HOTOSM SSO authentication library for Hanko + OSM OAuth
Project description
HOTOSM Auth Library - Python
FastAPI, Litestar, and Django integration for Hanko SSO authentication with OSM OAuth support.
Installation
# Core only
pip install hotosm-auth
# With FastAPI support
pip install hotosm-auth[fastapi]
# With Django support
pip install hotosm-auth[django]
# With Litestar support
pip install hotosm-auth[litestar]
Usage
FastAPI
from fastapi import FastAPI
from hotosm_auth_fastapi import setup_auth, Auth
app = FastAPI()
setup_auth(app)
@app.get("/me")
async def get_me(auth: Auth):
return {"id": auth.user.id, "email": auth.user.email}
Django
# settings.py
INSTALLED_APPS = [..., 'hotosm_auth_django']
MIDDLEWARE = [..., 'hotosm_auth_django.HankoAuthMiddleware']
# views.py
from hotosm_auth_django import login_required
@login_required
def my_view(request):
return JsonResponse({"user_id": request.hotosm.user.id})
Litestar
from litestar import Litestar, get
from hotosm_auth_litestar import setup_auth, Auth
@get("/me")
async def me(auth: Auth):
return {"id": auth.user.id, "email": auth.user.email}
deps, route_handlers = setup_auth()
app = Litestar(route_handlers=[me, *route_handlers], dependencies=deps)
Configuration
Set these environment variables:
HANKO_API_URL=https://login.hotosm.org
COOKIE_SECRET=your-32-byte-secret
COOKIE_DOMAIN=.hotosm.org
# Optional: OSM OAuth
OSM_CLIENT_ID=your_osm_client_id
OSM_CLIENT_SECRET=your_osm_secret
Development
Running Tests
# Install dev dependencies
uv sync --extra dev
# Run core tests (no framework dependencies)
uv run pytest
# Run with FastAPI tests
uv run --extra fastapi pytest
# Run with Django tests
uv run --extra django pytest
# Run with Litestar tests
uv run --extra litestar pytest
# Run all tests (FastAPI + Litestar + Django)
uv run --extra fastapi --extra litestar --extra django pytest
# Run with coverage
uv run --extra fastapi --extra litestar --extra django pytest --cov=src \
--cov-report=term-missing
Test Structure
Core tests (no framework dependencies):
tests/test_config.py- Configuration loading and validationtests/test_crypto.py- Cookie encryption/decryptiontests/test_exceptions.py- Exception hierarchytests/test_models.py- HankoUser and OSMConnection modelstests/test_jwt_validator.py- JWT payload parsingtests/test_jwt_validation.py- Full JWT validation with mocked JWKStests/test_osm_cookie.py- OSM connection cookie round-triptests/test_osm_oauth.py- OSM OAuth client with mocked HTTP
FastAPI tests (require [fastapi] extra):
tests/test_fastapi_setup.py- Auth dependency setuptests/test_fastapi_dependencies.py- Dependency injection with mocked requeststests/test_fastapi_osm_routes.py- OSM OAuth routes (login, callback, status, disconnect)tests/test_admin_routes.py- Admin CRUD routes with mocked database
Litestar tests (require [litestar] extra):
tests/test_litestar_setup.py- Auth context and setup APItests/test_litestar_dependencies.py- Dependency helpers with mocked requeststests/test_litestar_osm_routes.py- OSM OAuth routes (login, callback, status, disconnect)tests/test_litestar_admin_routes.py- Admin CRUD routes with mocked database
Django tests (require [django] extra):
tests/test_django_middleware.py- Middleware and decoratorstests/test_django_osm_views.py- OSM OAuth viewstests/test_django_admin_routes.py- Admin CRUD routes with mocked database
Test Coverage
Run with coverage report:
uv run --extra fastapi --extra litestar --extra django pytest --cov=src --cov-report=term-missing
Current coverage: 72% (127 tests)
Features
- JWT validation for Hanko tokens (RS256 with JWKS)
- OSM OAuth 2.0 integration
- Encrypted httpOnly cookies for OSM connection
- User mapping between Hanko and application users
- FastAPI, Litestar, and Django integrations
License
AGPL-3.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
hotosm_auth-0.2.12.tar.gz
(152.0 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file hotosm_auth-0.2.12.tar.gz.
File metadata
- Download URL: hotosm_auth-0.2.12.tar.gz
- Upload date:
- Size: 152.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.8 {"installer":{"name":"uv","version":"0.11.8","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Pop!_OS","version":"22.04","id":"jammy","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
89151926ff449139635013cda7c219cdd834818cbad2ecb9f886220399864126
|
|
| MD5 |
a8366242b1e9e2d5817735163276956b
|
|
| BLAKE2b-256 |
79ccd1933e46168219816d78b9ac59d0c2d65efeb889d75094409f6f9af46419
|
File details
Details for the file hotosm_auth-0.2.12-py3-none-any.whl.
File metadata
- Download URL: hotosm_auth-0.2.12-py3-none-any.whl
- Upload date:
- Size: 55.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.8 {"installer":{"name":"uv","version":"0.11.8","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Pop!_OS","version":"22.04","id":"jammy","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a61f2634f84fe3d0ca2fb0da6fd0fdab8cadce77293453c019adf80247df7b3f
|
|
| MD5 |
482fa8dfc518b79714104ae60009be3a
|
|
| BLAKE2b-256 |
230b742a0b78c1895307b2dcdcad9c375606670ad93cc8add56ad1be19277eaf
|
