AuthTuna 🐟 - High-Performance Async Security

AuthTuna is a modern, batteries-included authentication and authorization framework for Python, designed specifically for **FastAPI** applications, but with a framework-agnostic core.

Key Features

• Async-First: Built entirely with asynchronous managers and SQLAlchemy 2.0.
• Robust Sessions: DB-backed sessions with anti-hijack checks (device/region/IP mismatch).
• Comprehensive RBAC: Hierarchical roles and fine-grained **Scoped Permissions**.
• Built-in Flows: Ready-to-use routers for Login, Signup, MFA, Password Reset, and Social SSO.
• Auditing: Logs all critical security events (login, password change, suspension).
• UI Components: Includes pre-built HTML templates for login, user dashboard, settings, and admin pages.

Getting Started (Minimal Setup)

Install dependencies and initialize your FastAPI application:

pip install authtuna

1. Create a minimal .env file

# .env
API_BASE_URL=http://localhost:8000
# Mandatory encryption keys (generate with Fernet.generate_key().decode())
FERNET_KEYS='["YOUR_PRIMARY_KEY", "YOUR_SECONDARY_KEY"]'
JWT_SECRET_KEY="a-strong-jwt-secret"
DEFAULT_DATABASE_URI=sqlite+aiosqlite:///./authtuna.db

2. Initialize the App

from fastapi import FastAPI, Depends
from authtuna import init_app
from authtuna.integrations import get_current_user
from authtuna.core.database import User

app = FastAPI(title="AuthTuna Demo API")

# This single function adds all middleware and routers
init_app(app)

@app.get("/", tags=["Root"],)
async def root(user=Depends(get_current_user_optional)):
    """
    Automatically redirects to login page if not authenticated, else redirects to the dashboard.
    """
    if user is None:
        return RedirectResponse("/auth/login")
    return RedirectResponse("/ui/dashboard")

After running your app, you can access the built-in UI at /ui/dashboard and authentication forms at /auth/login.