基于 FastAPI 构建的前后端分离 RBAC 权限控制系统，采用独特的伪三层架构模型设计，内置 fastapi-admin 基本实现，并作为模板库免费开源

License: MIT License

Dockerfile 0.60% Python 99.04% Mako 0.18% Shell 0.18%

fastapi pydantic fastapi-template fastapi-sqlalchemy pycasbin pydantic-v2 fastapi-rbac fastapi-admin

fastapi_best_architecture's Introduction

FastAPI Best Architecture

Caution

For 2024-3-22 (announcement)

The master branch has completed the app architecture refactoring, please pay extra attention to sync fork operations to avoid irreparable damage!

We have kept and locked the original branch (legacy-single-app-pydantic-v2), which you can get in the branch selector

English | 简体中文

FastAPI framework based on the front-end and back-end separation of the middle and back-end solutions, follow the pseudo three-tier architecture design, support for python3.10 and above versions

Its purpose is to allow you to use it directly as the infrastructure of your new project, this repository as a template library open to any person or enterprise can be used for free!

🔥Continuously updated and maintained🔥

Pseudo three-tier architecture

The mvc architecture is a common design pattern in python web, but the three-tier architecture is even more fascinating

In python web development, there is no common standard for the concept of three-tier architecture, so we'll call it a pseudo three-tier architecture here

But please note that we don't have a traditional multi-app structure (django, springBoot...) If you don't like this pattern, use templates to transform it to your heart's content!

workflow	java	fastapi_best_architecture
view	controller	api
data transmit	dto	schema
business logic	service + impl	service
data access	dao / mapper	crud
model	model / entity	model

Online Demo

You can view some of the preview screenshots in fastapi_best_architecture_ui

Luckily, we now have a demo site: FBA UI

username / password: admin / 123456

Features

Built-in features

Local development

Python: 3.10+
Mysql: 8.0+
Redis: The latest stable version is recommended
Nodejs: 14.0+

Backend

Enter the backend directory
```
cd backend
```
Install the dependencies
```
pip install -r requirements.txt
```
Create a database fba with utf8mb4 encoding.
Install and start Redis
Create a .env file in the backend directory.
```
touch .env

cp .env.example .env
```
Modify the configuration files core/conf.py and .env as needed.

database migration alembic

# Generate the migration file
alembic revision --autogenerate

# Execute the migration
alembic upgrade head

Start celery worker, beat and flower

celery -A app.task.celery worker -l info

# Scheduled tasks (optional)
celery -A app.task.celery beat -l info

# Web monitor (optional)
celery -A app.task.celery flower --port=8555 --basic-auth=admin:123456

Initialize test data (Optional)
Execute the main.py file to start the service
Open a browser and visit: http://127.0.0.1:8000/api/v1/docs

Front end

Jump to fastapi_best_architecture_ui View details

Docker Deployment

Warning

Default port conflicts: 8000, 3306, 6379, 5672.

It is recommended to shut down local services: mysql, redis, rabbitmq... before deployment.

Go to the deploy/backend/docker-compose directory, and create the environment variable file .env.

cd deploy/backend/docker-compose

touch .env.server ../../../backend/.env

cp .env.server ../../../backend/.env

Modify the configuration files backend/core/conf.py and .env as needed.
Execute the one-click startup command
```
docker-compose up -d --build
```
Wait for the command to complete.
Open a browser and visit: http://127.0.0.1:8000/api/v1/docs

Test data

Initialize the test data using the backend/sql/init_test_data.sql file.

Development Process

(For reference only)

define the database model (model)
define the data validation model (schema)
define the view (api) and routing (router)
write business (service)
write database operations (crud)

Testing

Execute unit tests through pytest.

create a test database fba_test with utf8mb4 encoding
create database tables using the backend/sql/create_tables.sql file
initialize the test data using the backend/sql/init_pytest_data.sql file
Go to the backend directory and execute the test commands.
```
cd backend/

pytest -vs --disable-warnings
```

Status

Contributors

Special thanks

Interactivity

WeChat / QQ

Sponsor us

If this program has helped you, you can sponsor us with some coffee beans: ☕ Sponsor ☕

License

This project is licensed by the terms of the MIT license

fastapi_best_architecture's People

Contributors

Stargazers

Watchers

fastapi_best_architecture's Issues

raw_exc.errors() exception

When creating a department, if the mailbox format and status are incorrect, an exception will be thrown:

{
  "code": 500,
  "msg": "'permitted'",
  "data": null
}

get_token abnormal return

It's better to provide a standardized return. The default TokenError is too general.

  raise HTTPException(
      status_code=HTTP_401_UNAUTHORIZED,
      detail="Not authenticated",
      headers={"WWW-Authenticate": "Bearer"},
  )

最近还会有大的版本吗？

感谢分享，我实践了做了个爬虫项目，写起来项目结构清晰和部署简单。

但是刚做完就更新3.10后版本了，想问下还会进行大的改版吗？尤其是在项目结构上。

Unified paging query return structure

From #43

Add token refresh

Add token refreshing mechanism (may be related to front-end work)

get_request_args Exception

When the API request parameters are missing and request.json() fails to parse, proper error handling should be implemented.


            body_data = await request.body()
            if body_data:
                try:
                    json_data = await request.json()
                    args.update(json_data)
                except Exception as e:
                    log.exception(e)
                    args.update({'body': body_data.decode('utf-8')})

Operation log storage exception

https://github.com/zzzeek/sqlalchemy/blob/main/lib/sqlalchemy/exc.py

code type may be a string

Msg may not need to report error stack information?

