Login Process

User logs in with username and password
API checks for user in the database
API checks for the users password if user is found
API hashes password provided again
The hashed password provided should match the hashed password in the database
If they match, user receives token

How to code this

Fist we will have to set up a auth.py file to keep it separate in the routers folder
- This makes more sense then having it in a single file

from fastapi import APIRouter, Depends, status, HTTPException, Response
from sqlalchemy.orm import Session

from .. import database 

router = APIRouter(
    tags=['Authentification']
)

@router.post("/login")
def login(db: Session = Depends(database.get_db())):
    pass

We also need to create a schema for the user login

class UserLogin(BaseModel):
    email: EmailStr
    password: str

Now we will store this in our function

@router.post("/login")
def login(user_credentials: schemas.UserLogin, db: Session = Depends(database.get_db())):
    pass

We have to make a request to our database, specifically our users table to retrieve the user based on email

from .. import database, schemas, models

@router.post("/login")
def login(user_credentials: schemas.UserLogin, db: Session = Depends(database.get_db())):
    

    user = db.query(models.User).filter(models.User.email == user_credentials.email).first

If we do not have a user, we need to raise an exception

@router.post("/login")
def login(user_credentials: schemas.UserLogin, db: Session = Depends(database.get_db())):
    

    user = db.query(models.User).filter(models.User.email == user_credentials.email).first

    if not user:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f"Invalid Credentials")

Now that we have the password, we need to compare this to the hashed password in our database
First we need to hash the provided password (we will create this in the utils.py file)

def verify(plain_password, hashed_password):
    return pwd_context.verify(plain_password, hashed_password)

The beauty about CryptContext is that it has the .verify method which allows us to hash the password and compare it directly without additional logic

Now we can import this function in our auth.py file and verify the password
Additionally raise an exception if the password does not match

from .. import database, schemas, models, utils

@router.post("/login")
def login(user_credentials: schemas.UserLogin, db: Session = Depends(database.get_db())):
    

    user = db.query(models.User).filter(models.User.email == user_credentials.email).first()

    if not user:
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f"Invalid Credentials")

    # Password Verification
    if not utils.verify(user_credentials.password, user.password):
        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND, detail=f"Invalid Credentials")

Next steps would be:

Create Token
Return Token

PreviousJWT Token Basics NextCreating Token with OAuth2

Last updated 3 years ago