Datasette authentication using IndieAuth and RelMeAuth
Project description
datasette-indieauth
Datasette authentication using IndieAuth.
Demo
You can try out the latest version of this plugin at datasette-indieauth-demo.datasette.io
Installation
Install this plugin in the same environment as Datasette.
$ datasette install datasette-indieauth
Usage
Ensure you have a website with a domain that supports IndieAuth or RelMeAuth. The easiest way to do that is to add the following HTML to your homepage, linking to your personal GitHub profile:
<link href="https://github.com/simonw" rel="me">
<link rel="authorization_endpoint" href="https://indieauth.com/auth">
Your GitHub profile needs to link back to your website, to prove that your GitHub account should be a valid identifier for that page.
Now visit /-/indieauth on your Datasette instance to begin the sign-in progress.
Actor
When a user signs in using IndieAuth they will be recieve a signed ds_actor cookie identifying them as an actor that looks like this:
{
"me": "https://simonwillison.net/",
"display": "simonwillison.net"
}
If the IndieAuth server returned additional "profile" fields those will be merged into the actor. You can visit /-/actor on your Datasette instance to see the full actor you are currently signed in as.
Restricting access with the restrict_access plugin configuration
You can use Datasette's permissions system to control permissions of authenticated users - by default, an authenticated user will be able to perform the same actions as an unauthenticated user.
As a shortcut if you want to lock down access to your instance entirely to just specific users, you can use the restrict_access plugin configuration option like this:
{
"plugins": {
"datasette-indieauth": {
"restrict_access": "https://simonwillison.net/"
}
}
}
This can be a string or a list of user identifiers. It can also be a space separated list, which means you can use it with the datasette publish --plugin-secret configuration option to set permissions as part of a deployment, like this:
datasette publish vercel mydb.db --project my-secret-db \
--install datasette-indieauth \
--plugin-secret datasette-indieauth restrict_access https://simonwillison.net/
Development
To set up this plugin locally, first checkout the code. Then create a new virtual environment:
cd datasette-indieauth
python3 -mvenv venv
source venv/bin/activate
Or if you are using pipenv:
pipenv shell
Now install the dependencies and tests:
pip install -e '.[test]'
To run the tests:
pytest
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file datasette-indieauth-1.2.2.tar.gz.
File metadata
- Download URL: datasette-indieauth-1.2.2.tar.gz
- Upload date:
- Size: 7.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 9e12803cf5ccda49441b59e4e3732221fec2a6ef4f98fb0233ef9ed4a4ec802c |
|
| MD5 | a1d0fa45ee5865403ce6cb999b30308b |
|
| BLAKE2b-256 | 34413106cfe6586f927e1baf803ebf305b902aa92d2b153b30ee5dfa5239531b |
File details
Details for the file datasette_indieauth-1.2.2-py3-none-any.whl.
File metadata
- Download URL: datasette_indieauth-1.2.2-py3-none-any.whl
- Upload date:
- Size: 8.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.11.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 7e7ccd1acc2baaff694e1054c44e7f5dea2b5f430de1872f3798e4fce430ab27 |
|
| MD5 | ecd4d693f6ec71c235269b3d04a38517 |
|
| BLAKE2b-256 | f284d3ad936ff94f0d716e71423b23685a63a07617e7c3b0c973aa538d81ad97 |
