A simple Python server built with FastAPI that uses Supabase for authentication and data storage.
- User registration and authentication using Supabase Auth
- JWT token-based authorization
- CRUD operations for user data
- Row Level Security (RLS) for data isolation
- RESTful API endpoints
- Automatic API documentation with FastAPI
- Python 3.8+
- A Supabase project (free at supabase.com)
pip install -r requirements.txt- Create a new project at supabase.com
- Go to Settings > API to get your project URL and anon key
- Go to SQL Editor and run the contents of
database_schema.sqlto create the required tables
- Copy the example environment file:
cp .env.example .env- Edit
.envand add your Supabase credentials:
SUPABASE_URL=https://your-project.supabase.co
SUPABASE_KEY=your-anon-key
SECRET_KEY=your-secret-key-for-jwt
python main.pyOr using uvicorn directly:
uvicorn main:app --host 0.0.0.0 --port 8000 --reloadThe server will start on http://localhost:8000
Once the server is running, you can access:
- Interactive API docs:
http://localhost:8000/docs - Alternative API docs:
http://localhost:8000/redoc
POST /auth/register- Register a new userPOST /auth/login- Login userPOST /auth/logout- Logout user (requires authentication)GET /auth/me- Get current user info (requires authentication)
All data endpoints require authentication (Bearer token in Authorization header):
POST /data- Create a new data itemGET /data- Get all data items for the current userGET /data/{item_id}- Get a specific data itemPUT /data/{item_id}- Update a data itemDELETE /data/{item_id}- Delete a data item
GET /- Root endpointGET /health- Health check endpoint
curl -X POST "http://localhost:8000/auth/register" \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "password123",
"full_name": "John Doe"
}'curl -X POST "http://localhost:8000/auth/login" \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "password123"
}'curl -X POST "http://localhost:8000/data" \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_TOKEN_HERE" \
-d '{
"title": "My First Item",
"content": "This is some content",
"metadata": {"category": "example"}
}'curl -X GET "http://localhost:8000/data" \
-H "Authorization: Bearer YOUR_TOKEN_HERE".
├── main.py # FastAPI application and routes
├── config.py # Supabase configuration
├── auth.py # Authentication service
├── data_service.py # Data storage service
├── models.py # Pydantic models
├── database_schema.sql # Database schema for Supabase
├── requirements.txt # Python dependencies
├── .env.example # Environment variables template
└── README.md # This file
- JWT token-based authentication via Supabase Auth
- Row Level Security (RLS) ensures users can only access their own data
- Password hashing handled by Supabase
- CORS middleware for cross-origin requests
- Input validation using Pydantic models
For development, you can run the server with auto-reload:
uvicorn main:app --reloadFor production deployment:
- Set appropriate CORS origins in
main.py - Use a production WSGI server like Gunicorn
- Set strong secret keys in environment variables
- Consider using a reverse proxy like Nginx
Example production command:
gunicorn main:app -w 4 -k uvicorn.workers.UvicornWorker --bind 0.0.0.0:8000Feel free to submit issues and enhancement requests!
This project is open source and available under the MIT License.