Aegis Authentication SDK for Python.

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for sevcks from gravatar.com sevcks

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Requires: Python >=2.7
Classifiers
Report project as malware

Project description

Package version Supported Python versions

English | 简体中文

Aegis Auth SDK

🚀 Core Value: Making Authentication Simple and Secure

Aegis Auth SDK is a modern authentication toolkit for Web applications, built on the WebAuthn (FIDO2) standard. It enables developers to quickly implement passwordless authentication, fundamentally eliminating the security risks and usability issues associated with traditional passwords.

🌟 Key Features

1. Excellent Developer Experience

  • Out-of-the-box: Install via pip with zero complex setup
  • Highly abstracted: WebAuthn complexity is fully encapsulated
  • Fast integration: Implement registration and login in minutes

2. Secure & Compliant Passwordless Solution

  • Passwordless by design: Eliminates password reuse, phishing, and credential stuffing
  • Minimal sensitive data: Only public keys stored server-side, no biometric raw data
  • Anti-automation: Challenge-response mechanism prevents brute-force and bot attacks

3. Cross-platform & Biometric Support

  • Multi-platform compatibility:
    • Windows Hello
    • macOS Touch ID
    • iOS / Android (Face ID / Fingerprint)
  • Device binding: Strong "User + Device" trust model

4. Enterprise-grade User Management

  • Unified user view: Credential management, device binding, status control
  • Audit logs: Full authentication traceability

📦 Requirements

  • Python 2.7 or Python 3.6+
  • Zero third-party dependencies (stdlib only)

🛠 Quick Start

Installation

pip install aegis-auth-sdk

SDK Example

from aegis_auth_sdk import AegisClient

# Basic initialization
client = AegisClient(
    base_url="https://your-server:8000",
    app_id="your_app_id",
    secret_key="your_secret_key"
)

# Proxy scenario: forward browser UA and real IP to Aegis logs
client = AegisClient(
    base_url="https://your-server:8000",
    app_id="your_app_id",
    secret_key="your_secret_key",
    user_agent="Mozilla/5.0 ...",  # browser User-Agent from upstream request
    client_ip="10.0.0.1",         # real client IP from upstream request
)

# Get app info
app_info = client.get_app_info()
print(app_info)

# List users
result = client.get_users()
for user in result["users"]:
    print("%s - Status: %s" % (user["username"], "Enabled" if user["status"] else "Disabled"))

# Enable / disable user
client.set_user_status("alice", False)

# Enable / disable app registration
client.set_app_register(False)

# Enable / disable multi-device registration
client.set_app_multi_device(True)

# Delete user
client.delete_user("alice")

# Query logs
logs = client.get_logs(log_type="auth_verify", page_size=5)
for entry in logs["items"]:
    print("[%s] %s from %s - %s" % (
        entry["log_time"], entry["username"], entry["log_ip"], entry["log_info"]))

🌐 Integration Example

Frontend Example

export const fetchUserLoginOptions = (param) => {
    return request({
        url: '/api/user/login/options',
        headers: { 'Content-Type': 'application/json', 'Login-Name': param.username },
        method: 'post',
        data: param
    });
};

export const fetchUserLoginVerify = (username, asseResp) => {
    return request({
        url: '/api/user/login/verification',
        method: 'post',
        headers: { 'Content-Type': 'application/json', 'Login-Name': username },
        data: asseResp
    });
};

const resp = await fetchUserLoginOptions(param);
const asseResp = await startAuthentication(resp.data);
const verificationResp = await fetchUserLoginVerify(param.username, asseResp);

if (verificationResp.data.code === 200) {
    localStorage.setItem('Authorization', verificationResp.data.token_type + ' ' + verificationResp.data.access_token);
    router.push('/');
}

Backend Example

from aegis_auth_sdk import AegisClient
from fastapi import APIRouter, Request
from fastapi.responses import JSONResponse
import jwt, datetime

