--- title: FastAPI Simple Auth Docs Upload emoji: 🚀 colorFrom: indigo colorTo: purple sdk: docker pinned: false --- # Task 1: FastAPI File Management Application A modern, fast, and secure web application built with **FastAPI**, **MySQL**, and **Jinja2**. This application allows users to register, log in, manage their profiles, and securely upload, download, and delete files through a beautiful dark-themed, glassmorphic UI. --- ## 🚀 Features - **User Authentication**: Secure signup and login functionality using hashed passwords (bcrypt) and cookie-based session management. - **File Management**: Upload (up to 2 files at once), download, and delete files securely. - **Interactive Dashboard**: A user-friendly dashboard to view all stored files, track upload times, and manage data. - **RESTful API**: Along with the frontend, the app provides standard JSON API endpoints for profile management and system interactions. - **Glassmorphic UI**: A stunning, responsive frontend built with customized CSS and Jinja2 templates. --- ## 🛠️ Tech Stack - **Backend**: FastAPI (Python) - **Database**: MySQL (via SQLAlchemy ORM) - **Frontend**: HTML5, CSS3 (Glassmorphism), Jinja2 Templates - **Authentication**: JWT token-based auth stored in HTTP-only cookies - **File Storage**: Local filesystem (`backend/uploaded_files/`) --- ## 📋 Prerequisites Before you begin, ensure you have the following installed: - Python 3.9+ - MySQL Server (running locally or remotely) - `pip` (Python package manager) --- ## ⚙️ Installation & Setup 1. **Clone or Download the Repository** Navigate to the project directory: ```bash cd "g:\Soft Mania\internship\task 1" ``` 2. **Set Up a Virtual Environment** ```bash python -m venv venv # On Windows: .\venv\Scripts\activate # On macOS/Linux: source venv/bin/activate ``` 3. **Install Dependencies** Install all required packages from `req.txt`: ```bash pip install -r req.txt ``` 4. **Database Configuration** Ensure your MySQL server is running. Create a database (e.g., `testbd`). Update the `DATABASE_URL` string in `backend/main.py` if your database credentials differ from: ```python SQLALCHEMY_DATABASE_URL = "mysql+pymysql://root:root@localhost/testbd" ``` 5. **Run the Application** Start the FastAPI development server using Uvicorn: ```bash python -m uvicorn backend.main:app --host 0.0.0.0 --port 8890 --reload ``` --- ## 📖 Usage Guide Once the server is running, the application is accessible through your web browser. ### 🌐 Web Interface (UI) - **Home / Login**: Navigate to `http://localhost:8890/login` to access the login portal. - **Sign Up**: If you are a new user, click "Sign up" on the login page or navigate to `http://localhost:8890/signup` to create a new account. - **Dashboard**: Upon logging in, you will be redirected to `http://localhost:8890/dashboard`. - **Uploading**: Use the "Upload Files" panel to select and upload up to 2 files (PDF, PNG, JPG/JPEG). - **Managing Files**: View your uploaded files in the "Your Files" table. Click **⬇ Download** to save them locally, or **🗑 Delete** to remove them permanently from the server. - **Logout**: Click the "Logout" button in the top right corner of the dashboard to securely end your session. ### 🔌 API Endpoints (For Developers) The application also exposes JSON endpoints that can be tested via tools like Postman or cURL. *(Note: Some UI and API routes share paths depending on the method and `Accept` headers).* - `POST /signup` - Register a new user (Form Data or JSON). - `POST /login` - Authenticate and receive an access token. - `GET /users/me` - Retrieve current logged-in user details. - `POST /upload` - Upload files via API. - `GET /files` - List all files belonging to the auth user. - `DELETE /files/{id}` - Delete a specific file. --- ## 📂 Project Structure ```text task 1/ │ ├── backend/ │ ├── main.py # Main FastAPI application & routes │ ├── templates/ # Jinja2 HTML Templates │ │ ├── base.html # Global layout wrapper │ │ ├── login.html # Login page │ │ ├── signup.html # Registration page │ │ └── dashboard.html # User file management dashboard │ ├── static/ │ │ └── style.css # Design system & Glassmorphic styles │ └── uploaded_files/ # Secure directory for user uploads │ ├── req.txt # Project dependencies list ├── .gitignore # Files ignored by version control └── README.md # This documentation file ``` --- ## 🔒 Security Notes - Passwords are securely hashed using `bcrypt` before being stored in MySQL. - Uploaded files are renamed with unique identifiers to prevent overwriting and path traversal attacks. - Session tokens are stored in `httponly` browser cookies for the UI flow to mitigate XSS risks.