JWT user provider for casbin-fastapi-decorator
Project description
casbin-fastapi-decorator-jwt
JWT user provider for casbin-fastapi-decorator.
Extracts and validates a JWT from the Bearer header and/or a cookie, returning the payload as the current user.
Installation
pip install casbin-fastapi-decorator-jwt
Or via the core package extra:
pip install "casbin-fastapi-decorator[jwt]"
Usage
from casbin_fastapi_decorator_jwt import JWTUserProvider
user_provider = JWTUserProvider(
secret_key="your-secret",
algorithm="HS256", # default
cookie_name="access_token", # optional, enables reading from cookie
user_model=UserSchema, # optional, Pydantic model for payload validation
)
Pass it to PermissionGuard as the user_provider:
import casbin
from fastapi import FastAPI, HTTPException
from casbin_fastapi_decorator import PermissionGuard
async def get_enforcer() -> casbin.Enforcer:
return casbin.Enforcer("model.conf", "policy.csv")
guard = PermissionGuard(
user_provider=user_provider,
enforcer_provider=get_enforcer,
error_factory=lambda user, *rv: HTTPException(403, "Forbidden"),
)
app = FastAPI()
@app.get("/articles")
@guard.require_permission("articles", "read")
async def list_articles():
return []
API
JWTUserProvider
JWTUserProvider(
secret_key: str,
algorithm: str = "HS256",
cookie_name: str | None = None,
user_model: type[BaseModel] | None = None,
)
| Parameter | Description |
|---|---|
secret_key |
Secret used to verify the JWT signature |
algorithm |
JWT algorithm (default: "HS256") |
cookie_name |
If set, also reads the token from this cookie name |
user_model |
Pydantic model — if provided, the payload is validated via model_validate() |
When called as a FastAPI dependency, the provider reads the token from:
Authorization: Bearer <token>header (always)- Cookie
<cookie_name>(ifcookie_nameis set)
Development
See the workspace README for setup instructions.
task jwt:lint # ruff + bandit + ty
task jwt:test # pytest
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file casbin_fastapi_decorator_jwt-1.2.0.tar.gz.
File metadata
- Download URL: casbin_fastapi_decorator_jwt-1.2.0.tar.gz
- Upload date:
- Size: 2.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.7 {"installer":{"name":"uv","version":"0.11.7","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1117b665207f315b9c3a08459617b855dc70d1d76c2fe3e8a2210ece64f3f579
|
|
| MD5 |
83dceb68c3739ba2d5a459590ad283e7
|
|
| BLAKE2b-256 |
6b58c49e6bac7e1a3830563675f3395571fa1553b6a4c4c0bbf636991e255720
|
File details
Details for the file casbin_fastapi_decorator_jwt-1.2.0-py3-none-any.whl.
File metadata
- Download URL: casbin_fastapi_decorator_jwt-1.2.0-py3-none-any.whl
- Upload date:
- Size: 4.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.7 {"installer":{"name":"uv","version":"0.11.7","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1142b74cf1c27d6171bf428fe7e441ac6dac803501a515b93ada5257d41a721c
|
|
| MD5 |
2b67a0ae9a357673c3d132f3e7407e10
|
|
| BLAKE2b-256 |
ad4d5fd803e74a137c019c06fa11863a4bdbab350a8437b493a62f1dbe635525
|
