FastAPIStarter
Production-ready FastAPI template with JWT auth, async PostgreSQL, Redis token revocation, Docker deployment, and full test coverage.
Tech Stack
Overview
A batteries-included REST API starter kit built with FastAPI and Python 3.12. Provides a pre-configured foundation with dual JWT tokens (access + refresh) and Redis-based revocation, async SQLAlchemy 2.0 with PostgreSQL, rate limiting, security headers, role-based access control, and Docker Compose for local and production environments. Clone it and start building features immediately without re-solving auth, database, or deployment setup.
Problem
Every new API project starts from zero — re-implementing auth, database config, and Docker setup wastes time and introduces inconsistencies across projects.
Solution
Created a production-ready template with JWT authentication (access + refresh tokens), Redis-backed token revocation with fail-closed security, async SQLAlchemy with connection pooling, rate limiting, security headers, and Docker Compose — all pre-wired and tested.
Architecture
FastAPI 0.111 + Python 3.12; async SQLAlchemy 2.0 with asyncpg and Alembic migrations; Redis for JWT revocation with JTI tracking; dual-token auth (access 30 min, refresh 7 days); slowapi rate limiting; Docker Compose with PostgreSQL 16 and Redis 7; service-layer pattern with dependency injection.
Challenges
Designing fail-closed token revocation so Redis downtime rejects tokens rather than accepting them; handling race conditions on unique constraints during concurrent registration; protecting login against timing attacks by always executing bcrypt even for missing users; enforcing strong password policy without degrading UX.
Results
Reusable foundation that eliminates boilerplate for new API projects; fail-closed security ensures tokens are rejected if Redis is unavailable; comprehensive test suite with async SQLite and fake Redis mocks; served as the base for the Analytics Dashboard project.