Fast B-tree–backed token store for stateful sessions
Project description
Python SDK for the fast, file-backed, scalable JSON token engine
⚠️ Version 1.0.0b0 — production testing phase
API is stable. Feedback is welcome before the final 1.0.0 release
Fast B-tree–backed token store for stateful user sessions
Provides authentication and authorization across multiple processes
Optimized for vertical scaling on a single server
Installation
pip install crudjt
How to use
- One process starts the master
- All other processes connect to it
Start CRUDJT master (once)
Start the CRUDJT master when your application boots
Only one process can do this for a single token storage
The master process manages sessions and coordination
All functions can also be used directly from it
Generate a new secret key (terminal)
export CRUDJT_SECRET_KEY=$(openssl rand -base64 48)
Start master (python)
import crudjt
import os
CRUDJT.Config.start_master(
secret_key=os.environ['CRUDJT_SECRET_KEY'],
store_jt_path='path/to/local/storage', # optional
grpc_host='127.0.0.1', # default
grpc_port=50051 # default
)
Important: Use the same secret_key across all sessions. If the key changes, previously stored tokens cannot be decrypted and will return nil or false
Start CRUDJT master in Docker
docker-compose.ymlwill be published after 1.0.0b0 Docker image builds
Connect to an existing CRUDJT master
Use this in all other processes
Typical examples:
- multiple local processes
- background jobs
- forked processes
import crudjt
CRUDJT.Config.connect_to_master(
grpc_host='127.0.0.1', # default
grpc_port=50051 # default
)
Process layout
App boot
├─ Process A → start_master
├─ Process B → connect_to_master
└─ Process C → connect_to_master
C
data = {'user_id': 42, 'role': 11} # required
ttl = 3600 * 24 * 30 # optional: token lifetime (seconds)
# Optional: read limit
# Each read decrements the counter
# When it reaches zero — the token is deleted
silence_read = 10
token = CRUDJT.create(data, ttl, silence_read)
# token == 'HBmKFXoXgJ46mCqer1WXyQ'
# To disable token expiration or read limits, pass `None`
CRUDJT.create({'user_id': 42, 'role': 11}, None, None)
R
result = CRUDJT.read('HBmKFXoXgJ46mCqer1WXyQ')
# result == {'metadata': {'ttl': 101001, 'silence_read': 9}, 'data': {'user_id': 42, 'role': 11}}
# When expired or not found token
result = CRUDJT.read('HBmKFXoXgJ46mCqer1WXyQ')
# result == None
U
data = {'user_id': 42, 'role': 8}
# `None` disables limits
ttl = 600
silence_read = 100
result = CRUDJT.update('HBmKFXoXgJ46mCqer1WXyQ', data, ttl, silence_read)
# result == True
# When expired or not found token
result = CRUDJT.update('HBmKFXoXgJ46mCqer1WXyQ', { 'user_id': 42, 'role': 8 })
# result == False
D
result = CRUDJT.delete('HBmKFXoXgJ46mCqer1WXyQ')
# result == True
# When expired or not found token
result = CRUDJT.delete('HBmKFXoXgJ46mCqer1WXyQ')
# result == False
Performance
Metrics will be published after 1.0.0b0 GitHub Actions builds
Storage (File-backed)
Disk footprint
Metrics will be published after 1.0.0b0 GitHub Actions builds
Path Lookup Order
Stored tokens are placed in the file system according to the following order
- Explicitly set via
CRUDJT.Config.start_master(store_jt_path='custom/path/to/file_system_db') - Default system location
- Linux:
/var/lib/store_jt - macOS:
/usr/local/var/store_jt - Windows:
C:\Program Files\store_jt
- Linux:
- Project root directory (fallback)
Storage Characteristics
- CRUDJT automatically removing expired tokens after start and every 24 hours without blocking the main thread
- Storage automatically fsyncs every 500ms, meanwhile tokens are available from cache
Multi-process Coordination
For multi-process scenarios, CRUDJT uses gRPC over an insecure local port for same-host communication only. It is not intended for inter-machine or internet-facing usage
Limits
The library has the following limits and requirements
- Python version: tested with 3.12.5
- Supported platforms: Linux, macOS, Windows (x86_64 / arm64)
- Maximum json size per token: 256 bytes
secret_keyformat: must be Base64secret_keysize: must be 32, 48, or 64 bytes
Contact & Support
- Custom integrations / new features / collaboration: support@crudjt.com
- Library support & bug reports: open an issue
Lincense
CRUDJT is released under the MIT License
💘 Shoot your g . ? Love me out via Patreon Sponsors!
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file crudjt-1.0.0b1.tar.gz.
File metadata
- Download URL: crudjt-1.0.0b1.tar.gz
- Upload date:
- Size: 4.4 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
80437f9d774fbc96f4a73dae2f74434e46674d431fb5f48905160046d67d571f
|
|
| MD5 |
a5b1cf0c492fa0affda2ac4421770d0b
|
|
| BLAKE2b-256 |
73716688e0f8d941c06487ef20f8734350931d2a28f402114144241e27a7024e
|
File details
Details for the file crudjt-1.0.0b1-py3-none-any.whl.
File metadata
- Download URL: crudjt-1.0.0b1-py3-none-any.whl
- Upload date:
- Size: 4.4 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.12.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
58ffef02afbce02b266ee4362a90c3d9303fb1d4c80d492683eadcdae4f4b7b9
|
|
| MD5 |
35f4bdcbb94f524e9366cdd5c56e189e
|
|
| BLAKE2b-256 |
e833b7772274ca840a067060a04ef4c656d5535b424151fb3f222da713331770
|
