aegis 0.4.0

Authentication library for aiohttp

aegis allows to protect endpoints and also provides authentication scoping.

---

Installation

pip install aegis

Simple Example

# examples/login_required.py
from aiohttp import web
from aegis import decorators
from aegis.authenticators.jwt import JWTAuth


class JWTAuthenticator(JWTAuth):
    jwt_secret = "test"

    async def authenticate(self, request: web.Request) -> dict:
        # You can get the request payload of the /auth route
        payload = await request.json()

        # Assuming the name parameter send in the request payload
        searched_name = payload["name"]

        # fetch the user from your storage
        db = request.app["db"]
        user = db.get(searched_name, None)

        # return the JSON serializable user
        return user


@decorators.login_required
async def protected(request):
    return web.json_response({'hello': 'user'})


if __name__ == "__main__":
    app = web.Application()

    database = {
        'david': {'id': 5}
    }
    app["db"] = database

    app.router.add_get('/', protected)

    JWTAuthenticator.setup(app)

    web.run_app(app)

Get access token

curl -X POST http://0.0.0.0:8080/auth -d '{"username": "david"}'


{"access_token": "<access_token>"}

Get user

curl http://0.0.0.0:8080/me -H 'Authorization: Bearer <access_token>'


{"id": 5, "scopes": ["user"], "exp": 1553753859}

Test

git clone https://github.com/mgurdal/aegis.git
cd aegis
make cov

Requirements

• Python >= 3.6

• aiohttp

• PyJWT

License

aegis is offered under the Apache 2 license.