Aegis Authentication SDK for Python.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for sevcks from gravatar.com sevcks

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.7
Report project as malware

Project description

Package version Supported Python versions

English | 简体中文

Aegis Auth SDK

🚀 核心价值:让身份认证回归简单与安全

Aegis Auth SDK 是一款面向现代 Web 应用的身份认证开发工具包,基于 WebAuthn(FIDO2)标准,帮助开发者快速构建无密码(Passwordless)认证体系,从根本上规避传统密码机制带来的安全风险与用户体验问题。

🌟 核心优势

1. 极致的开发体验

  • 开箱即用:支持 pip 一键SDK安装,无需复杂环境配置
  • 高度封装: 优化底层交互细节,仅需少量代码即可完成接入
  • 快速集成:分钟级完成用户注册与登录能力接入

2. 安全合规的无密码方案

  • 无密码:无需用户输入密码,有效防御弱口令与密码泄露撞库攻击
  • 无敏感数据:服务端仅存储公钥,不涉及生物特征原始数据,不存储任何敏感信息
  • 抗自动化攻击:基于挑战-响应机制,天然抵御暴力破解与批量注册,可防止机器人攻击

3. 跨平台支持

  • 全平台兼容
    • Windows 10以上版本(Windows Hello)
    • macOS Touch ID
    • iOS / Android(Face ID / 指纹)
  • 设备级强绑定:实现“用户 + 设备”双因子绑定,确保操作主体可信

4. 企业级用户管理能力

  • 统一用户视图:支持用户列表、用户状态管理、应用注册管理等
  • 审计与日志:完整认证日志,便于安全审计与追踪

🛠 快速上手

SDK 示例

from aegis_auth_sdk import AegisClient

client = AegisClient(
    base_url="https://your-server:8000",
    app_id="your_app_id",
    secret_key="your_secret_key"
)

# 获取应用信息
app_info = client.get_app_info()
print(app_info)

# 获取用户列表
result = client.get_users()
for user in result["users"]:
    print(f'  {user["username"]:<20} 状态={"启用" if user["status"] else "禁用"}  '
          f'注册时间={user["register_time"]}  最后登录={user["login_time"] or "从未"}')

# 禁用/启用用户
client.set_user_status("alice", False)

# 禁用/启用应用注册
client.set_app_register( False)

# 删除用户
client.delete_user("alice")

# 查询日志
logs = client.get_logs(log_type="auth_verify", page_size=5)
for entry in logs["items"]:
    print(f'  [{entry["log_time"]}] {entry["username"]} from {entry["log_ip"]} - {entry["log_info"]}')

接入示例

前端示例

export const fetchUserLoginOptions = (param) => {
    return request({
        url: '/api/user/login/options', // 你的服务后端API
        headers: {
            'Content-Type': 'application/json',
            'Login-Name': param.username,
        },
        method: 'post',
        data: param
    });
};

export const fetchUserLoginVerify = (username: string, asseResp: object) => {
    return request({
        url: '/api/user/login/verification', // 你的服务后端API
        method: 'post',
        headers: {
            'Content-Type': 'application/json',
            'Login-Name': username
        },
        data: asseResp
    });
};

const resp = await fetchUserLoginOptions(param);
const registrationOptions = resp.data;
const asseResp = await startAuthentication(registrationOptions);
const verificationResp = await fetchUserLoginVerify(param.username, asseResp);
const verificationJSON = verificationResp.data;

if (verificationJSON.code === 200) {
    ElMessage.success('登录成功');
    localStorage.setItem('username', param.username);
    localStorage.setItem(
        'Authorization',
        verificationJSON.token_type + ' ' + verificationJSON.access_token
    );

    router.push('/');

    if (checked.value) {
      localStorage.setItem('login-param', JSON.stringify(param));
    } else {
      localStorage.removeItem('login-param');
    }
  } else {
    ElMessage.error('登录失败');
  }
};

后端示例

from aegis_auth_sdk import AegisClient

client = AegisClient(
    base_url="https://your-server:8000",
    app_id="your_app_id",
    secret_key="your_secret_key"
)


@user.post("/login/options", description="用户登录预请求")
async def user_login_options(req: dict, request: Request, db: Session = Depends(get_db)):
    try:
        headers = request.headers
        username = headers.get("Login-Name", None)
        # 获取登录options
        resp = client.get_login_options(username)

        return JSONResponse(status_code=resp.status_code, content=resp.json())
    except Exception as e:
        return JSONResponse(status_code=200, content={"code": 400, "msg": str(e)})


