Skip to main content

Authentication plugin for Keg

Project description

Keg Auth’s Readme

https://circleci.com/gh/level12/keg-auth.svg?&style=shield&circle-token=b90c5336d179f28df73d404a26924bc373840257 https://codecov.io/github/level12/keg-auth/coverage.svg?branch=master&token=hl15MQRPeF

Flask extension in the Keg ecosystem to wrap authentication and authorization functionality. Keg-Auth provides helpers for auth model, view/authorization setup, protected navigation menus, and more.

Installation

  • Bare functionality: pip install keg-auth

  • With mail (i.e. with a mail manager configured, see below): pip install keg-auth[mail]

  • JWT (for using JWT tokens as authenticators): pip install keg-auth[jwt]

  • LDAP (for using LDAP target for authentication): pip install keg-auth[ldap]

  • OAuth (e.g. Google Auth): pip install keg-auth[oauth]

  • Internationalization extensions: pip install keg-auth[i18n]

A Simple Example

For a simple example and a checklist of sorts for app setup, see the Getting Started guide in the docs.

Demo

Typical usage is demonstrated in https://github.com/level12/keg-app-cookiecutter

Development

To run this project’s tests:

  • Copy keg_auth_ta-config-example.py -> keg_auth_ta-config.py, update as needed

  • Override database addr &/or port with environment vars or docker compose override if needed.

  • docker-compose up [-d]

  • tox …

There is a test application defined that can be ran like:

  • cd keg_auth_ta

  • python app.py …

Changelog

0.8.0 released 2024-06-28

  • support python 3.12 (66a3706)

  • move passlib.pwd usage to utils methods due to deprecation warnings (6bc20ab)

0.7.3 released 2023-10-17

  • use oauth authenticator class passed to auth manager (b6feae6)

  • trap permissions error emitted by sqlite db on sync (ba0d3b2)

0.7.2 released 2023-05-22

  • handle multiple potential session cookies resulting from werkzeug 2.3 and flask 2.3 changes (8b4680e)

0.7.1 released 2023-05-12

  • allow request loaders to be specified directly to requires decorators (cd42358)

0.7.0 released 2023-03-03

  • support SQLAlchemy 2.0 (88a6173)

  • support keg testing app context changes (d0ec64f)

0.6.2 released 2022-12-20

  • trap the unknown hash error to prevent invalid password data from causing app errors refs #160 (5f2b721)

0.6.1 released 2022-12-15

  • support multiple db sessions when running auth tests (a5cab4a)

  • fixed upgrade notes in documentation (b537bba)

0.6.0 released 2022-12-12

  • update documentation of breaking changes (1ebb337)

  • BC break support keg-elements 0.8.0 (6d4b251)

  • log attempts when form validation fails, and when csrf doesn’t validate (60edacb)

  • resolve field order error when disabled_utc missing from user form fields (0e2ae74)

  • document known data migration issue (23ec6fe)

  • pin python-ldap to version in package index (0b1d2b7)

  • apply workaround to support testing with flask-login 0.6.2 (d1446a9)

  • drop deprecated OIDC code and any remaining python 2 references (10b1144)

0.5.7 released 2022-08-12

  • prevent attempt tests from failing when certain config values are set in app (b2f7e27)

0.5.6 released 2022-08-12

  • skip attempt tests during execution to avoid import order issues (8ea6f57)

0.5.5 released 2022-08-10

  • flash on login for users disabled by date, autoclear disabled date when re-enabling (9330f62)

0.5.4 released 2022-07-08

  • case insensitive match on user id (d01c310)

  • use relative URLs in tests (6d6f959)

0.5.3 released 2022-02-24

  • fix integrated auth tests (4318826)

0.5.2 released 2022-02-24

  • add OAuth authenticator to replace deprecated OIDC implementation (606c952)

  • add basic user/group/bundle CRUD tests to the integrated auth tests (0c84a2d)

  • BC break require rate-limiting setup by default, simplify configuration (7d7b532)

0.5.1 released 2022-02-22

  • warn on usage of OIDC authenticator due to current breakage in flask-oidc (c582781)

  • potential BC break use keg-elements field ordering scheme on the User form (ee31b79)

  • add class and code options to NavItems for better control of rendering (2842cc2)

  • clear flask session on logout, behavior can be turned off via config setting (71e6b10)

  • stop overriding a title block in templates, use config value to set the proper variable for the app template (210f227)

  • load orm entity in CRUD method (89bc7d4)

0.5.0 released 2022-02-21

  • use the Bootstrap 4 base form template from keg-elements (16c393a)

  • shift to authlib for verification token generate/verify - support generated itsdangerous tokens for now refs #147 (e96ac2e)

0.4.2 released 2022-01-20

  • replace commonmark with markdown-it-py (8b4822d)

0.4.1 released 2021-11-29

  • fix navigation use of callable permissions on classes/blueprints (f19f513)

  • user form: don’t assume csrf_token field exists (07fe642)

  • improve testing developer ux (b687c72)

0.4.0 released 2021-09-13

  • ensure grid header posts are supported (e0638dc)

  • shift to use Bootstrap 4 templates by default (39335bc)

  • centralize validation of permission sets in testing (9f04f1d)

  • ViewTestBase no longer delete users in setup, and provide hooks into user creation (7d72fc3)

  • enhance navigation menu options for login/logout cases (667a1ac)

