Skip to content

A user authentication system, implementing Google's Firebase_admin auth modeule inside python's FastAPI based backend.

License

Notifications You must be signed in to change notification settings

rahulprakash11/Python-Firebase-Authentication-FastAPI

Repository files navigation

Python-FastAPI-Firebase-Authentication-Google-Cloud-Run-Deploy

A user authentication system, implementing Google's Firebase_admin auth module inside python's FastAPI based backend. Furthe we have deployed the code on Google Cloud Run using Docker.

Python FastAPI Swagger MongoDB Firebase Google Cloud
GitHub


Technologies used in the project:

  • Google's firebase-admin:
    • to create/register dummy user, for token generation
    • to authenticate user, for access
  • FastAPI:
    • implementing the backend logic to access database
  • Poetry:
    • for dependency management of our python environment
  • MongoDb:
    • an open source NoSql database storing our user information
  • Google Cloud Platform:
    • for deployment on Cloud Run

Index


Installation Instructions

We will be using poetry as our python package manager. you can follow the steps to get this project running on your system. So we will start by setting up poetry on our local machine.

  • First clone the repo to your local machine. In your git bash UI enter the commands:
> git clone <this-repo>
> cd this-project
> code .
  • From the root directory we will install poetry if not already present in your system. Click here for the windows install command.
  • After poetry gets installed, setup your virtual invironment.
> poetry env use python<version>
> poetry env use 3.8
  • Next to install dependencies run:
> poetry install

Note : Poetry takes care of installing these dependencies in your virtual environment. You don't have to activate your virtual environment manually every time.


Before we could the test the setup we need following to be ready with us :

  • Mongodb Atlas, to store user information to authenticate against. You can use free service provided by MongoDb for this project.
  • Firebase Admin credentials to be able to generate tokens and verify against.
  • create an empty .env file at the base directory of your project and update the .env.test file.

We are all set to run our test.


Usage Instructions

Poetry provides for custom scripts to be run in cli. You can access/write these scripts in pyproject.toml.

To run locally run these commands:

> poetry run test (to setup environment test)
> poetry run server (to serve uvicorn)

FastApi provides Swagger UI: served at /docs. In your bowser go to :

http://localhost:5000/docs

You can register a dummy user using email and password to authenticate further, via :

http://localhost:5000/docs#/dummy/create_user_dummy_register_post

Next, login through above credentials to get token from firebase auth provider to authenticate, via :

http://localhost:5000/docs#/dummy/#

Use the token obtained above to verify/register a user, via :

http://localhost:5000/docs#/auth/verify

In response you get details of new player created in your database which can be acceesed/modified through token-based authentication only, via :

http://localhost:5000/docs#/player/{id}


Setup FastApi RESTapi

To get more familier with Fastapi you can go through their docs.

Here, we will be using uvicorn to serve our FastApi backend.

We have also used Beanie as an ODM interface to MongoDb, with async capabilities. "Beanie - is an Asynchronous Python object-document mapper (ODM) for MongoDB, based on Motor and Pydantic."You can follow the Beanie's documentation here.


Setup Firebase Auth

One can use the Firebase Admin SDK to manage your users or to manage authentication tokens. As stated in their documentation, You can also use the service to identify these users on your own server. This lets you securely perform server-side logic on behalf of users that have signed in with Firebase Authentication.

To do this, you can retrieve an ID token from a client application signed in with Firebase Authentication and include the token in a request to your server. Your server then verifies the ID token and extracts the claims that identify the user (including their uid, the identity provider they logged in with, etc.). This identity information can then be used by your server to carry out actions on behalf of the user.


Google Cloud Run Deployment

For this project we have used Google's Cloud Run to deploy my Dockerised FastApi. You can follow this link for more help:

I will list the step-wise process involved in deployment:

  • Pre-requisites :
    • A Billing Account on GCP/GOOGLE CLOUD PLATFORM(though this setup will cost $0)
  • Create Dockerfile to dockerise your fastapi code
  • Create .dockerignore and .gcloudignore files(to enumerate what you need to push and what not)
  • Next follow the instruction in the link provided above.
  • Also make sure gcloud cli is installed and configured on your system.
  • gcloud cli commands to be entered for deployment:

Replace PROJECT-ID with your GCP project ID

TO view your project ID by running the command 
> gcloud config get-value project

TO SET your project ID:
gcloud config set project PROJECT-ID
> gcloud config set project auth-test

TO BUILD:
gcloud builds submit --tag gcr.io/PROJECT-ID/container-name
> gcloud builds submit --tag gcr.io/auth-test/auth-api-container

TO DEPLOY:
gcloud run deploy --image gcr.io/PROJECT-ID/container-name --platform managed
> gcloud run deploy --image gcr.io/auth-test/auth-api-container --platform managed

TO DELETE:
gcloud deployment-manager deployments delete example-deployment --delete-policy=DELETE

Further Help

This project is an open-source initiative by Junkie Labs team.

For any questions or suggestions send a mail to junkielabs.dev@gmail.com or chat with the core-team on gitter.

Gitter


License

MIT License.


Releases

No releases published

Packages

No packages published