This is a backend API for securely uploading, listing, and downloading files with user authentication and role-based access. Used Celery for non blocking Email verification. Create a .env file for Postgresql db and email/google-app-password
http://127.0.0.1:8000/
fastapi dev main.py
celery -A utils.celery_worker.celery_app worker --loglevel=info --pool=solo
CREATE TABLE users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
email VARCHAR(255) UNIQUE NOT NULL,
hashed_password TEXT NOT NULL,
role VARCHAR(10) NOT NULL CHECK (role IN ('ops', 'client')),
is_verified BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
- Type: Bearer Token (JWT)
- How to get it: Use the
/loginendpoint to retrieveaccess_token - Where to use it: Pass it in the
Authorizationheader asBearer <access_token>
Endpoint: POST /signup
Auth Required: β No
Request Body (JSON):
{
"email": "example@mail.com",
"password": "yourpassword",
"role": "ops" // or "client"
}Response:
- Success or error message
Endpoint: POST /login
Auth Required: β No
Request Body (JSON):
{
"email": "example@mail.com",
"password": "yourpassword"
}Response:
{
"access_token": "your-jwt-token"
}Endpoint: POST /upload
Auth Required: β
Yes
Form-Data:
file: Upload.pptx,.docx, or.xlsxfile only
Response:
- Success or error message
Endpoint: GET /list_files
Auth Required: β
Yes
Response:
[
"file1.xlsx",
"file2.docx"
]Endpoint: GET /download/{filename}
Auth Required: β
Yes
Example:
GET /download/data-1749407797375.xlsx
Response:
{
"download-link": "http://127.0.0.1:8000/download_secure/<token>"
}Endpoint: GET /download_secure/{token}
Auth Required: β
Yes
Description: Accesses and downloads the file using the encrypted token link.
{{access_token}}: Set after login{{secure_encrypted_token}}: Set after requesting download link
- Only users with role
"ops"can upload files. - All download links are time-limited and encrypted for added security.