Merge pull request #242 from benavlabs/oauth

Oauth Docs

Author: LucasQR

docs/user-guide/authentication/oauth.md

@@ -75,6 +75,7 @@ nav:
       - Authentication:
           - Overview: user-guide/authentication/index.md
           - JWT Tokens: user-guide/authentication/jwt-tokens.md
+          - OAuth: user-guide/authentication/oauth.md
           - User Management: user-guide/authentication/user-management.md
           - Permissions: user-guide/authentication/permissions.md
       - Admin Panel:

mkdocs.yml

@@ -33,6 +33,7 @@ dependencies = [
     "gunicorn>=23.0.0",
     "ruff>=0.11.13",
     "mypy>=1.16.0",
+    "fastapi-sso>=0.18.0",
 ]
 
 [project.optional-dependencies]
@@ -107,6 +108,7 @@ filterwarnings = [
 dev = [
     "pre-commit>=4.3.0",
     "pytest-asyncio>=1.0.0",
+    "watchfiles>=1.1.1",
 ]
 
 [tool.mypy]

pyproject.toml

@@ -4,7 +4,7 @@
 # This file contains example values for development/testing purposes only.
 #
 # SECURITY CRITICAL: Before deploying to production, you MUST:
-#   1. Copy this file to src/.env
+#   1. Copy this file to a .env file at the project root
 #   2. Generate a new SECRET_KEY using: openssl rand -hex 32
 #   3. Change all passwords (POSTGRES_PASSWORD, ADMIN_PASSWORD, etc.)
 #   4. Update all sensitive configuration values
@@ -20,7 +20,7 @@ CONTACT_NAME="Me"
 CONTACT_EMAIL="my.email@example.com"
 LICENSE_NAME="MIT"
 
-# ------------- database ------------- 
+# ------------- database -------------
 POSTGRES_USER="postgres"
 POSTGRES_PASSWORD=1234
 POSTGRES_SERVER="db"

scripts/gunicorn_managing_uvicorn_workers/.env.example

@@ -1,6 +1,6 @@
 services:
   web:
-    build: 
+    build:
       context: .
       dockerfile: Dockerfile
     # -------- Both of the following commands should be commented to run with nginx --------
@@ -9,7 +9,7 @@ services:
     # command: uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload
     command: gunicorn app.main:app -w 4 -k uvicorn.workers.UvicornWorker -b 0.0.0.0:8000
     env_file:
-      - ./src/.env
+      - .env
     # -------- replace with expose if you are using nginx --------
     ports:
        - "8000:8000"
@@ -20,26 +20,26 @@ services:
       - redis
     volumes:
       - ./src/app:/code/app
-      - ./src/.env:/code/.env
+      - .env:/.env
 
   worker:
-    build: 
+    build:
       context: .
       dockerfile: Dockerfile
     command: arq app.core.worker.settings.WorkerSettings
     env_file:
-      - ./src/.env
+      - .env
     depends_on:
       - db
       - redis
     volumes:
       - ./src/app:/code/app
-      - ./src/.env:/code/.env
+      - .env:/.env
 
   db:
     image: postgres:13
     env_file:
-      - ./src/.env
+      - .env
     volumes:
       - postgres-data:/var/lib/postgresql/data
     expose:
@@ -64,11 +64,11 @@ services:
 
   #-------- uncomment to create first superuser --------
   create_superuser:
-    build: 
+    build:
       context: .
       dockerfile: Dockerfile
     env_file:
-      - ./src/.env
+      - .env
     depends_on:
       - db
       - web
@@ -78,11 +78,11 @@ services:
 
   #-------- uncomment to run tests --------
   # pytest:
-  #   build: 
+  #   build:
   #     context: .
-  #     dockerfile: Dockerfile 
+  #     dockerfile: Dockerfile
   #   env_file:
-  #     - ./src/.env
+  #     - .env
   #   depends_on:
   #     - db
   #     - create_superuser
@@ -93,11 +93,11 @@ services:
 
   #-------- uncomment to create first tier --------
   # create_tier:
-  #   build: 
+  #   build:
   #     context: .
   #     dockerfile: Dockerfile
   #   env_file:
-  #     - ./src/.env
+  #     - .env
   #   depends_on:
   #     - create_superuser
   #     - db
@@ -109,4 +109,3 @@ services:
 volumes:
   postgres-data:
   redis-data:
- 

scripts/gunicorn_managing_uvicorn_workers/docker-compose.yml

@@ -4,7 +4,7 @@
 # This file contains example values for development/testing purposes only.
 #
 # SECURITY CRITICAL: Before deploying to production, you MUST:
-#   1. Copy this file to src/.env
+#   1. Copy this file to a .env file at the project root
 #   2. Generate a new SECRET_KEY using: openssl rand -hex 32
 #   3. Change all passwords (POSTGRES_PASSWORD, ADMIN_PASSWORD, etc.)
 #   4. Update all sensitive configuration values
@@ -16,6 +16,8 @@
 APP_NAME="My Project"
 APP_DESCRIPTION="My Project Description"
 APP_VERSION="0.1"
+APP_BACKEND_HOST="http://localhost:8000"
+APP_FRONTEND_HOST="http://localhost:3000"
 CONTACT_NAME="Me"
 CONTACT_EMAIL="my.email@example.com"
 LICENSE_NAME="MIT"
@@ -70,3 +72,13 @@ ENVIRONMENT="local"
 
