No project description provided

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jhnnsrs from gravatar.com jhnnsrs

Unverified details

These details have not been verified by PyPI
Meta
Report project as malware

Project description

Authentikate

codecov PyPI version Maintenance Maintainer PyPI pyversions PyPI status PyPI download month Code style: black Checked with mypy Ruff

What is Authentikate?

Authentikate is a library that provides a simple interface to validate tokens and retrieve corresponding user information inside a django application.

Note: This library is still somewhat tied to the Arkitekt Framework. We are working on making it more generic. If you have any ideas, please open an issue or a PR.

Alternatives

There are a few alternatives to this library, but none of them provide the same functionality. The most popular alternative is Simple JWT or Strawberry-django Auth . Both of these libraries provide a great way to authenticate users. So you should seriously consider using them instead of this library.

Why Authentikate?

Authentikate was designed to work with the Arkitekt Framework and therefore comes with a few additional features that are not available in other libraries.

Features:

  • Designed to work with the more specific Oauth2 Self-Encoded Access Tokens
  • Models Oauth2 Clients and Scopes
  • Build in support for Guardian for object level permissions
  • Build in support for Static Tokens (Token that are hard coded into the settings, e.g. for testing)
  • Build in support for Strawberry
  • Designed to work with Koherent for audit logging
  • Imitation support with Imitation Tokens (Token that are hard coded into the settings, e.g. for testing)

Composed Usage

If you plan to use Authentikate with the Arkitekt Framework, you should consider the Kante library. It composes Authentikate with Koherent and provides a simple interface to authenticate and log all changes that are done by a specific app and user.

How do I use it?

Authentikate is a Django Libary, so you will have to add it to your INSTALLED_APPS in your settings.py file.

INSTALLED_APPS = [
    ...
    'guardian', # This is required for object level permissions
    'authentikate',
    ...
]

AUTHENTICATION_BACKENDS = [
    "django.contrib.auth.backends.ModelBackend",
    "guardian.backends.ObjectPermissionBackend", # This is required for object level permissions
]

You will also need some additional configuration in your `settings.py` file.

```python
AUTH_USER_MODEL = "authentikate.User"


AUTHENTIKATE = {
    "ISSUERS": [
        {
            "kind": "jwks_uri",
            "iss": "https://lok.my-org.com",
            "jwks_uri": "https://lok.my-org.com/.well-known/jwks.json",
        }
    ],
}

ISSUERS is the only required key. Each entry is selected by its kind (jwks_uri, jwks_dict, rsa, or rsa_file). For the full settings shape — issuers, static tokens, provenance, headers, the public API and error model — see docs/USAGE.md.

Standard Usage

Koherent is designed to work with Strawberry, so you will need to add its extension to your schema.

from authentikate.utils import authenticate_header_or_none


def my_view(request: HttpRequest) -> None:
    auth = authenticate_header_or_none(request.headers)

    if auth:
        auth.user # This is the user that is authenticated
        auth.app # This is the app that is authenticated
        auth.scopes # These are the scopes that are authenticated

GraphQL Setup

Currently we require that you use the Kante GraphQL library, as it provides some boilerplate code that is required to make this work.

import strawberry
from authentikate.strawberry import AuthentikateExtension, AuthExtension

schema = strawberry.Schema(query=Query, extensions=[AuthentikateExtension])


@strawberry.type
class Query:

    @strawberry.field(extensions=[AuthExtension()])
    def me(self, info: Info) -> User:
        return info.context.request.user

    @strawberry.field(extensions=[AuthExtension(scopes=["read:users"])])
    def users(self, info: Info) -> List[User]:
        return User.objects.all()

AuthExtension accepts scopes, roles, any_scope_of and any_role_of. Use AuthSubscribeExtension on subscription fields.

Static Tokens

Static Tokens are tokens that are hard coded into the settings. They are useful for testing and development, but should not be used in production.

AUTHENTIKATE = {
    "ISSUERS": [
        {
            "kind": "jwks_uri",
            "iss": "https://lok.my-org.com",
            "jwks_uri": "https://lok.my-org.com/.well-known/jwks.json",
        }
    ],
    "STATIC_TOKENS": {
        "my_token": {
            "sub": "my_user",
            "iss": "https://lok.my-org.com",
            "scope": "read:users",
            "roles": ["admin"],
        }
    }
}

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jhnnsrs from gravatar.com jhnnsrs

Unverified details

These details have not been verified by PyPI
Meta

Release history Release notifications | RSS feed

This version

2.2.0

2.1.2

2.1.1

2.1.0

2.0.1

2.0.0

1.3.0

1.2.0

1.1.0

1.0.1

1.0.0

0.32.0

0.31.0

0.30.0

0.29.0

0.28.0

0.26.0

0.25.0

0.24.0

0.23.0

0.22.0

0.21.1

0.21.0

0.20.0

0.19.0

0.18.2

0.18.1

0.18.0

0.17.1

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.1

0.9.0

0.8.1

0.8.0

0.7.0

0.6.0

0.5.0

0.4.0

0.1.11

0.1.10

0.1.9

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

authentikate-2.2.0.tar.gz (25.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

authentikate-2.2.0-py3-none-any.whl (34.4 kB view details)

Uploaded Python 3

File details

Details for the file authentikate-2.2.0.tar.gz.

File metadata

  • Download URL: authentikate-2.2.0.tar.gz
  • Upload date:
  • Size: 25.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.24 {"installer":{"name":"uv","version":"0.11.24","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for authentikate-2.2.0.tar.gz
Algorithm Hash digest
SHA256 25c425edc9a7ad441a4ba5d4a8004e0a2cafdc7e9fbbabc57e910cb3bfc224ba
MD5 1e62de9b01b65767bf60f671c55e6579
BLAKE2b-256 99ce4da5c1b61d431f4d628b4a1ccc0afa1c6ccac8fda4521265f1552df49a03

See more details on using hashes here.

File details

Details for the file authentikate-2.2.0-py3-none-any.whl.

File metadata

  • Download URL: authentikate-2.2.0-py3-none-any.whl
  • Upload date:
  • Size: 34.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: uv/0.11.24 {"installer":{"name":"uv","version":"0.11.24","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}

File hashes

Hashes for authentikate-2.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e965e678612fdd3f992b02928474e1abe48086b5a8a31d8592e278d4fad9592b
MD5 e825ffb9ee0916f83c1703bef91467d0
BLAKE2b-256 6c8437b03ca391642900f9be951ea90f4b133849a7d98b78d2ef704b944b204c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page