@user.post("/login/verification", description="用户登录验证")
async def user_login_verification(req: dict, request: Request, db: Session = Depends(get_db)):
    try:
        headers = request.headers
        username = headers.get("Login-Name", None)
        origin = headers.get("origin", None)
        if username is None or origin is None:
            return JSONResponse(status_code=200, content={"code": False, "msg": "Miss username or origin"})
        # 验证登录
        resp = client.get_login_verify(username, req)
        # 验证成功签发jwt token
        if resp.json().get("verified", False):
            token = jwt.encode({
                "user": username,
                "role": "admin",
                "exp": datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
            }, SECRET_KEY, algorithm=algorithm).decode("utf-8")
            return JSONResponse(
              status_code=resp.status_code,
              content={"access_token": token, "token_type": "Bearer", "code": 200}
            )

        return JSONResponse(
          status_code=200,
          content={"code": 500, "username": username, "msg": resp.text}
        )
    except Exception as e:
        return HTTPException(status_code=200, detail={"code": 400, "msg": str(e)})


@user.post("/register/options", description="注册预请求")
async def user_register_options(req: dict, request: Request, db: Session = Depends(get_db)):
    try:
        headers = request.headers
        username = headers.get("Login-Name", None)
        # 获取注册options
        resp = client.get_register_options(username)
        return JSONResponse(status_code=resp.status_code, content=resp.json())
    except Exception as e:
        return JSONResponse(status_code=200, content={"code": 400, "msg": str(e)})

@user.post("/register/verification", description="注册验证")
async def user_register_verification(req: dict, request: Request, db: Session = Depends(get_db)):
    try:
        headers = request.headers
        username = headers.get("Login-Name", None)
        # 验证注册
        resp = client.register_verify(username, req)
        return JSONResponse(status_code=resp.status_code, content=resp.json())
    except Exception as e:
        return JSONResponse(status_code=200, content={"code": 400, "msg": str(e)})

⚠️ 错误码说明

HTTP 状态码 含义 说明
200 成功 请求处理成功
400 请求错误 参数缺失或格式错误
401 认证失败 App ID / Secret 错误或应用被禁用
404 未找到 资源不存在
500 服务器错误 服务端异常,请联系管理员

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for sevcks from gravatar.com sevcks

Unverified details

These details have not been verified by PyPI
Meta
  • Requires: Python >=3.7

Release history Release notifications | RSS feed

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.0.9

0.0.8

This version

0.0.7

0.0.6

0.0.5

0.0.3

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aegis_auth_sdk-0.0.7.tar.gz (9.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aegis_auth_sdk-0.0.7-py3-none-any.whl (8.1 kB view details)

Uploaded Python 3

File details

Details for the file aegis_auth_sdk-0.0.7.tar.gz.

File metadata

  • Download URL: aegis_auth_sdk-0.0.7.tar.gz
  • Upload date:
  • Size: 9.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aegis_auth_sdk-0.0.7.tar.gz
Algorithm Hash digest
SHA256 4a2b8f082375993d9f6040d8a6ddd4898716b9d71aad2b6a362bab18a1f16dd8
MD5 03651b7eb714c63ac6cb08020cd84c11
BLAKE2b-256 1c8788db99ea04fe4f28f046a0d4bbe5082630a3ae242eb1fa0e488b67111382

See more details on using hashes here.

Provenance

The following attestation bundles were made for aegis_auth_sdk-0.0.7.tar.gz:

Publisher: pypi-publish.yml on sevck/aegis-auth-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file aegis_auth_sdk-0.0.7-py3-none-any.whl.

File metadata

  • Download URL: aegis_auth_sdk-0.0.7-py3-none-any.whl
  • Upload date:
  • Size: 8.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aegis_auth_sdk-0.0.7-py3-none-any.whl
Algorithm Hash digest
SHA256 9f86e76ef9f5ceb306259adf519eb98b68a408f56fef1a959ee6a591b0d14bb5
MD5 d32fa9a6daef92ef22a5ed1495d43172
BLAKE2b-256 f40dfdd2e4018bb5e2401a6ae8ac15ad2cd2ab11793891957758b14bc2ddbf10

See more details on using hashes here.

Provenance

The following attestation bundles were made for aegis_auth_sdk-0.0.7-py3-none-any.whl:

Publisher: pypi-publish.yml on sevck/aegis-auth-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page