This is a pre-production deployment of Warehouse, however changes made here WILL affect the production instance of PyPI.
Latest Version Dependencies status unknown Test status unknown Test coverage unknown
Project Description

RESTful, Simple Authorization system with ZERO configuration.

What is Auth?

Auth is a module that makes authorization simple and also scalable and powerful. It also has a beautiful RESTful API for use in micro-service architectures and platforms. It is originally desinged to use in Appido, a scalable media market in Iran.

It supports Python2.6+ and if you have a mongodb backbone, you need ZERO configurations steps. Just type auth-server and press enter!

I use Travis and Codecov to keep myself honest.

requirements

You need to access to mongodb. If you are using a remote mongodb, provide these environment variables:

MONGO_HOST and MONGO_PORT

Installation

pip install auth

Show me an example

ok, lets image you have two users, Jack and Sara. Sara can cook and Jack can dance. Both can laugh.

You also need to choose a secret key for your application. Because you may want to use Auth in various tools and each must have a secret key for seperating their scope.

my_secret_key = "pleaSeDoN0tKillMyC_at"
from auth import Authorization
cas = Authorization(my_secret_key)

Now, Lets add 3 groups, Cookers, Dancers and Laughers. Remember that groups are Roles. So when we create a group, indeed we create a role:

cas.add_group('cookers')
cas.add_group('dancers')
cas.add_group('laughers')

Ok, great. You have 3 groups and you need to authorize them to do special things.

cas.add_permission('cookers', 'cook')
cas.add_permission('dancers', 'dance')
cas.add_permission('laughers', 'laugh')

Good. You let cookers to cook and dancers to dance etc… The final part is to set memberships for Sara and Jack:

cas.add_membership('sara', 'cookers')
cas.add_membership('sara', 'laughers')
cas.add_membership('jack', 'dancers')
cas.add_membership('jack', 'laughers')

That’s all we need. Now lets ensure that jack can dance:

if cas.user_has_permission('jack', 'dance'):
    print('YES!!! Jack can dance.')

Authirization Methods

use pydoc to see all methods:

pydoc auth.Authorization

RESTful API

Lets run the server on port 4000:

from auth import api, serve
serve('localhost', 4000, api)

Or, from version 0.1.2+ you can use this command:

auth-server

Simple! Authorization server is ready to use.

You can use it via simple curl or using mighty Requests module. So in you remote application, you can do something like this:

import requests
secret_key = "pleaSeDoN0tKillMyC_at"
auth_api = "http://127.0.0.1:4000/api"

Lets create admin group:

requests.post(auth_api+'/role/'+secret_key+'/admin')

And lets make Jack an admin:

requests.post(auth_api+'/permission/'+secret_key+'/jack/admin')

And finally let’s check if Sara still can cook:

requests.get(auth_api+'/has_permission/'+secret_key+'/sara/cook')

RESTful API helpers

auth comes with a helper class that makes your life easy.

from auth.client import Client
service = Client('srv201', 'http://192.168.99.100:4000')
print(service)
service.get_roles()
service.add_role(role='admin')

API Methods

pydoc auth.CAS.REST.service
  • /ping [GET]
Ping API, useful for your monitoring tools
  • /api/membership/{KEY}/{user}/{role} [GET/POST/DELETE]
Adding, removing and getting membership information.
  • /api/permission/{KEY}/{role}/{name} [GET/POST/DELETE]
Adding, removing and getting permissions
  • /api/has_permission/{KEY}/{user}/{name} [GET]
Getting user permission info
  • /api/role/{KEY}/{role} [GET/POST/DELETE]

    Adding, removing and getting roles

  • /api/which_roles_can/{KEY}/{name} [GET]

    For example: Which roles can send_mail?

  • /api/which_users_can/{KEY}/{name} [GET]

    For example: Which users can send_mail?

  • /api/user_permissions/{KEY}/{user} [GET]

    Get all permissions that a user has

  • /api/role_permissions/{KEY}/{role} [GET]

    Get all permissions that a role has

  • /api/user_roles/{KEY}/{user} [GET]

    Get roles that user assinged to

  • /api/roles/{KEY} [GET]

    Get all available roles

Deployment

Deploying Auth module in production environment is easy:

gunicorn auth:api

Dockerizing

It’s simple:

docker build -t python/auth-server https://raw.githubusercontent.com/ourway/auth/master/Dockerfile
docker run --name=auth -e MONGO_HOST='192.168.99.100' -p 4000:4000 -d --restart=always --link=mongodb-server python/auth-server

Documentation

Feel free to dig into source code. If you think you can improve the documentation, please do so and send me a pull request.

Unit Tests and Coverage

I am trying to add tests as much as I can, but still there are areas that need improvement.

To DO

  • Add Authentication features
  • Improve Code Coverage
Release History

Release History

0.5.3

This version

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.5.0

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.9

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.8

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.7

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.5

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.2

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.4.1

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

0.3.3

History Node

TODO: Figure out how to actually get changelog content.

Changelog content for this version goes here.

Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit.

Show More

Download Files

Download Files

TODO: Brief introduction on what you do with files - including link to relevant help section.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
auth-0.5.3-py3-none-any.whl (14.0 kB) Copy SHA256 Checksum SHA256 3.5 Wheel May 24, 2016
auth-0.5.3.tar.gz (9.3 kB) Copy SHA256 Checksum SHA256 Source May 24, 2016

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS HPE HPE Development Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting