No project description provided

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jhnnsrs from gravatar.com jhnnsrs

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

Authentikate

codecov PyPI version Maintenance Maintainer PyPI pyversions PyPI status PyPI download month Code style: black Checked with mypy Ruff

What is Authentikate?

Authentikate is a library that provides a simple interface to validate tokens and retrieve corresponding user information inside a django application.

Note: This library is still somewhat tied to the Arkitekt Framework. We are working on making it more generic. If you have any ideas, please open an issue or a PR.

Alternatives

There are a few alternatives to this library, but none of them provide the same functionality. The most popular alternative is Simple JWT or Strawberry-django Auth . Both of these libraries provide a great way to authenticate users. So you should seriously consider using them instead of this library.

Why Authentikate?

Authentikate was designed to work with the Arkitekt Framework and therefore comes with a few additional features that are not available in other libraries.

Features:

  • Designed to work with the more specific Oauth2 Self-Encoded Access Tokens
  • Models Oauth2 Clients and Scopes
  • Build in support for Guardian for object level permissions
  • Build in support for Static Tokens (Token that are hard coded into the settings, e.g. for testing)
  • Build in support for Strawberry
  • Designed to work with Koherent for audit logging
  • Imitation support with Imitation Tokens (Token that are hard coded into the settings, e.g. for testing)

Composed Usage

If you plan to use Authentikate with the Arkitekt Framework, you should consider the Kante library. It composes Authentikate with Koherent and provides a simple interface to authenticate and log all changes that are done by a specific app and user.

How do I use it?

Authentikate is a Django Libary, so you will have to add it to your INSTALLED_APPS in your settings.py file.

INSTALLED_APPS = [
    ...
    'guardian', # This is required for object level permissions
    'authentikate',
    ...
]

AUTHENTICATION_BACKENDS = [
    "django.contrib.auth.backends.ModelBackend",
    "guardian.backends.ObjectPermissionBackend", # This is required for object level permissions
]

You will also need some additional configuration in your `settings.py` file.

```python
AUTH_USER_MODEL = "authentikate.User"


AUTHENTIKATE = {
    "ISSUERS": [
        {
            "kind": "jwks_uri",
            "iss": "https://lok.my-org.com",
            "jwks_uri": "https://lok.my-org.com/.well-known/jwks.json",
        }
    ],
}

ISSUERS is the only required key. Each entry is selected by its kind (jwks_uri, jwks_dict, rsa, or rsa_file). For the full settings shape — issuers, static tokens, provenance, headers, the public API and error model — see docs/USAGE.md.

Standard Usage

Koherent is designed to work with Strawberry, so you will need to add its extension to your schema.

from authentikate.utils import authenticate_header_or_none


def my_view(request: HttpRequest) -> None:
    auth = authenticate_header_or_none(request.headers)

    if auth:
        auth.user # This is the user that is authenticated
        auth.app # This is the app that is authenticated
        auth.scopes # These are the scopes that are authenticated

GraphQL Setup

Currently we require that you use the Kante GraphQL library, as it provides some boilerplate code that is required to make this work.

import strawberry
from authentikate.strawberry import AuthentikateExtension, AuthExtension

schema = strawberry.Schema(query=Query, extensions=[AuthentikateExtension])


@strawberry.type
class Query:

    @strawberry.field(extensions=[AuthExtension()])
    def me(self, info: Info) -> User:
        return info.context.request.user

    @strawberry.field(extensions=[AuthExtension(scopes=["read:users"])])
    def users(self, info: Info) -> List[User]:
        return User.objects.all()

AuthExtension accepts scopes, roles, any_scope_of and any_role_of. Use AuthSubscribeExtension on subscription fields.

Static Tokens

Static Tokens are tokens that are hard coded into the settings. They are useful for testing and development, but should not be used in production.

AUTHENTIKATE = {
    "ISSUERS": [
        {
            "kind": "jwks_uri",
            "iss": "https://lok.my-org.com",
            "jwks_uri": "https://lok.my-org.com/.well-known/jwks.json",
        }
    ],
    "STATIC_TOKENS": {
        "my_token": {
            "sub": "my_user",
            "iss": "https://lok.my-org.com",
            "scope": "read:users",
            "roles": ["admin"],
        }
    }
}

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jhnnsrs from gravatar.com jhnnsrs

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

2.2.0

This version

2.1.2

2.1.1

2.1.0

2.0.1

2.0.0

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

0.32.0

0.31.0

0.30.0

0.29.0

0.28.0

0.26.0

0.25.0

0.24.0

0.23.0

0.22.0

0.21.1

0.21.0

0.20.0

0.19.0

0.18.2

0.18.1

0.18.0

0.17.1

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.1

0.9.0

0.8.1

0.8.0

0.7.0

0.6.0

0.5.0

0.4.0

0.1.11

0.1.10

0.1.9

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

authentikate-2.1.2.tar.gz (25.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

authentikate-2.1.2-py3-none-any.whl (34.3 kB view details)

Uploaded Python 3

File details

Details for the file authentikate-2.1.2.tar.gz.

File metadata

  • Download URL: authentikate-2.1.2.tar.gz
  • Upload date:
  • Size: 25.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.21 {"installer":{"name":"uv","version":"0.11.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for authentikate-2.1.2.tar.gz
Algorithm Hash digest
SHA256 b7399310f7c9998a0a6a6fdaf202a798e8370879f42d59aa0871addc6ba52ea7
MD5 078fdb8c4aa88550d64de8e91c0563d9
BLAKE2b-256 d5e7e56e3ce30093f980b8eda2fa84ec8a327afa08b0ec6946effbb4e3ed3ae1

See more details on using hashes here.

File details

Details for the file authentikate-2.1.2-py3-none-any.whl.

File metadata

  • Download URL: authentikate-2.1.2-py3-none-any.whl
  • Upload date:
  • Size: 34.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.21 {"installer":{"name":"uv","version":"0.11.21","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for authentikate-2.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 fbe4e132bb835c80aeb5abac8abf5b76d98a27838674f8ffead895b1d8423977
MD5 84d705ed1769931d171ad7a45bc9ed34
BLAKE2b-256 0b886664c309fd2ac63965842ddb26f4a3e5bef837fca3c78f2f2b1a548d2fee

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page