Skip to main content

ASGI middleware that authenticates users against GitHub

Project description

asgi-auth-github

PyPI CircleCI License

ASGI middleware that authenticates users against GitHub.

(Originally part of datasette-auth-github, now split off as a separate project.)

Setup instructions

Adding this to your ASGI application

from asgi_auth_github import GitHubAuth
from your_asgi_app import asgi_app


app = GitHubAuth(
    asgi_app,
    client_id="github_client_id",
    client_secret="github_client_secret",
    require_auth=True,
    # Other options:
    # cookie_ttl=24 * 60 * 60,
    # disable_auto_login=True,
    # allow_users=["simonw"],
    # allow_orgs=["my-org"],
    # allow_teams=["my-org/engineering"],
)

See the datasette-auth-github 0.12 documentation for documentation of the other parameters.

Once wrapped in this way, your application will redirect users to GitHub to authenticate if they are not yet signed in. Authentication is recorded using a signed cookie.

The middleware adds a new "auth" key to the scope containing details of the signed-in user, which is then passed to your application. The contents of the scope["auth"] key will look like this:

{
    "id": "1234 (their GitHub user ID)",
    "name": "Their Display Name",
    "username": "their-github-username",
    "email": "their-github@email-address.com",
    "ts": 1562602415
}

The "ts" value is an integer time.time() timestamp representing when the user last signed in.

If the user is not signed in (and you are not using required authentication) the "auth" scope key will be set to None.

Example using Starlette

Here's an example using the Starlette ASGI framework. You'll need to add your client_id and client_secret to this code before running it.

Save the following as starlette_demo.py:

from asgi_auth_github import GitHubAuth
from starlette.applications import Starlette
from starlette.responses import JSONResponse
from starlette.routing import Route
import uvicorn

app = Starlette(debug=True)


async def homepage(request):
    return JSONResponse({"auth": request.scope["auth"]})


app = Starlette(debug=True, routes=[Route("/", homepage),])


authenticated_app = GitHubAuth(
    app,
    client_id="...",
    client_secret="...",
    require_auth=True,
)

if __name__ == "__main__":
    uvicorn.run(authenticated_app, host="0.0.0.0", port=8001)

Install the dependencies like this:

pip install uvicorn starlette asgi-auth-github

Then run it with:

python starlette_demo.py

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

asgi_auth_github-0.1.1-py3-none-any.whl (12.5 kB view details)

Uploaded Python 3

File details

Details for the file asgi_auth_github-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: asgi_auth_github-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 12.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.46.1 CPython/3.7.7

File hashes

Hashes for asgi_auth_github-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 a4f4ef6b1f4fbebc5b6a3ac6fc33883823a8c5af5f0c8b58c63d460cbdb1dff7
MD5 ac1b553e62bca3d52b608a97a54d609a
BLAKE2b-256 a2c6c4791f8dc59c8169eb17533d393cbd31299e003c419360cc9755271d97fe

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page