Authentication backends and helpers for Starlette-based apps and frameworks
Project description
starlette-auth-toolkit
Authentication backends and helpers for Starlette-based apps and frameworks.
Note: documentation is in progress — in the meantime, feel free to read the source code!
Installation
pip install starlette-auth-toolkit
Note: you need to install Starlette yourself.
Base backends
Base backends implement an authentication flow, but the exact implementation of credentials verification is left up to you. This means you can choose to perform a database query, use environment variables or private files, etc.
These backends grant a set of scopes when authentication succeeds.
Base backends are user model agnostic, although we recommend you implement the interface specified by starlette.authentication.BaseUser (see also Starlette authentication).
BasicAuthBackend
Implementation of the Basic authentication scheme.
Request header format
Authorization: Basic {credentials}
where {credentials} refers to the base64 encoding of {username}:{password}.
Abstract methods
-
.verify(self, username: str, password: str) -> Optional[BaseUser]If
usernameandpasswordare valid, return the corresponding user. Otherwise, returnNone.
Scopes
authenticated
Example
# myapp/auth.py
from starlette.authentication import SimpleUser # or a custom user model
from starlette_auth_toolkit import backends
class BasicAuthBackend(backends.BasicAuthBackend):
async def verify(self, username: str, password: str):
# TODO: in practice, request the database to find the user associated
# to `username`, and validate that its password hash matches the
# given password.
if (username, password) != ("guido", "s3kr3t"):
return None
return SimpleUser(username)
BearerAuthBackend
Implementation of the Bearer authentication scheme.
Note: this is sometimes also referred to as "Token authentication".
Request header format
Authorization: Bearer {token}
Abstract methods
-
.verify(self, token: str) -> Optional[BaseUser]If
tokenrefers to a valid token, return the corresponding user. Otherwise, returnNone.
Scopes
authenticated
Example
# myapp/auth.py
from starlette.authentication import SimpleUser # or a custom user model
from starlette_auth_toolkit import backends
class BearerAuthBackend(backends.BearerAuthBackend):
async def verify(self, token: str):
# TODO: in practice, request the database to find the token object
# associated to `token`, and return its associated user.
if token != "abcd":
return None
return SimpleUser("bob")
Contributing
Want to contribute? Awesome! Be sure to read our Contributing guidelines.
Changelog
See CHANGELOG.md.
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file starlette-auth-toolkit-0.2.0.tar.gz.
File metadata
- Download URL: starlette-auth-toolkit-0.2.0.tar.gz
- Upload date:
- Size: 5.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.2 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 50a778ecd6c5f07f0e36e38215d8944852dc1b29dcf7d92be07efc57e529b227 |
|
| MD5 | 7d3a250be7c0e67d45e8c663d61366e7 |
|
| BLAKE2b-256 | 28b41502b04de7bb89fcfd3ea600c29c345419fee06accd74714bd195f2ebe16 |
File details
Details for the file starlette_auth_toolkit-0.2.0-py3-none-any.whl.
File metadata
- Download URL: starlette_auth_toolkit-0.2.0-py3-none-any.whl
- Upload date:
- Size: 5.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/1.13.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.0.1 requests-toolbelt/0.9.1 tqdm/4.32.2 CPython/3.7.1
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e791935728597d6d3f344c20e58ffb45ff1d200617b59b565bef20a7e32fe562 |
|
| MD5 | 6966918115166b7b31ed2494e9a6caf0 |
|
| BLAKE2b-256 | 26b6bd6b7ffba535599df80af009abe9553401c80940eea59ca8086481df7e0b |