SECRET_KEY = "your-jwt-secret"
BASE_URL = "https://your-server:8000"
APP_ID = "your_app_id"
APP_SECRET = "your_secret_key"

user = APIRouter()

def _get_client_ip(request: Request) -> str:
    forwarded = request.headers.get("X-Forwarded-For")
    if forwarded:
        return forwarded.split(",")[0].strip()
    return request.headers.get("X-Real-IP") or (request.client.host if request.client else None)

def _make_client(request: Request):
    return AegisClient(
        base_url=BASE_URL, app_id=APP_ID, secret_key=APP_SECRET,
        user_agent=request.headers.get("user-agent"),
        client_ip=_get_client_ip(request),
    )

@user.post("/login/options")
async def user_login_options(req: dict, request: Request):
    username = request.headers.get("Login-Name")
    resp = _make_client(request).get_login_options(username)
    return JSONResponse(status_code=resp.status_code, content=resp.json())

@user.post("/login/verification")
async def user_login_verification(req: dict, request: Request):
    username = request.headers.get("Login-Name")
    origin = request.headers.get("origin")
    resp = _make_client(request).get_login_verify(username, req, origin=origin)
    if resp.json().get("verified", False):
        token = jwt.encode({
            "user": username,
            "exp": datetime.datetime.utcnow() + datetime.timedelta(minutes=30)
        }, SECRET_KEY, algorithm="HS256")
        return JSONResponse(content={"access_token": token, "token_type": "Bearer", "code": 200})
    return JSONResponse(status_code=200, content={"code": 500, "msg": resp.text})

@user.post("/register/options")
async def user_register_options(req: dict, request: Request):
    username = request.headers.get("Login-Name")
    resp = _make_client(request).get_register_options(username)
    return JSONResponse(status_code=resp.status_code, content=resp.json())

@user.post("/register/verification")
async def user_register_verification(req: dict, request: Request):
    username = request.headers.get("Login-Name")
    resp = _make_client(request).get_register_verify(username, req)
    return JSONResponse(status_code=resp.status_code, content=resp.json())

⚠️ Error Codes

HTTP Status Meaning Description
200 OK Request successful
400 Bad Request Missing or invalid parameters
401 Unauthorized Invalid App ID / Secret or app disabled
403 Forbidden Registration disabled or WebAuthn verification failed
404 Not Found Resource not found
500 Server Error Internal server error

📦 Error Response Format

{ "error": "Error message" }

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for sevcks from gravatar.com sevcks

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License
  • Requires: Python >=2.7
Classifiers

Release history Release notifications | RSS feed

This version

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.0.9

0.0.8

0.0.7

0.0.6

0.0.5

0.0.3

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aegis_auth_sdk-0.1.5.tar.gz (10.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aegis_auth_sdk-0.1.5-py3-none-any.whl (8.1 kB view details)

Uploaded Python 3

File details

Details for the file aegis_auth_sdk-0.1.5.tar.gz.

File metadata

  • Download URL: aegis_auth_sdk-0.1.5.tar.gz
  • Upload date:
  • Size: 10.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for aegis_auth_sdk-0.1.5.tar.gz
Algorithm Hash digest
SHA256 5749835f08b4bdeac8f474964088a3c200a76574b5ede6d7dd8ac0e7b1bdeda1
MD5 d7f34c0b2dbbe84e82e0dad58de2fa63
BLAKE2b-256 ddb6af854a3193cc1299de6c34270d050b7f8db4791a520bbd2fa1d624763aeb

See more details on using hashes here.

Provenance

The following attestation bundles were made for aegis_auth_sdk-0.1.5.tar.gz:

Publisher: pypi-publish.yml on sevck/aegis-auth-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file aegis_auth_sdk-0.1.5-py3-none-any.whl.

File metadata

  • Download URL: aegis_auth_sdk-0.1.5-py3-none-any.whl
  • Upload date:
  • Size: 8.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for aegis_auth_sdk-0.1.5-py3-none-any.whl
Algorithm Hash digest
SHA256 1b6e2955c88230788e343b5d4b90a41749f34e13d3f720d1e648521f7fb92d73
MD5 8c97bfd76f906abd0f5ce834bc6334a4
BLAKE2b-256 e39efc9046fc74443ffc9a0120f3a5b56fc37c9060ccf5e4e6cb30d5ebe8e72f

See more details on using hashes here.

Provenance

The following attestation bundles were made for aegis_auth_sdk-0.1.5-py3-none-any.whl:

Publisher: pypi-publish.yml on sevck/aegis-auth-sdk

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page