Datasette plugin for authenticating access using API tokens
Project description
datasette-auth-tokens
Datasette plugin for authenticating access using API tokens
This only works with the next, unreleased version of Datasette
Installation
Install this plugin in the same environment as Datasette.
$ pip install datasette-auth-tokens
Usage
Read about Datasette's authentication and permissions system.
This plugin lets you configure secret API tokens which can be used to make authenticated requests to Datasette.
First, create a random API token. A useful recipe for doing that is the following:
$ python -c 'import secrets; print(secrets.token_hex(32))'
5f9a486dd807de632200b17508c75002bb66ca6fde1993db1de6cbd446362589
Decide on the actor that this token should represent, for example:
{
"bot_id": "my-bot"
}
You can then use "allow"
blocks to provide that token with permission to access specific actions. To enable access to a configured writable SQL query you could use this in your metadata.json
:
{
"plugins": {
"datasette-auth-tokens": [
{
"token": {
"$env": "BOT_TOKEN"
},
"actor": {
"bot_id": "my-bot"
}
}
]
},
"databases": {
":memory:": {
"queries": {
"show_version": {
"sql": "select sqlite_version()",
"allow": {
"bot_id": "my-bot"
}
}
}
}
}
}
This uses Datasette's secret configuration values mechanism to allow the secret token to be passed as an environment variable.
Run Datasette like this:
BOT_TOKEN="this-is-the-secret-token" \
datasette -m metadata.json
You can now run authenticated API queries like this:
$ curl -H 'Authorization: Bearer this-is-the-secret-token' \
'http://127.0.0.1:8001/:memory:/show_version.json?_shape=array'
[{"sqlite_version()": "3.31.1"}]
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for datasette_auth_tokens-0.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 46f3bd5b8913c72126f473efd2c8bfb000c32ae326a22334e4bcf7a29a11c525 |
|
MD5 | 82b77c0911b757ac51f9d06d0fcab5b3 |
|
BLAKE2b-256 | f50fac405138866ff6e87edb6cfe3a379d278d8a0486b10ab2e9728f1a7d7d64 |