layer)
Easy to swap implementations
Scales well

📝 Quick Example: User Registration

# 1. API receives request
@router.post("/register", response_model=UserResponse)
async def register(user_data: UserCreateDTO, service: UserService = Depends()):
    return service.create_user(user_data)

# 2. Service applies business logic
class UserService:
    def create_user(self, user_data: UserCreateDTO) -> User:
        if self.repo.get_by_email(user_data.email):
            raise ValueError("Email exists")
        return self.repo.create(user_data)

# 3. Repository talks to database
class UserRepository: 
    def create(self, user_data: UserCreateDTO) -> User:
        user = User(email=user_data.email, 
                   hashed_password=hash_password(user_data.password))
        self.db.add(user)
        self.db.commit()
        return user

Clean, testable, maintainable. ✨

🚀 Getting Started

# 1. Use as template (click button on GitHub)
# 2. Clone your repo
git clone your-new-repo

# 3. Setup
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

# 4. Configure
cp .env.example .env

# 5. Run
make dev

Visit http://localhost:8000/docs - you have a working API with auth!

🛠️ Developer Tools

Everything is configured. Just use it:

make format   # Black + isort
make lint     # Ruff + MyPy
make test     # Pytest with coverage
make security # Bandit + Safety
make docker-up # Start everything

🔐 Security Built-In

JWT tokens (short-lived access + refresh)
Password hashing (bcrypt)
Security scanning (Bandit, Safety)
Pre-commit hooks prevent issues
CORS configured

📚 Documentation

Not just a README. Actual guides:

Usage Guide (300+ lines) - How to develop, test, deploy
Architecture Doc - Why decisions were made
Contributing Guide - How to contribute

🎁 What You Get

Skip all the boring setup:

❌ No more "how do I structure this?"
❌ No more configuring linting tools
❌ No more setting up auth from scratch
❌ No more writing Docker files
❌ No more CI/CD configuration

✅ Just start building features.

🤔 Why Another Boilerplate?

Most boilerplates:

Flat structure (everything in one place)
Minimal docs
Basic auth (if any)
No tests
No dev tools

This one:

Clean architecture
Comprehensive docs
Complete auth system
Full test suite
All dev tools configured

📦 Try It

GitHub: Alwil17/fastapi-boilerplate

Click "Use this template" → Start building in minutes.

⭐ If you find it useful, give it a star on GitHub!

Questions? Drop them below! 👇

Tech Stack: FastAPI • SQLAlchemy • PostgreSQL • Docker • JWT • Pytest • GitHub Actions

Python #FastAPI #CleanArchitecture #Boilerplate

Automate GitHub like a pro: Build your own bot with TypeScript and Serverless

Jean-Gaël — Tue, 01 Jul 2025 19:48:07 +0000

Maintaining a repo is more than just writing code.

You label issues, respond to PRs… and somehow keep track of all the // TODO comments scattered across the codebase.

I got tired of juggling all this manually. So I built a bot.

🤖 Meet AutoMaintainer-bot

It’s a lightweight GitHub App built with Probot and deployed serverlessly on GCF. Here's what it does:

🏷️ Automatically labels issues based on their content
💬 Welcomes new contributors when they open their first issue
📌 Scans code for // TODO: and creates issues for them
📦 Runs entirely serverless — zero infrastructure needed

And yes, it works across multiple repositories.

🛠️ Tech stack

TypeScript for clean, typed logic
Probot to handle GitHub events with ease
Google Cloud run function for instant serverless deployment
GitHub App with custom permissions
Optional: YAML config to tweak behavior per repo

💡 Why this matters

Automating boring tasks = more time to build
Improves contributor experience
Encourages TODO discipline
Serverless = no ops burden

🔗 Open-source project

You can find the full bot code here:
👉 https://github.com/Alwil17/automaintainer-bot

SecurePasswordCrypt: Secure AES-GCM Encryption & Password Hashing for .NET Projects

Jean-Gaël — Sun, 06 Apr 2025 05:02:38 +0000

Managing secrets—connection strings, API keys, user passwords—can quickly become a headache, especially when you need to ship background jobs, microservices or CI/CD pipelines. Plaintext secrets in code or configuration are a liability.