Improve menu permission verification

Migrating to Pydantic V2

https://docs.pydantic.dev/dev-v2/migration/

Optimize role menu authorization logic

Interim optimization solution with the ultimate goal of using custom interface permission field identifiers

Argument 'value' has incorrect type (expected str, got UUID)

当新建用户时，遇到如下报错
File "asyncmy\converters.pyx", line 26, in asyncmy.converters.escape_item
val = encoder(val, mapping)
TypeError: Argument 'value' has incorrect type (expected str, got UUID)

asyncmy 0.2.8
Mysql 8.1.0

get_user_Info func exception

Form #4 (reply in thread)

@staticmethod
async def get_user_info(username: str):
    async with async_db_session() as db:
        user = await UserDao.get_user_by_username(db, username)
        if not user:
            raise errors.NotFoundError(msg='用户不存在')
    if user.avatar is not None:
        user.avatar = cut_path(AvatarPath + user.avatar)[1]
    # here
    return user

Update and fix permissions logic

Abnormal Custom Form Structure in Swagger UI

The default form login return structure must be:

{"access_token": access_token, "token_type": "bearer"}

Otherwise, the swagger ui cannot request correctly, even if the verification passes

expectation is

{
  "code": 200,
  "msg": "Success",
  "data": {
        {"access_token": access_token, "token_type": "bearer"}
}
}

Replace response_200 with success

Remove the existing response_200 method and reference and replace it with the success method

Add RBAC

The addition of RBAC is the main one and will include some other additions and modifications

Please note that this will be not a forward compatible change

how to make pytest passed

in test_login function , only use username and password can pass the test?

Improve role permission verification

Add dictionary management

This is a common feature that we have overlooked in the current implementation.

Enum exception

The get request sets the enumeration value and throws an exception

async def get_all_menus(
    title: Annotated[str | None, Query()] = None,
    status: Annotated[StatusType | None, Query()] = None,
):

{
  "code": 422,
  "msg": "请求参数非法",
  "data": {
    "errors": [
      {
        "loc": [
          "query",
          "status"
        ],
        "msg": "value is not a valid enumeration member; permitted: 0, 1",
        "type": "type_error.enum",
        "ctx": {
          "enum_values": [
            0,
            1
          ]
        }
      }
    ]
  }
}

The post request set enumeration value is invalid

For example, when creating a menu, although the MenuType is set, it is still possible to set data exceeding the limit

GET method uses enum parameter exception

status: Annotated[StatusEnum | None, Query()] = None,

exception

{
  "code": 422,
  "msg": "请求参数非法",
  "data": {
    "errors": [
      {
        "loc": [
          "query",
          "method"
        ],
        "msg": "value is not a valid enumeration member; permitted: 0, 1, 2",
        "type": "type_error.enum",
        "ctx": {
          "enum_values": [
            0,
            1,
            2
          ]
        }
      }
    ]
  }
}

Upgrade python base version to python 3.10

Discussed in #22

^{Originally posted by downdawn April 25, 2023}

5. Use python3.10 version

The pre-commit configuration specifies version 3.10 by default, and some new features can be used later, of course, compatibility should also be considered

https://fastapi.tiangolo.com/python-types/#newer-versions-of-python

Tree data algorithms exception

Using class views via fastapi_utils?

Hi, @downdawn

I've looked at the class view implementation of fastapi_utils in general, but I'm not very interested

# End Setup
app = FastAPI()
router = InferringRouter()  # Step 1: Create a router


@cbv(router)  # Step 2: Create and decorate a class to hold the endpoints
class ItemCBV:
    # Step 3: Add dependencies as class attributes
    session: Session = Depends(get_db)
    user_id: UserID = Depends(get_jwt_user)

    @router.post("/item")
    def create_item(self, item: ItemCreate) -> ItemInDB:
        # Step 4: Use `self.<dependency_name>` to access shared dependencies
        item_orm = ItemORM(name=item.name, owner=self.user_id)
        self.session.add(item_orm)
        self.session.commit()
        return ItemInDB.from_orm(item_orm)

For session, since we're using SQLAlchemy-2.0, we'll use async_db_session.begin() directly, this seems to make more sense

from functools import wraps

def session_decorator(func):
    @wraps(func)
    async def wrapper(*args, **kwargs):
        async with async_db_session.begin() as db:
            return await func(db, *args, **kwargs)
    return wrapper


class ApiService:

    @staticmethod
    @session_decorator
    async def get_api_list(db):
        return await paginate(db, ApiDao.get_all_apis())

For Depends(get_jwt_user), we need to make FastAPI >= 0.95.0, then use the Annotated feature, and call it globally, E.g:

CurrentUser = Annotated[User, Depends(get_current_user)]

Like in the fastapi documentation: Share Annotated dependencies

Discussed in #44

^{Originally posted by downdawn May 16, 2023}
Hi, @wu-clan
tiangolo/fastapi#7119
tiangolo/fastapi#8959
tiangolo/fastapi#3580

None of the above discussions have provided a perfect solution.

