Skip to main content

Opinionated Python web framework CLI — scaffolding, doctor, registry, and interactive dev playbooks.

Project description

Fabbro

PyPI Python Status License

An opinionated Python web framework for building custom, on-demand web software fast — and for making AI-generated code production-fit: secured by default, no hardcoded secrets, built around reusable modules.

fabbro create scaffolds a working project with a production-ready foundation — authentication, an encrypted secret vault, a background worker queue, and an external-API registry — plus a dev-only interactive playbook that walks you through it.


Install

pip install fabbro

Requires Python 3.12+.

Quickstart

fabbro create myproject
cd myproject
fabbro secret gen              # generate SECRET_KEY / FERNET_KEY into .env
fabbro create-admin            # create the first admin user
fabbro doctor                  # run pre-flight checks
python3 _dev/serve.py          # start the playbooks, then follow Getting Started

What you get

Fabbro turns AI-generated code into production-fit code. The two failure modes of AI-written web apps — secrets and settings hardcoded into logic, and security reinvented (badly) on every project — are designed out from the start:

  • Nothing hardcoded. What AI usually bakes into code — passwords hashing cost, cookie flags, token TTLs, rate limits, CSP, role policy — lives in versioned YAML config, not in source. Change a limit, rotate a policy, tighten a cookie: edit config/, not your logic.
  • Security is reusable and already implemented. Rate limiting, secure cookies, CSRF, CSP, HSTS, Argon2id — shipped once in core/, imported and never rewritten. AI extends your app through config and extension points, not by re-authoring the security layer each time.

The scaffolded project ships with a reusable core/ you import but never edit:

Area What's in the box
Auth & sessions Argon2id hashing with rehash · session rotation on login · CSRF on every mutation · CSP with per-request nonce · require_auth / require_role gating · role policy in auth.yaml
Rate limiting Per-route limits by IP, email, and user — all declared in security.yaml (10 per minute on login, tighter on password reset, etc.)
Secure defaults Cookie SameSite + secure, HSTS, permissions-policy, Argon2 tuning — every value in config, none in code
Secret vault Provider credentials encrypted at rest (Fernet) · one canonical resolution cascade (vault → _FILE → env) — never in source
Background worker SQLite-backed job queue · atomic claim under a WAL lock · heartbeat reaper for crashed jobs
API registry Register providers by OpenAPI spec, autodiscovery, or manually · bind endpoints as stable service.verb aliases your modules call

CLI

Command Purpose
fabbro create <name> Scaffold a new project
fabbro create-admin Create the first admin user
fabbro doctor Run the project's pre-flight checks
fabbro secret gen Generate base secrets into .env
fabbro vault set·list·rm Manage provider API credentials
fabbro registry … Inspect and drive the API registry

Run any command with --help for its full options.


Notes for 0.1.0

A 0.x release with a couple of deliberate, declared gaps — safe under the intended single-tenant, trusted-input use, and scheduled to change as the surface grows:

Area Current behavior
Registry autodiscovery Outbound requests to a provider's base_url aren't yet validated against private/loopback ranges — use trusted base_url values. Full SSRF allowlist lands with the public-API surface.
Session fingerprinting Sessions are bound to user-agent + IP, so a network or device change logs the user out. Intentional for now; its exact role is an open design decision.

© Forjelo · Proprietary · Built for certified Fabbro developers.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fabbro-0.1.0.tar.gz (414.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

fabbro-0.1.0-py3-none-any.whl (445.3 kB view details)

Uploaded Python 3

File details

Details for the file fabbro-0.1.0.tar.gz.

File metadata

  • Download URL: fabbro-0.1.0.tar.gz
  • Upload date:
  • Size: 414.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.3

File hashes

Hashes for fabbro-0.1.0.tar.gz
Algorithm Hash digest
SHA256 7315f9d201e984ed9456602771fe3f2f59552a8271a39fdac67e84677733f070
MD5 8dd8a2bc2c4a80bcbf99738ce3bdf960
BLAKE2b-256 91f9205d49166238450e27158789ab5a5bd30fb2f7bc7f9f00c38b5b330c2755

See more details on using hashes here.

File details

Details for the file fabbro-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: fabbro-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 445.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.3

File hashes

Hashes for fabbro-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 e993126dc61542965df92b878e40b7af3aec0d9a984230a9a2c27c0e4c47dc87
MD5 e0f0bb63fad6806aca3555634980fe60
BLAKE2b-256 e05ee18848e09e6401a2708bd52503fe22aec6fa6ff16a42d66f3446b449de17

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page