├── .gitattributes ├── .gitignore ├── LICENSE ├── README.md ├── components ├── __init__.py └── auth.py ├── dashboard_screenshot.png ├── login_screenshot.png ├── main.py ├── requirements.txt └── supabase_auth_screenshot.png /.gitattributes: -------------------------------------------------------------------------------- 1 | # Auto detect text files and perform LF normalization 2 | * text=auto 3 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[cod] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | share/python-wheels/ 24 | *.egg-info/ 25 | .installed.cfg 26 | *.egg 27 | MANIFEST 28 | 29 | # PyInstaller 30 | # Usually these files are written by a python script from a template 31 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 32 | *.manifest 33 | *.spec 34 | 35 | # Installer logs 36 | pip-log.txt 37 | pip-delete-this-directory.txt 38 | 39 | # Unit test / coverage reports 40 | htmlcov/ 41 | .tox/ 42 | .nox/ 43 | .coverage 44 | .coverage.* 45 | .cache 46 | nosetests.xml 47 | coverage.xml 48 | *.cover 49 | *.py,cover 50 | .hypothesis/ 51 | .pytest_cache/ 52 | cover/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | .pybuilder/ 76 | target/ 77 | 78 | # Jupyter Notebook 79 | .ipynb_checkpoints 80 | 81 | # IPython 82 | profile_default/ 83 | ipython_config.py 84 | 85 | # pyenv 86 | # For a library or package, you might want to ignore these files since the code is 87 | # intended to run in multiple environments; otherwise, check them in: 88 | # .python-version 89 | 90 | # pipenv 91 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 92 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 93 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 94 | # install all needed dependencies. 95 | #Pipfile.lock 96 | 97 | # poetry 98 | # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. 99 | # This is especially recommended for binary packages to ensure reproducibility, and is more 100 | # commonly ignored for libraries. 101 | # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control 102 | #poetry.lock 103 | 104 | # pdm 105 | # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. 106 | #pdm.lock 107 | # pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it 108 | # in version control. 109 | # https://pdm.fming.dev/#use-with-ide 110 | .pdm.toml 111 | 112 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm 113 | __pypackages__/ 114 | 115 | # Celery stuff 116 | celerybeat-schedule 117 | celerybeat.pid 118 | 119 | # SageMath parsed files 120 | *.sage.py 121 | 122 | # Environments 123 | .env 124 | .venv 125 | env/ 126 | venv/ 127 | ENV/ 128 | env.bak/ 129 | venv.bak/ 130 | 131 | # Spyder project settings 132 | .spyderproject 133 | .spyproject 134 | 135 | # Rope project settings 136 | .ropeproject 137 | 138 | # mkdocs documentation 139 | /site 140 | 141 | # mypy 142 | .mypy_cache/ 143 | .dmypy.json 144 | dmypy.json 145 | 146 | # Pyre type checker 147 | .pyre/ 148 | 149 | # pytype static type analyzer 150 | .pytype/ 151 | 152 | # Cython debug symbols 153 | cython_debug/ 154 | 155 | # PyCharm 156 | # JetBrains specific template is maintained in a separate JetBrains.gitignore that can 157 | # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore 158 | # and can be added to the global gitignore or merged into this file. For a more nuclear 159 | # option (not recommended) you can uncomment the following to ignore the entire idea folder. 160 | #.idea/ 161 | 162 | .sesskey -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2024 Doug Hudgeon 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # FastHTML Supabase Authentication Example 2 | 3 | [Supabase](https://supabase.com) comes with a very straightforward authentication solution. This repo is a minimal example showing how to use it with [FastHTML](https://github.com/AnswerDotAI/fasthtml). 4 | 5 | First create a user in the authentication section of your Supabase project. Note the email and password you set for the user. 6 | 7 | ![screenshot](supabase_auth_screenshot.png) 8 | 9 | Second, clone this repo and run `pip install -r requirements.txt` in the terminal from this folder. 10 | 11 | Third, start the app by running `python main.py` in the terminal. 12 | 13 | This will take you to a login screen. Enter the email address and password for your supabase user. 14 | 15 | ![login_screenshot](login_screenshot.png) 16 | 17 | If you enter the correct credentials, it will take you to a dashboard screen. 