Enter SecurePasswordCrypt, a lightweight, self-contained .NET library that brings together:

🔐 AES-GCM encryption/decryption (authenticated encryption)
🧂 PBKDF2 (Rfc2898) key derivation with 100,000 iterations
🔑 SHA-256-based password hashing and constant-time verification

This package helps you store, transport and verify secrets safely in any .NET application—console, web, Azure Function, background worker… even within your CI/CD pipeline.

Introduction

Install directly from NuGet:

dotnet add package SecurePasswordCrypt

Or browse the package page: Nuget.org

Grab the latest source or contribute on GitHub: Github

Quick Start

Encrypt / Decrypt

using SecurePasswordCrypt;

string secret = "MySuperSecretValue";
string masterKey = "UltraSecureMasterKey123";

// Encrypt
string cipherText = CryptoService.Encrypt(secret, masterKey);

// Decrypt
string plainText = CryptoService.Decrypt(cipherText, masterKey);
Console.WriteLine(plainText); // "MySuperSecretValue"

Hash / Verify Passwords

// Hash user password for storage
string userPwd = "UserPassword!";
string storedHash = CryptoService.HashPassword(userPwd);

// Later, verify login
bool isValid = CryptoService.VerifyPassword("UserPassword!", storedHash);
Console.WriteLine(isValid); // true

Under the Hood

PBKDF2 derives a strong 256-bit key from your password + random salt (16 bytes). 100,000 iterations slow down brute-force.
AES-GCM uses that key to encrypt data with:
- 96-bit random nonce
- 128-bit authentication tag (detects tampering)
The encrypted payload is packaged as Base64:

[ salt | nonce | tag | ciphertext ]

For password hashing, the library generates a new salt and stores:

[ salt + derivedKey ] as Base64

Constant-time comparison prevents timing attacks when verifying.

Integration Tips

Class Library: Reference the NuGet package or add as project reference.
Configuration: Keep your master key in a secure vault (Azure Key Vault, AWS Secrets Manager, HashiCorp Vault). Retrieve it at runtime.
Connection Strings: Encrypt your DB password, store the cipher in config, decrypt on startup.
CI/CD: Combine with GitHub Actions or Azure Pipelines to encrypt secrets and publish packages.

Contribute & Feedback

Issues & PRs: https://github.com/Alwil17/SecurePasswordCrypt
Feature Requests: Open an issue and describe your use case.
Stars & Follows: Encouraged!

Happy coding, and may your secrets stay secret! 🔐

Published on Dev.to by Alwil17

Introducing RatingAPI - Scalable, Secure & Open Source!

Jean-Gaël — Tue, 01 Apr 2025 04:51:56 +0000

Hey Dev.to Community! 👋I'm excited to introduce my lightweight RatingAPI, a FastAPI-based backend designed for scalability, security, and high performance. Whether you're building a startup-grade application or just exploring new backend architectures, this project has everything you need! 🎯

🔥 Key Features

✅ FastAPI-powered - High performance & async-ready!
✅ JWT Authentication - Secure user authentication & role management 🔐
✅ Database Optimization - PostgreSQL with best practices 🚀
✅ CI/CD Ready - Automated workflows using GitHub Actions 🤖
✅ Monitoring & Logging - Integrated Prometheus, Grafana, and structured logging 📊
✅ Scalability - Supports Docker & Kubernetes for containerized
✅ Security & Compliance - Regular vulnerability scanning & best security practices 🛡️

📌 How to Get Started

Clone the repo and set up your environment:

git clone https://github.com/Alwil17/rating-api.git
cd rating-api
cp .env.example .env
pip install -r requirements.txt
uvicorn app.main:app --reload

Access the API Docs at: http://localhost:8000/docs

🌍 Contribute & Join the Community

We're looking for contributors! If you're into FastAPI, DevOps, or Security, check out the issues labeled "good first issue" and start contributing. 💡

🔗 GitHub Repo: https://github.com/Alwil17/rating-api
💬 Join the Discussion: GitHub Discussions

🚀 Let's build something awesome together! Drop your thoughts, feedback, and questions in the comments. 👇