Welcome to FastAPI-Integrations. This project leverages the power of FastAPI, SQLAlchemy, and PostgreSQL to create a robust and scalable backend. It features user authentication and authorization using JWT, integrates Google OAuth 2.0 for seamless login experiences, and connects with the Zoom API to schedule virtual meetings effortlessly.
In today's fast-paced digital world, companies need to provide quick and efficient ways for users to access their services. This project addresses that need by enabling virtual consultations, reducing the need for physical meetings, and providing a seamless experience for both users and service providers.
- Python
- FastAPI
- Fast-mail
- SQLAlchemy
- PostgreSQL
- Docker
- Git & Github
- Pytest
- π JWT Authentication: Secure login and token-based authentication for users.
- π Google OAuth 2.0: Allows users to log in and register using their Google accounts.
- π User Registration: Create new user accounts with email verifications.
- π User Login: Secure user login with JWT tokens.
- π Password Reset: Users can reset their passwords via email links, in case they have forgotten their passwords.
- π§ Email Confirmation: Users must confirm their email address to activate their accounts.
- π οΈ Admin Roles: Admin users have elevated privileges and can manage other users.
- π₯ User Roles: Regular users have limited access compared to admin users.
- π Zoom Integration: Schedule virtual meetings using the Zoom API.
- π§ Email Invitations: Automatic email invitations sent to users and advisors with meeting details.
- ποΈ Meeting Management: Users can view and manage their scheduled meetings.
- π« Login Attempts Limiting: Protects against brute-force attacks by limiting login attempts using redis.
- π¦ Password Reset Attempts Limiting: Protects against spam and server overloading by several requests.
- π Swagger UI: Interactive API documentation available at 'http://localhost:8000/docs'
- π³ Dockerized Setup: Easily deploy the application using Docker and Docker Compose.
- π§ Environment Configuration: Use environment variables to configure the application securely.
- π§ͺ Pytest: Comprehensive testing using Pytest for ensuring code quality and reliability.
Follow the steps below to set up and run this project on your local machine. Ensure you have the necessary prerequisites. Detailed instructions are provided to help you configure and run the application smoothly.
-
Make sure you have Docker and Docker Compose installed in your PC. If you are using Windows OS, make sure you have Docker Desktop installed.
- You can download Docker Desktop by clicking here.
-
Go to your terminal and make a git clone of this repository.
git clone https://github.com/NogueraMateo/FastAPI-Integrations.git
To ensure that Google OAuth works as expected, you'll need to configure a project in Google Cloud Console.
-
Create a new project
-
Set up the OAuth consent screen
In this step, keep in mind that only the Gmail accounts you add here are the ones that are going to be able to log in when you're testing the API.
-
Get the credentials
The Authorized redirect URIs must be the same url that the one in this part of the code.
Remember these credentials because you're going to need them later.
You'll also need to create a zoom application, specifically a Server-to-Server OAuth. This step is neccessary to get the Zoom credentials to ensure the meeting scheduling works as expected.
You can easily get the credentials by following the Zoom Documentation After you have created the app, you can go to your apps and click on the project you just created.
There you shall see a screen like this
Keep these credentials at hand because you'll need them later.
To set this up, you must have access to the Gmail account set up to send emails, such as a [email protected] or whatever the account is. Then follow these steps to generate a Password Application.
Make sure you copy this password because you'll never see it again.
The next step is to configure the .env file. As you can see in the repository, there is a .env.example file, and you must replace
some of the credentials and passwords we generated before.
Create a new .env file and fill it with the following information:
# PostgreSQL Database Configuration
POSTGRES_USER=postgres # Don't change it
POSTGRES_PASSWORD=your_postgres_password # Choose a password
POSTGRES_DB=RESTAPI-DB # Don't change it
POSTGRES_DB_HOST=db # Don't change it
POSTGRES_DB_PORT=5432 # Don't change it
# Replace the values above here in the url
SQLALCHEMY_DATABASE_URL=postgresql://postgres:your_postgres_password@db:5432/RESTAPI-DB
# PostgreSQL Test Database Configuration
POSTGRES_TEST_DB=RESTAPI-DB-TEST
SQLALCHEMY_TEST_DATABASE_URL=postgresql://postgres:your_postgres_password@test_db:5432/RESTAPI-DB-TESTYou can keep everything as it is, except for the POSTGRES_PASSWORD. Choose a secure password and replace it both in the variable and in the URL.
# Secret Keys
ACCESS_TOKEN_SECRET_KEY=your_access_token_secret_key
EMAIL_CONFIRMATION_SECRET_KEY=your_email_confirmation_secret_key
PASSWORD_RESET_SECRET_KEY=your_password_reset_secret_key
GOOGLE_OAUTH_SECRET_KEY=your_google_oauth_secret_key
# Token Expiration Times (in minutes)
# You are free to change these times
ACCESS_TOKEN_EXPIRE_MINUTES=10
RESET_TOKEN_EXPIRE_MINUTES=10
CONFIRMATION_ACCOUNT_TOKEN_EXPIRE_MINUTES=4Your secret keys can be any string, but for better security of the API, it is recommended to generate long, secure strings. You can generate them using the following command in the terminal:
openssl rand -hex 32This will generate a long string like 210b48bdfe0d703e820b93361e3178add9f18af8d0fadfecdd508446a780cc29.
It is suggested to generate a different string for each secret key and replace the placeholder values accordingly.