18 | 19 | ![dashboard_screenshot](dashboard_screenshot.png) 20 | -------------------------------------------------------------------------------- /components/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hudgeon/fasthtml_supabase_auth_example/ec49fe34bcbaf9b06125fe08e7967d503df8b6f7/components/__init__.py -------------------------------------------------------------------------------- /components/auth.py: -------------------------------------------------------------------------------- 1 | import os 2 | from dataclasses import dataclass 3 | 4 | from fasthtml import common as fh 5 | from starlette.responses import RedirectResponse 6 | from supabase import Client, create_client 7 | 8 | # Initialize Supabase client 9 | supabase: Client = create_client( 10 | os.environ.get("SUPABASE_URL"), os.environ.get("SUPABASE_KEY") 11 | ) 12 | 13 | 14 | @dataclass 15 | class Login: 16 | email: str 17 | password: str 18 | 19 | 20 | def before(req, sess): 21 | print(f"Before middleware: Session content - {sess}") 22 | auth = req.scope["auth"] = sess.get("user") 23 | print(f"Before middleware: Auth value - {auth}") 24 | if not auth: 25 | print("Before middleware: No auth, redirecting to login") 26 | return RedirectResponse("/login", status_code=303) 27 | print("Before middleware: Auth found, proceeding") 28 | 29 | 30 | bware = fh.Beforeware( 31 | before, skip=[r"/favicon\.ico", r"/static/.*", r".*\.css", "/login", "/"] 32 | ) 33 | 34 | 35 | def login_get(): 36 | print("Rendering login page") 37 | frm = fh.Form( 38 | fh.Input(type="email", name="email", placeholder="Email"), 39 | fh.Input(type="password", name="password", placeholder="Password"), 40 | fh.Button("Log in", type="submit"), 41 | action="/login", 42 | method="post", 43 | ) 44 | return fh.Titled("Login", frm) 45 | 46 | 47 | def login_post(login: Login, sess): 48 | print(f"Login attempt for email: {login.email}") 49 | try: 50 | response = supabase.auth.sign_in_with_password( 51 | {"email": login.email, "password": login.password} 52 | ) 53 | print(f"Supabase login response: {response}") 54 | sess["user"] = response.user.email 55 | print(f"Session after login: {sess}") 56 | print("Redirecting to protected page") 57 | return RedirectResponse("/", status_code=303) 58 | except Exception as e: 59 | print(f"Login failed with error: {str(e)}") 60 | return fh.Titled("Login Failed", fh.P(str(e))) 61 | 62 | 63 | def logout(sess): 64 | print(f"Logging out. Session before clear: {sess}") 65 | sess.clear() 66 | print(f"Session after clear: {sess}") 67 | return RedirectResponse("/login", status_code=303) 68 | 69 | 70 | # Helper functions 71 | def set_user_session(sess, user_email): 72 | sess["user"] = user_email 73 | 74 | 75 | def clear_session(sess): 76 | sess.clear() 77 | 78 | 79 | def is_authenticated(sess): 80 | return "user" in sess 81 | -------------------------------------------------------------------------------- /dashboard_screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hudgeon/fasthtml_supabase_auth_example/ec49fe34bcbaf9b06125fe08e7967d503df8b6f7/dashboard_screenshot.png -------------------------------------------------------------------------------- /login_screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hudgeon/fasthtml_supabase_auth_example/ec49fe34bcbaf9b06125fe08e7967d503df8b6f7/login_screenshot.png -------------------------------------------------------------------------------- /main.py: -------------------------------------------------------------------------------- 1 | from fasthtml import common as fh 2 | 3 | from components import auth 4 | 5 | app, rt = fh.fast_app(before=auth.bware) 6 | 7 | 8 | @rt("/login") 9 | def get(): 10 | return auth.login_get() 11 | 12 | 13 | @rt("/login") 14 | def post(login: auth.Login, sess): 15 | return auth.login_post(login, sess) 16 | 17 | 18 | @rt("/logout") 19 | def logout(sess): 20 | return auth.logout(sess) 21 | 22 | 23 | @rt("/protected") 24 | def protected(auth): 25 | print(f"Accessing protected page. Auth: {auth}") 26 | return fh.Titled( 27 | "Protected Page", 28 | fh.P(f"Welcome, {auth}!"), 29 | fh.A("Back", href="/"), 30 | fh.P(), 31 | fh.A("Logout", href="/logout"), 32 | ) 33 | 34 | 35 | @rt("/") 36 | def home(sess): 37 | if auth.is_authenticated(sess): 38 | user = sess["user"] 39 | print(f"User: {user}") 40 | return fh.Titled( 41 | "Dashboard", 42 | fh.P(f"Welcome, {user}!"), 43 | fh.P("You are logged in. View a protected page below."), 44 | fh.A("Protected Page", href="/protected"), 45 | fh.P(), 46 | fh.P("Logout here:"), 47 | fh.A("Logout", href="/logout"), 48 | ) 49 | 50 | else: 51 | return fh.Titled( 52 | "Home", fh.H1("Welcome to the App"), fh.A("Login", href="/login") 53 | ) 54 | 55 | 56 | if __name__ == "__main__": 57 | print("Starting server") 58 | fh.serve(port=8080) 59 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | python-fasthtml 2 | supabase -------------------------------------------------------------------------------- /supabase_auth_screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/hudgeon/fasthtml_supabase_auth_example/ec49fe34bcbaf9b06125fe08e7967d503df8b6f7/supabase_auth_screenshot.png --------------------------------------------------------------------------------