A secure, token-authenticated FastAPI backend for a flashcard application. This API allows users to register, log in, and perform full CRUD (Create, Read, Update, Delete) operations on their own flashcard sets and individual flashcards.
- User Authentication: Secure user registration and login using JWT (JSON Web Tokens).
- Password Hashing: Passwords are securely hashed using bcrypt.
- Protected Endpoints: API routes are protected, requiring a valid JWT for access.
- CRUD for Flashcard Sets: Users can create, retrieve, update, and delete their own flashcard sets.
- CRUD for Flashcards: Users can add and remove individual flashcards from their sets.
- Ownership and Authorization: Users can only access and modify the flashcard sets they own.
- MongoDB Integration: Uses MongoDB as the database to store user and flashcard data.
- Pydantic Data Validation: Leverages Pydantic for robust data validation and serialization.
- Modular Structure: The application is organized into logical modules (routers, models, security).
.
├── .env
├── create_admin.py
├── main.py
├── backend_requirements.txt
├── database.py
├── models.py
├── security.py
└── routers
├── users.py
├── admin.py
└── flashcards.py
main.py: The entry point for the FastAPI application. It initializes the app and includes the routers.backend_requirements.txt: A list of all the Python dependencies required for the project.database.py: Handles the connection to the MongoDB database and exposes collection objects.models.py: Defines the Pydantic models for data shapes and validation (e.g.,User,FlashcardSet).security.py: Manages all security-related logic, including password hashing, JWT creation, and token decoding.routers/users.py: Contains the API endpoints related to user management (/register,/token).routers/flashcards.py: Contains all API endpoints for managing flashcard sets and flashcards..env: (You need to create this) Stores environment variables like database connection strings and security keys.
- Python 3.8+
- A running MongoDB instance (either local or on a service like MongoDB Atlas)
git clone https://github.com/CalebG6/Memora
cd MemoraIt's highly recommended to use a virtual environment to manage project dependencies.
# For Unix/macOS
python3 -m venv venv
source venv/bin/activate
# For Windows
python -m venv venv
.\venv\Scripts\activateInstall all the required packages from the backend_requirements.txt file.
pip install -r backend_requirements.txtCreate a file named .env in the root directory of the project. This file will store your sensitive configuration details.
Important: Add .env to your .gitignore file to prevent committing secrets to version control.
Populate the .env file with the following content, replacing the placeholder values with your own:
# A strong, randomly generated secret key for JWT encoding.
# You can generate one using: openssl rand -hex 32
SECRET_KEY="your_very_strong_secret_key"
# The algorithm used for JWT encoding.
ALGORITHM="HS256"
# The MongoDB connection string.
MONGO_URL="mongodb://localhost:27017/" # Or your MongoDB Atlas connection string
# The duration in minutes for which an access token is valid.
ACCESS_TOKEN_EXPIRE_MINUTES=30Once the dependencies are installed and the .env file is configured, you can start the development server using Uvicorn.
uvicorn main:app --reloadThe --reload flag enables hot-reloading, which automatically restarts the server when you make changes to the code.
The API will now be running at http://127.0.0.1:8000.
You can access the interactive API documentation (provided by Swagger UI) by navigating to http://127.0.0.1:8000/docs in your browser.
- Description: Registers a new user.
- Body:
{ "username": "newuser", "password": "strongpassword" } - Response: The newly created user object (without the password).
- Description: Authenticates a user and returns a JWT access token.
- Body:
application/x-www-form-urlencodedwithusernameandpassword. - Response:
{ "access_token": "your_jwt_token", "token_type": "bearer" }
Note: All flashcard endpoints are protected and require a valid JWT in the Authorization header (Authorization: Bearer <your_token>).
- Description: Creates a new flashcard set for the authenticated user.
- Response: The newly created flashcard set.
- Description: Retrieves all flashcard sets owned by the authenticated user.
- Response: A list of flashcard sets.
- Description: Updates an existing flashcard set. The user must be the owner.
- Response: The updated flashcard set.
- Description: Deletes a flashcard set. The user must be the owner.
- Response: A success message.
- Description: Adds a new flashcard to a specific set. The user must be the owner.
- Body:
{ "question": "What is FastAPI?", "answer": "A modern, fast web framework for building APIs." } - Response: The updated flashcard set with the new flashcard.
- Description: Deletes a flashcard from a set by its index. The user must be the owner.
- Response: The updated flashcard set with the flashcard removed.
- Modern, responsive landing page
- Login and sign-up pages
- Ready to connect to Flask/FastAPI backend
- MongoDB integration support
- Form validation and error handling
- Install dependencies:
npm install- Run the development server:
npm run dev- Open http://localhost:3000 in your browser
├── app/ # Next.js App Router
│ ├── page.tsx # Landing / home page
│ ├── layout.tsx # Root layout
│ ├── globals.css # Global styles
│ ├── api/ # API routes (app/api)
│ │ └── study-sets/
│ │ └── [id]/
│ ├── dashboard/ # Auth'd dashboard pages
│ │ └── page.tsx
│ ├── login/
│ │ └── page.tsx
│ ├── signup/
│ │ └── page.tsx
│ └── study/
│ └── [id]/
│ └── edit/
│ └── page.tsx
├── components/ # Shared components
│ ├── icons.tsx
│ └── ui/ # Small UI building blocks
│ ├── avatar.tsx
│ ├── badge.tsx
│ ├── button.tsx
│ ├── card.tsx
│ ├── input.tsx
│ ├── label.tsx
│ └── progress.tsx
├── lib/
│ └── utils.ts # Utility helpers
├── data/
├── kitties/ # image assets used in project
│ └── kitty2.avif
├── public/
│ └── kitties/
└── package.json