Python · FastAPI · Flask · Django · Starlette · aiohttp

Authentication for FastAPI and every Python framework

A session resolver, a require_auth gate, and a logout handler for Python backends — with idiomatic bindings for FastAPI, Flask, Django, Starlette, and aiohttp over one shared core. Validate Authdog sessions on every request, on the same wire as the Node SDKs.

Start building Read the docs

Add the dependency

main.py

# main.py
from authdog.fastapi import Authdog
 
authdog = Authdog(public_key=os.environ["PK_AUTHDOG"])
 
@app.get("/")
async def index(ctx=Depends(authdog.session)):
    return {"authenticated": ctx.is_authenticated}

Your framework, one core

Everything Python apps need

A drop-in session resolver, a require_auth gate, and a typed context — as a FastAPI dependency, a Flask decorator, Django/Starlette middleware, or an aiohttp middleware, all wire-compatible with the rest of your Authdog stack.

A FastAPI dependency

Depends(authdog.session) resolves the request's session and returns a typed AuthdogContext — token, user, and is_authenticated — for any path operation.

require_auth gate

Depend on authdog.require_auth and FastAPI raises HTTPException(401) for unauthenticated requests, returning the user object otherwise. This is the security boundary.

At most one userinfo call

The resolved context is cached on request.state, so combining session and require_auth on one request makes a single outbound userinfo call.

Pick your framework

Import authdog.fastapi, authdog.flask, authdog.django, authdog.starlette, or authdog.aiohttp — each is idiomatic for its framework and shares the same core, cookie parsing, and userinfo flow.

Safe logout handler

authdog.logout(request) returns a RedirectResponse that expires the session cookie and redirects to a redirect_uri sanitized against open redirects.

Same wire as Node

It mirrors @authdog/express and @authdog/fastify on the wire, so one Authdog environment serves your Node and Python services interchangeably.

Gate routes with a dependency

Protect a route with require_auth

Depend on authdog.require_auth and FastAPI rejects unauthenticated requests before your handler runs. The dependency returns the verified user object, resolved once per request.

routes.py

# routes.py
@app.get("/me")
async def me(user=Depends(authdog.require_auth)):
    return user

Ship secure Python APIs

Authdog's Python SDK resolves the session and enforces auth at a single gate across FastAPI, Flask, Django, Starlette, and aiohttp, caching the result so each request makes at most one userinfo call.

Depends()

To resolve the session

Add authdog.session as a dependency and any path operation gets a typed AuthdogContext — no middleware boilerplate.

require_auth

The single enforcement point

Depend on authdog.require_auth and unauthenticated requests are rejected with 401 before your handler runs.

Frameworks, one core

FastAPI, Flask, Django, Starlette, and aiohttp bindings share the same public-key, cookie, and userinfo logic — install the extra for your stack.

Add auth to your Python app.

pip install the SDK, import the binding for your framework, and gate your routes with require_auth today. Free to start, with secure defaults built in.

Start Building