Here is my idea:

We can use Redis to store tokens with expiration times, support token refresh, and enable features such as single-point login, multi-point login, and distributed deployment.

Tokens can also store additional information, such as role_id, company_id, is_admin, etc. This makes querying more convenient, but there may be security concerns that need to be carefully considered.

Perhaps there are open-source libraries that have already solved these issues.

get_cpu_info exception

windows10

    total = cpu_times.user + cpu_times.nice + cpu_times.system + cpu_times.idle \
AttributeError: 'scputimes' object has no attribute 'nice'

Department level changes

If there is no parent id, then the level is 1. If there is a parent, then you need to query the parent's level, and then add 1.

new_obj.update({'level': obj.parent_id + 1 if obj.parent_id else 1, 'create_user': user_id})

I understand that level is used to limit the number of layers created, but there are many complicated situations to consider here, such as updating the third level to another level, and the sub-levels under the third level should also change accordingly. etc.

celery task exception

When I was testing the task of sending an email, an exception occurred:

@celery_app.task
def send_active_email(email: str, active_url: str) -> str:
    send_verification_code_email(to=email, active_url=active_url)
    print(f'发送激活邮件到 {email} 成功')
    return 'Success'

KeyError: 'backend.app.tasks.send_active_email'

Request interface: /api/v1/mixes/tests/send

KeyError: 'backend.app.tasks.task_demo_async'

Received unregistered task of type 'backend.app.tasks.task_demo_async'.
The message has been ignored and discarded.

Did you remember to import the module containing this task?
Or maybe you're using relative imports?

Please see
https://docs.celeryq.dev/en/latest/internals/protocol.html
for more information.

Simplify user apis

From #4 (reply in thread)

有考虑做前端吗

可以考虑用amis来前端

Update token refresh expiration time rule

the default refresh time is the specified expiration time, add custom expiration time parameter, you can customize the expiration time

BackgroundTasks task is invalid

1、Trying to log in, the background task creation login log is not executed, and the database has no data.

2、An exception occurs when logging in in json format

UnboundLocalError: local variable 'login_logs_params' referenced before assignment

Update the session context to the decorator

from #19

Adding decorator methods

Update Dockerfile and docker_compose.yml

from wu-clan#4 (comment)

Need to wait #15

add tests by pytest

From #4

opera_log_middleware message length is not enough

When an exception occurs, the length of 255 is not enough, you can change it to TEXT

msg = getattr(e, 'msg', traceback.format_exc() if settings.ENVIRONMENT == 'dev' else 'Internal Server Error')

msg: Mapped[str | None] = mapped_column(String(255), comment='提示消息')

console log output missing time

Hi, @wu-clan

Missing crucial time data, is there a way to customize the output?

INFO:     127.0.0.1:0 - "GET /api/v1/menus/sidebar HTTP/1.0" 200 OK

SwaggerUIBundle is not defined

http://127.0.0.1:8000/v1/docs

The data validation global exception handler does not work

Discussed in #38

UUID exception

Mysql5.7 uses the uuid type, and exceptions will occur during database migration.

default_factory=uuid4

AccessMiddleware and OperaLogMiddleware cannot exist at the same time.

If you turn on AccessMiddleware settings, an exception "'async for' requires an object with aiter method, got method" will occur. Besides that, should request.state.ip be set in OperaLogMiddleware? Since OperaLogMiddleware is an optional plugin, if the user disables this plugin, the auth module will throw an exception for missing state.ip because it is used by captcha.

Installation package conflict

The conflict is caused by:
    The user requested starlette==0.27.0
    fastapi 0.95.0 depends on starlette<0.27.0 and >=0.26.1

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip attempt to solve the dependency conflict

https://github.com/tiangolo/fastapi/releases/tag/0.95.2

Discussed in #2

This is an expected feature, but there is no good implementation plan.

Reduce the number of token checks

Algorithm bug traversal_to_tree

The traversal_to_tree algorithm has a bug, which has a lot to do with the order. If the parent is behind the child, the data will be empty.

fastapi-practices / fastapi_best_architecture Goto Github PK

fastapi_best_architecture's Introduction

FastAPI Best Architecture

Pseudo three-tier architecture

Online Demo

Features

Built-in features

Local development

Backend

Front end

Docker Deployment

Test data

Development Process

Testing

Status

Contributors

Special thanks

Interactivity

Sponsor us

License

fastapi_best_architecture's People

Contributors

Stargazers

Watchers

Forkers

fastapi_best_architecture's Issues

Discussed in #22

5. Use python3.10 version

Discussed in #44

Discussed in #38

Discussed in #2

Recommend Projects

Recommend Topics

Recommend Org