Eve JWT authentication
Project description
Eve Auth JWT
============
.. image:: https://img.shields.io/pypi/v/eve-auth-jwt.svg
:target: https://pypi.python.org/pypi/eve-auth-jwt
.. image:: https://travis-ci.org/rs/eve-auth-jwt.svg?branch=master
:target: https://travis-ci.org/rs/eve-auth-jwt
An OAuth 2 JWT token validation module for `Eve <http://python-eve.org>`_.
Installation
------------
To install eve-auth-jwt, simply:
$ pip install eve-auth-jwt
At Eve initialization::
from eve import Eve
from eve_auth_jwt import JWTAuth
app = Eve(auth=JWTAuth, settings=SETTINGS)
Configuration
-------------
This module reads its configuration form Eve settings. Here is the list of new directives:
* ``JWT_SECRET`` (required): Defines the symetric secret token secret used to de/encode the token (async keys support is a TODO).
* ``JWT_ISSUER`` (required): Defines the required token issuer (``iss`` claim).
* ``JWT_AUDIENCES``: Defines a list of accepted audiences (``aud`` claim). If not provided, only tokens with no audience set will be accepted.
* ``JWT_ROLES_CLAIM``: Defines the claim name for roles. If set, Eve roles check will be activated, and any resources with ``allowed_roles`` set will require to have those roles present in the defined token's claim.
* ``JWT_SCOPE_CLAIM``: Defines the claim name for scope. If set and the token has a claim of the same name containing the string ``viewer``, only ``GET`` and ``HEAD`` methods will be granted. All other values are ignored and added to the list of exposed roles with the ``scope:`` prefix.
Reading Roles
-------------
If access is granted, the authentication module exposes roles and token's claims thru ``get_authen_roles()`` and ``get_authen_claims()`` methods. You may access those values from your event hook as follow:
def my_hook(...)
resource_def = app.config['DOMAIN'][resource_name]
auth = resource_def['authentication']
if 'somerole' in auth.get_authen_roles():
# grant some finer access
Licenses
--------
All source code is licensed under the `MIT License <https://raw.githubusercontent.com/rs/eve-auth-jwt/master/LICENSE>`_.
============
.. image:: https://img.shields.io/pypi/v/eve-auth-jwt.svg
:target: https://pypi.python.org/pypi/eve-auth-jwt
.. image:: https://travis-ci.org/rs/eve-auth-jwt.svg?branch=master
:target: https://travis-ci.org/rs/eve-auth-jwt
An OAuth 2 JWT token validation module for `Eve <http://python-eve.org>`_.
Installation
------------
To install eve-auth-jwt, simply:
$ pip install eve-auth-jwt
At Eve initialization::
from eve import Eve
from eve_auth_jwt import JWTAuth
app = Eve(auth=JWTAuth, settings=SETTINGS)
Configuration
-------------
This module reads its configuration form Eve settings. Here is the list of new directives:
* ``JWT_SECRET`` (required): Defines the symetric secret token secret used to de/encode the token (async keys support is a TODO).
* ``JWT_ISSUER`` (required): Defines the required token issuer (``iss`` claim).
* ``JWT_AUDIENCES``: Defines a list of accepted audiences (``aud`` claim). If not provided, only tokens with no audience set will be accepted.
* ``JWT_ROLES_CLAIM``: Defines the claim name for roles. If set, Eve roles check will be activated, and any resources with ``allowed_roles`` set will require to have those roles present in the defined token's claim.
* ``JWT_SCOPE_CLAIM``: Defines the claim name for scope. If set and the token has a claim of the same name containing the string ``viewer``, only ``GET`` and ``HEAD`` methods will be granted. All other values are ignored and added to the list of exposed roles with the ``scope:`` prefix.
Reading Roles
-------------
If access is granted, the authentication module exposes roles and token's claims thru ``get_authen_roles()`` and ``get_authen_claims()`` methods. You may access those values from your event hook as follow:
def my_hook(...)
resource_def = app.config['DOMAIN'][resource_name]
auth = resource_def['authentication']
if 'somerole' in auth.get_authen_roles():
# grant some finer access
Licenses
--------
All source code is licensed under the `MIT License <https://raw.githubusercontent.com/rs/eve-auth-jwt/master/LICENSE>`_.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
eve-auth-jwt-1.0.0.tar.gz
(4.0 kB
view details)
Built Distribution
File details
Details for the file eve-auth-jwt-1.0.0.tar.gz.
File metadata
- Download URL: eve-auth-jwt-1.0.0.tar.gz
- Upload date:
- Size: 4.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e5d2c8751cd6d8885b1c0966f7eef482fe577451d0d6d5770ac73d476f9005cd |
|
| MD5 | ed591d3f857b71b33191c05161229f63 |
|
| BLAKE2b-256 | 94c035e9f8de0ffeeb00a1084aba24d7b8953cb118865e6805ea8c34169e4254 |
File details
Details for the file eve_auth_jwt-1.0.0-py2.py3-none-any.whl.
File metadata
- Download URL: eve_auth_jwt-1.0.0-py2.py3-none-any.whl
- Upload date:
- Size: 6.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 887f58dac50dbd5ad94aa54bef18e1909cd824c447ab2d87037a0f567dda17cb |
|
| MD5 | f2b2eece721930a6f5f884cffa2e8e4b |
|
| BLAKE2b-256 | 9c0735be062f2cd9dc152bfc6aa5cbe455b5afeca84e80c7fd5012a5485b7117 |
