Quickstart
Mount the auth router, create tables, and protect a route with Depends.
Minimal app
from fastapi import Depends, FastAPI
from aura_auth import AuraAuth
app = FastAPI()
auth = AuraAuth(
database_url="sqlite+aiosqlite:///./app.db",
secret="change-me-to-a-long-random-secret-at-least-32-chars",
)
@app.on_event("startup")
async def startup() -> None:
await auth.create_tables()
auth.init_app(app)
@app.get("/protected")
async def protected(user=Depends(auth.current_user())):
return {"message": f"Hello, {user.name}"}init_app registers the bundled router (by default under /auth) and maps library exceptions to HTTP responses.
Register and login
| Method | Path | Body / notes |
|---|---|---|
POST | /auth/register | {"name": "...", "email": "...", "password": "..."} |
POST | /auth/login | {"email": "...", "password": "..."} |
Both return AuthResponse: a user object and a session with token, expires_at, and id.
Authenticated requests
Bearer (default) — send the session token from the JSON body:
Authorization: Bearer <session.token>Cookie — set cookie_transport=True (and usually cookie_secure=False on plain HTTP during local dev). Register/login set Set-Cookie; Depends(auth.current_user()) reads the same cookie. See Sessions and cookies.
Dependencies
Depends(auth.current_user())— 401 if not logged in.Depends(auth.current_verified_user())— same, plus 403 ifemail_verifiedis false.
Custom route prefix
auth = AuraAuth(
database_url="sqlite+aiosqlite:///./app.db",
secret="...",
route_prefix="/api/v1/auth",
)To mount paths yourself, use auth.raw_router with your own prefix.