A production-ready REST API for managing notes with user authentication, built with FastAPI, SQLAlchemy, PostgreSQL, and JWT authentication. Fully Dockerized and deployable to AWS ECS Fargate.
- 🔐 JWT Authentication - Secure user registration and login
- 📝 Notes CRUD - Create, read, update, delete notes
- 👤 User Isolation - Each user can only access their own notes
- 🐳 Fully Dockerized - Backend and database run in Docker containers
- ☁️ Cloud Deployable - Deploy Docker containers to AWS ECS Fargate
- ✅ Comprehensive Tests - 20 test cases covering all functionality
- FastAPI - Modern Python web framework
- SQLAlchemy - ORM for database operations
- PostgreSQL - Production database
- JWT (python-jose) - Token-based authentication
- Passlib + Bcrypt - Password hashing
- Pytest - Testing framework
- Docker - Containerization
# Start both backend and PostgreSQL
docker-compose up -d
# View logs (both services)
docker-compose logs -f
# Access the API
open http://localhost:8000/docsGo to http://localhost:8000/docs (Swagger UI):
- POST /auth/register → Register a user
- POST /auth/login → Get your JWT token
- Click 🔓 Authorize → Paste your token
- Now you can use all the notes endpoints!
Authentication (Public)
POST /auth/register- Register a new userPOST /auth/login- Login and get JWT token
Notes (Protected - Requires JWT)
POST /notes/- Create a noteGET /notes/- List all your notesGET /notes/{id}- Get a note by IDPUT /notes/{id}- Update a noteDELETE /notes/{id}- Delete a note
Health
GET /health- Health check
# Activate virtual environment
source .venv/bin/activate
# Run all tests (uses in-memory SQLite)
python -m pytest tests/ -vAll 20 tests should pass! ✅
Configure via environment variables or .env file:
DATABASE_URL="postgresql://postgres:postgres@postgres:5432/notes"
SECRET_KEY="your-secret-key-here" # Generate with: openssl rand -hex 32
ALGORITHM="HS256"
ACCESS_TOKEN_EXPIRE_MINUTES=30Architecture:
- Backend: ECS Fargate (Docker container)
- Database: RDS PostgreSQL (managed service, not a container)
- Image Registry: ECR
Deployment Steps:
- Create RDS PostgreSQL database and note the connection endpoint
- Build and push Docker image to ECR
docker build -t notes-api . docker tag notes-api:latest YOUR_ACCOUNT.dkr.ecr.REGION.amazonaws.com/notes-api:latest docker push YOUR_ACCOUNT.dkr.ecr.REGION.amazonaws.com/notes-api:latest - Create ECS cluster (Fargate) and task definition using your ECR image
- Set environment variables in task definition:
DATABASE_URL=postgresql://user:pass@rds-endpoint:5432/notesSECRET_KEY=your-secure-key-here
- Configure security groups (ECS → RDS on port 5432, Internet → ECS on port 8000)
- Deploy ECS service with desired task count
Note: Local dev uses docker-compose (both backend + database containers). AWS production uses ECS + RDS (backend container + managed database).
notes-api/
├── app/
│ ├── main.py # FastAPI application
│ ├── api/v1/
│ │ ├── auth.py # Authentication endpoints
│ │ └── notes.py # Notes endpoints
│ ├── models/ # SQLAlchemy models
│ ├── schemas/ # Pydantic schemas
│ ├── crud/ # Database operations
│ └── core/
│ ├── config.py # Settings
│ ├── db.py # Database config
│ └── security.py # JWT & password hashing
├── tests/
│ └── test_notes.py # API tests
├── Dockerfile
├── docker-compose.yml
└── requirements.txt
- Passwords are hashed with bcrypt
- JWT tokens expire after 30 minutes (configurable)
- All note endpoints require authentication
- Users can only access their own notes
⚠️ IMPORTANT: The defaultSECRET_KEYinconfig.pyis for demo/development only. For production deployments, generate a secure key usingopenssl rand -hex 32and set it as an environment variable
MIT License - Feel free to use this project for learning and development!