🛡️ Powerful • Intuitive • Flexible

Shield Your FastAPI Endpoints

Stack your shields to create robust and customizable layers that effectively protect your endpoints from unwanted requests.

Get Started View Documentation

Quick Installation

pip

pip install fastapi-shield

uv add fastapi-shield

poetry

poetry add fastapi-shield

Why Choose FastAPI Shield?

Built with modern Python practices and FastAPI's philosophy in mind

Decorator-based Security

Apply shields as simple decorators to protect your endpoints with clean, readable code.

Layered Protection

Stack multiple shields for fine-grained access control and complex authorization rules.

Type Safety

Full type hint support for better IDE integration and code quality assurance.

Lazy Dependencies

Dependencies are only loaded after requests pass through all decorated shields.

ShieldedDepends

Special dependency mechanism for protected resources with seamless integration.

FastAPI Integration

Works seamlessly with FastAPI's dependency injection system and patterns.

See It In Action

Create your first shield in just a few lines of code

🛡️ Create Your First Shield

A simple authentication shield that validates API tokens

1from fastapi import Header
2from fastapi_shield import shield
3
4@shield
5def auth_shield(api_token: str = Header()):
6    """
7    A basic shield that validates an API token.
8    Returns the token if valid, 
9    otherwise returns `None` which blocks the request.
10    """
11    if api_token in ("admin_token", "user_token"):
12        return api_token
13    return None

🚀 Apply to Your Endpoints

Protect your endpoints with a simple decorator

1from fastapi import FastAPI
2
3app = FastAPI()
4
5@app.get("/protected/{name}")
6# apply @auth_shield
7@auth_shield  
8async def protected_endpoint(name: str):
9    return {
10        "message": f"Hello {name}. This endpoint is protected!",
11    }

🛡️ Create Role-based Shield

A parameterized shield for role-based access control

1# Create a simple roles shield
2def roles_shield(roles: list[str]):
3    """
4    A shield that validates a list of roles.
5    """
6    
7    @shield
8    # the function `get_payload_from_token` is a `ShieldedDepends` 
9    # function that returns the payload from the token,
10    # it takes the token as an argument. 
11    def wrapper(payload = ShieldedDepends(get_payload_from_token)):
12        if any(role in payload["roles"] for role in roles):
13            return payload
14        return None
15    
16    return wrapper

🛡️🛡️ Stack Multiple Shields

Combine authentication and authorization for layered security

1@app.get("/products")
2@auth_shield
3# `@auth_shield` returns the api_token if valid, 
4# otherwise returns `None` which blocks the request.
5@roles_shield(["user"])
6# the function `get_username_from_payload` is a `ShieldedDepends` 
7# function that returns the username from the payload,
8# it takes the payload as an argument. 
9async def get_products(
10    db: Dict[str, Any] = Depends(get_db),
11    username: str = ShieldedDepends(get_username_from_payload)
12):
13    """Only user with role user can get their own product"""
14    products = list(map(lambda name: db["products"][name], 
15                       db["users"][username]["products"]))
16    return {
17        "message": f"These are your products: {products}",
18    }

Ready to Shield Your API?

Join developers who trust FastAPI Shield to secure their applications

Install Now View on GitHub