 # ------------- first tier -------------
 TIER_NAME="free"
+
+# ------------- auth settings -------------
+# ENABLE_PASSWORD_AUTH=true
+# GOOGLE_CLIENT_ID=
+# GOOGLE_CLIENT_SECRET=
+# MICROSOFT_CLIENT_ID=
+# MICROSOFT_CLIENT_SECRET=
+# MICROSOFT_TENANT=
+# GITHUB_CLIENT_ID=
+# GITHUB_CLIENT_SECRET=

scripts/local_with_uvicorn/.env.example

@@ -33,12 +33,15 @@ COPY --from=builder --chown=app:app /app/.venv /app/.venv
 # Ensure the virtual environment is in the PATH
 ENV PATH="/app/.venv/bin:$PATH"
 
+# Force file watching to use polling, which is more reliable in some Docker environments (like WSL/macOS)
+ENV WATCHFILES_FORCE_POLLING=true
+
 # Switch to the non-root user
 USER app
 
 # Set the working directory
 WORKDIR /code
 
 # -------- replace with comment to run with gunicorn --------
-CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload"]
+CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--reload", "--reload-include", ".env"]
 # CMD ["gunicorn", "app.main:app", "-w", "4", "-k", "uvicorn.workers.UvicornWorker", "-b", "0.0.0.0:8000"]

scripts/local_with_uvicorn/Dockerfile

@@ -1,45 +1,38 @@
 services:
   web:
-    build: 
+    build:
       context: .
       dockerfile: Dockerfile
-    # -------- Both of the following commands should be commented to run with nginx --------
-
-    # -------- replace with comment to run with gunicorn --------
-    command: uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload
-    # command: gunicorn app.main:app -w 4 -k uvicorn.workers.UvicornWorker -b 0.0.0.0:8000
-    env_file:
-      - ./src/.env
-    # -------- replace with expose if you are using nginx --------
+    environment:
+      # Enable polling for file changes on macOS/Windows Docker Desktop
+      - WATCHFILES_FORCE_POLLING=true
     ports:
        - "8000:8000"
-    # expose:
-    #    - "8000"
     depends_on:
       - db
       - redis
     volumes:
       - ./src/app:/code/app
-      - ./src/.env:/code/.env
+      - .env:/code/.env
 
   worker:
-    build: 
+    build:
       context: .
       dockerfile: Dockerfile
     command: arq app.core.worker.settings.WorkerSettings
     env_file:
-      - ./src/.env
+      - .env
     depends_on:
       - db
       - redis
     volumes:
       - ./src/app:/code/app
-      - ./src/.env:/code/.env
+      - .env:/code/.env
 
   db:
     image: postgres:13
     env_file:
-      - ./src/.env
+      - .env
     volumes:
       - postgres-data:/var/lib/postgresql/data
     expose:
@@ -64,11 +57,11 @@ services:
 
   #-------- uncomment to create first superuser --------
   create_superuser:
-    build: 
+    build:
       context: .
       dockerfile: Dockerfile
     env_file:
-      - ./src/.env
+      - .env
     depends_on:
       - db
       - web
@@ -78,11 +71,11 @@ services:
 
   #-------- uncomment to run tests --------
   pytest:
-    build: 
+    build:
       context: .
-      dockerfile: Dockerfile 
+      dockerfile: Dockerfile
     env_file:
-      - ./src/.env
+      - .env
     depends_on:
       - db
       - create_superuser
@@ -93,11 +86,11 @@ services:
 
   #-------- uncomment to create first tier --------
   # create_tier:
-  #   build: 
+  #   build:
   #     context: .
   #     dockerfile: Dockerfile
   #   env_file:
-  #     - ./src/.env
+  #     - .env
   #   depends_on:
   #     - create_superuser
   #     - db
@@ -109,4 +102,3 @@ services:
 volumes:
   postgres-data:
   redis-data:
- 

scripts/local_with_uvicorn/docker-compose.yml

@@ -4,7 +4,7 @@
 # This file contains example values for development/testing purposes only.
 #
 # SECURITY CRITICAL: Before deploying to production, you MUST:
-#   1. Copy this file to src/.env
+#   1. Copy this file to a .env file at the project root
 #   2. Generate a new SECRET_KEY using: openssl rand -hex 32
 #   3. Change all passwords (POSTGRES_PASSWORD, ADMIN_PASSWORD, etc.)
 #   4. Update all sensitive configuration values
@@ -20,7 +20,7 @@ CONTACT_NAME="Me"
 CONTACT_EMAIL="my.email@example.com"
 LICENSE_NAME="MIT"
 
-# ------------- database ------------- 
+# ------------- database -------------
 POSTGRES_USER="postgres"
 POSTGRES_PASSWORD=1234
 POSTGRES_SERVER="db"