Authentication & Authorization

A robust, flexible authentication system designed to work seamlessly with JEC's class-based routes.

The @auth Decorator

You can secure your endpoints using the @auth decorator found in jec_api.decorators.

Basic Usage

routes/secure.py

from jec_api import Route
from jec_api.decorators import auth

class SecureData(Route):
    @auth(True)  # Requires authentication
    async def get(self):
        return {"data": "secure"}

    @auth(False) # Public endpoint
    async def post(self):
        return {"data": "public"}

Role-Based Access Control (RBAC)

You can specify required roles. The auth handler receives these roles and can enforce them.

routes/admin.py

class AdminPanel(Route):
    @auth(True, roles=["admin", "superuser"])
    async def delete(self):
        return {"status": "deleted"}

Configuration Guide

The system is agnostic to the authentication method (JWT, OAuth, API Key, etc.). You provide the logic by registering an Auth Handler.

Setting up the Auth Handler

Register your handler using app.set_auth_handler(). The handler must be an async function that accepts request and roles.

main.py

from jec_api import Core
from fastapi import Request

app = Core()

async def my_auth(request: Request, roles: list[str] = None) -> bool:
    # 1. Check for token
    token = request.headers.get("Authorization")
    if token != "SecretToken":
        return False  # Deny access (403)
        
    return True # Allow access

app.set_auth_handler(my_auth)

Need JWT integration, scope validation, or user context management? Check the Advanced Usage guide.