Hawk authentication support for Kinto
Project description
Hawk authentication support for Kinto
Kinto-hawk enables Hawk authentication for Kinto based applications.
It adds the Hawk authentication protocol to the Kinto Accounts plugins.
Your users are handled the same way as usual Kinto Accounts Users.
The main benefit of Hawk for Kinto is to prevent replay attacks (very useful for score games) and to prevent sending the user and password over the network like with Basic auth.
It provides:
An authentication policy class;
Integration with Kinto cache backend for token verifications;
Some optional endpoints to perform to grab a new Hawk session.
Installation
Install the Python package:
pip install kinto-hawk
Include the package in the project configuration:
# Enable plugin. kinto.includes = kinto_hawk
And configure authentication policy using pyramid_multiauth formalism:
multiauth.policies = account # Enable Hawk authenticated policy and name it account multiauth.policy.account.use = kinto_hawk.authentication.HawkAuthenticationPolicy
By default, it will rely on the cache configured in Kinto.
Configuration
As of today, there are no specific configuration for Hawk.
If necessary, override default values for authentication policy:
# multiauth.policy.account.realm = Realm # hawk.nonce_ttl_seconds = 60 # A minute # hawk.session_ttl_seconds = 2613600 # 2 months since last usage.
How to create a user?
You can use the kinto create-user command to create a user:
kinto create-user --ini config/kinto.ini -u admin
Login flow
Once you have a user and you have activated the kinto-hawk plugin, you will be able to request an Hawk Session from a new endpoint using Basic Auth or a previous Hawk Session.
$ http POST https://kinto.dev.mozaws.net/v1/hawk-sessions -v --auth (userID):(password) POST /v1/hawk-sessions HTTP/1.1 Host: kinto.dev.mozaws.net HTTP/1.1 201 Created Hawk-Session-Token: 47d5616e561443e79d0db605771db46234a984629a6e681059b76657f790583b
Changelog
This document describes changes between each past release.
0.1.0 (2018-04-26)
Initial implementation.
Contributors
Thomas Dressler <Thomas.Dressler1@gmail.com>
Mathieu Leplatre <mathieu@mozilla.com>
Rémy Hubscher <hubscher.remy@gmail.com>
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file kinto-hawk-0.1.0.tar.gz.
File metadata
- Download URL: kinto-hawk-0.1.0.tar.gz
- Upload date:
- Size: 7.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 12c925f094678b1d60cd8821b762a7a7dcc0ba9ebcd02e6c2340921565cd7457 |
|
| MD5 | 668ed66cad5a86dff1ff60ac9b41d9ac |
|
| BLAKE2b-256 | 8083a6eec435154bc5d49cede5b1e1085ff0310a39ef42e0c748ecee50b1a81f |
File details
Details for the file kinto_hawk-0.1.0-py3-none-any.whl.
File metadata
- Download URL: kinto_hawk-0.1.0-py3-none-any.whl
- Upload date:
- Size: 10.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 33459887c8d3bede0867a457105455d13350d4b5d607cab4ef4327dd4f4ab486 |
|
| MD5 | 1aefc77c3bad5752b80bc4e4bc6e9703 |
|
| BLAKE2b-256 | 1592c4ca75e5631df4744ac437aefc1c8296a6489012f8cb8e17f43c6707a304 |