# Zoom API Configuration
ZOOM_CLIENT_ID=your_zoom_client_id
ZOOM_CLIENT_SECRET=your_zoom_client_secret
ZOOM_ACCOUNT_ID=your_zoom_account_idReplace these default values with the ones you obtained when creating the Zoom Server-to-Server Application. Use the Account ID, Client ID, and Client Secret provided by Zoom.
# Mail Configuration
MAIL_USERNAME=your_mail_username
MAIL_PASSWORD=your_mail_password
MAIL_FROM=your_mail_from_address- MAIL_USERNAME and MAIL_FROM: Use the Gmail address you set up to create the application password for sending emails.
- MAIL_PASSWORD Use the password provided by Google when you created the application password.
# Google OAuth Configuration
GOOGLE_OAUTH_SECRET_CLIENT=your_google_oauth_secret_client
GOOGLE_OAUTH_CLIENT_ID=your_google_oauth_client_id- In the GOOGLE_OAUTH_SECRET_CLIENT fill it with the Client Secret given when creating the project with Google Cloud Console.
- In the GOOGLE_OAUTH_CLIENT_ID fill it with the Clien ID given when creating the project with Google Cloud Console.
ADMIN_EMAIL[email protected]
ADMIN_PASSWORD=admin123
ADVISOR_EMAIL[email protected]
ADVISOR_NAME=Your Advisor Name- ADMIN_EMAIL: This is the email address that will be used for the default admin account created when the application starts. This account has administrative privileges and can manage other users and settings within the application.
- ADMIN_PASSWORD This is the password for the default admin account. The plain password is admin123
- ADVISOR_EMAIL: This is the email address for the default advisor that will be available in the system. Advisors are users who can be assigned to meetings and provide services or consultations.
- ADVISOR_NAME: This is the full name of the default advisor. It will be used to identify the advisor in the system and in communications with users.
Bcrypt is being used to generate the hashed password of the users. Here is an example
from passlib.context import CryptContext
# Create a hashing context
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
# Generate password hash
password = "anotherpassword"
password_hash = pwd_context.hash(password)
print(password_hash)
# Output: $2b$12$mw2oUt87EO.fxHVMT7Nzj.He1ld2Bw2rs7huwp099wiUta6OuyrVKThese are the rate limiting periods in seconds that are being used for developing. In tests, these times change. You are free to change these periods according to your needs.
# Rate Limiting Configuration (in seconds)
LOGIN_RATE_LIMIT_PERIOD=300
PASSWORD_RATE_LIMIT_PERIOD=3600Once you have configured the .env file, you can easily run the project using Docker. Follow these steps:
-
Build and Run the Docker Containers:
Navigate to the project directory where the
docker-compose.ymlfile is located and run the following command to build and start the containers:docker-compose up --build
This command will build the Docker images and start the containers for the FastAPI application, PostgreSQL database, and any other services defined in the docker-compose.yml file.
-
Access the Application: Once the containers are up and running, you can access the FastAPI application in your web browser at:
http://localhost:8000
You can also access the interactive API documentation (Swagger UI) at:
http://localhost:8000/docs
-
Stop the Docker Containers:
To stop the running Docker containers, press Ctrl + C in the terminal where the docker-compose up command is running. Alternatively, you can run the following command in the project directory:
docker-compose down
This command will stop and remove the containers defined in the docker-compose.yml file.
This command stops the containers and removes the volumes, allowing you to start with a clean database when you run docker-compose up again.
To ensure the application works as expected, I have implemented functional tests using Pytest. Once the Docker containers are up and running, follow these steps to run the tests.
- Run the tests:
Navigate to the project directory and run the following command to execute the tests inside the Docker container:
docker-compose exec web pytest testsThis will run all the test cases and provide report on the test results.
It is normal for these kind of tests to take some time.
If you need to clean up the database and start fresh, you can remove the Docker volumes used by the PostgreSQL container. This will delete all data in the database. Run the following command:
docker-compose down -vTo demonstrate how to connect the front-end with the back-end for account confirmation and password reset, I have provided two example HTML files.
This section demonstrates how to implement a simple account confirmation flow using a front-end HTML page and the back-end FastAPI endpoints. When a user registers, they receive a confirmation email with a link. By clicking the link, they confirm their account through an HTML page that interacts with the back-end API. You can see the HTML here
Here is the corresponding FastAPI endpoint for confirming the user account
The workflow is:
Register a new user:When a user registers, an email with a confirmation link is sent to them. The link includes a token parameter.Click the confirmation link:The user clicks the link in the email, which opens the confirm-account.html file in their browser.Confirm the account:The user clicks the "Confirm your account" button, which sends a request to the FastAPI endpoint to confirm their account.
This HTML file demonstrates how to reset a user's password by filling in a form and sending the new password to the back-end. You can see the HTML provided here
Here is the corresponding FastAPI endpoint for confirming the user account.
The workflow is:
- Request Password Reset: The user requests to reset their password by entering their email address in a form on the front-end. This triggers an email with a password reset link to be sent to the user's email address. The link includes a token parameter.
- Click the Reset Link: The user clicks the link in the email, which opens the reset-password.html file in their browser.
- Enter New Password: The user fills in the form with their new password and confirms it by re-entering the password.
- Submit the Form: The user submits the form, which sends a request to the FastAPI endpoint to reset the password. If the token is valid and the passwords match, the user's password is updated in the database.
This project is licensed under the MIT License - see the LICENSE file for details.