  • rename package for proper semantics (6a6a202)

0.3.0 released 2021-07-06

  • click changed output for hidden inputs, resolve for set-password CLI (6cd5a09)

  • update python requirements and pip usage (760da0b)

  • add options to exclude specific HTTP methods from auth checks (b66d090)

  • update JWT usage to reflect flask-jwt-extended 4.0 breaking changes (1cd0895)

  • switch ldap requirement to python-ldap (63485f3)

0.2.28 released 2021-04-20

  • support args in http head requests (97f8961)

  • pin flask-jwt-extended < 4 until we support the update

0.2.27 released 2021-02-02

  • fix documentation of internationalization support (8a41f03)

  • make form/crud templates less opinionated about how base templates render page title (0b71303)

0.2.26 released 2021-01-29

  • Provide Spinx documentation (62aca54)

  • Provide a default JS handler for confirm-delete in crud-list (7b6785a)

  • Use marksafe and jinja templates instead of webhelpers2 (8f68e07)

  • Allow user to prevent sending welcome email after user form (3bb8f7a)

  • Validate that create_form returned a value (83ff034)

  • Trap integrity error on permission sync to mitigate race condition (4d7497c)

  • Move disabled_utc to be with the other fields (dd1bf5e)

0.2.25 released 2020-12-08

  • CRUD view passes through args set with self.assign (efeb7b7)

  • CRUD view edit/delete performs authorization prior to ID lookup (efeb7b7)

  • CRUD view added webgrid render limit handling (efeb7b7)

0.2.24 released 2020-07-09

  • Fix inconsistent CLI argument ordering in tests (d9a62c0)

0.2.23 released 2020-06-11

  • Allow applications to enforce custom password policies (7111c20)

  • Check translations in CI (825d32e)

0.2.22 released 2020-04-16

  • Allow rate-limiting of login and password resets (d243b75)

  • Add more config flexibility for OIDC (39beae0)

0.2.21 released 2020-04-02

  • Resolve fuzzy/missing translations (a78de96)

  • Add inactivation date for users (requires migration to add a field) (0020fbd)

  • Support latest Flask-Login (ba59925)

  • Allow unverified users to reset their passwords (8888386)

  • Pin keg-elements requirement to support CRUD checkboxes (e59fcc1)

  • Include an Allow header for 405 responses (a2a3091)

  • Support multiple LDAP targets (b895aad)

  • Handle HEAD requests (b16a7e4)

  • Remove six dependency (477a415)

0.2.20 released 2020-03-24

  • OIDC and related updates (fab68f5)

  • Add OIDC authenticator and login/logout view responders

  • Fix missing page header for Permissions view

  • Allow passing blueprint kwargs to make_blueprint

  • Easier disabling of specific auth views

  • Allow view responder flash messages to be disabled

  • Drop bulk permission controls (better templating now in keg-elements)

0.2.19 released 2020-02-21

  • Improve Usability of Permission Dropdown (479e985)

  • Pin Flask Login (00ea957)

0.2.18 released 2020-01-10

  • add CLI command for dev to set password (d488bc9)

0.2.17 released 2019-12-12

  • ensure token is present for resending verification email (01b566f)

0.2.16 released 2019-12-02

  • fix CRUD edit form default values for relationships (01893f9)

0.2.15 released 2019-11-27

  • fix bundle grid setup for CRUD view (b772f01)

0.2.14 released 2019-11-21

  • fix template issue related to select2 updates (373739b)

  • make auth testing helpers more generic (b90ee96)

0.2.13 released 2019-11-08

  • use select2 to render selects on the user management views (30ff332)

  • fix breakage with keg 0.8.1 (3f5668d)

  • adjust CI environments to use (b9b4fb4)

  • auth test helpers use endpoints to find correct url (76a1222)

0.2.12 released 2019-10-03

  • support decorating flask class-based views (3d8a6cb)

  • fix LDAP authenticator for missing user case (19d184e)

0.2.11 released 2019-09-27

  • fix permission sync method and test hook (a56eda4)

  • fix FontAwesome usage on CRUD list view template (64f759a)

  • support lazy strings and icons in navigation helpers and templates (4473571)

  • remove flask version pin (ab47362)

0.2.10 released 2019-09-18

  • fix testing utils mock import to prevent needing mock dependency (da197df)

0.2.9 released 2019-07-27

  • Provide a hook on the CRUD base class to allow overriding the default add url generation (#74) (7eea8bb)

0.2.8 released 2019-06-17

  • resolve bug in testing permission existence check (feccb98)

0.2.7 released 2019-06-07

  • make custom action access control easier (63921ee)

  • enforce test permissions are specified to the auth manager (794f320)

  • correct the MRO order in CRUD forms and testing models (2f4c451)

  • add get_current_user helper method (cae02a2)

  • make grid action column link CSS classes customizable (aa1bc21)

  • ensure CRUD view passes in desired template args (aae3dad)

0.2.6 released 2019-02-12

  • Merge pull request #60 from level12/move-sync-perms-to-entity (3181691)

  • update readme to remove reference to view-scoped authenticators (514c202)

0.2.5 released 2018-11-14

  • Allow make_blueprint to accept a custom blueprint class (fe635b2)

  • Add a link to resend verification email (f7a6191)

  • Add optional i18n support using morphi (790d3ab)

  • Fix intermittent test failure resulting from login timestamp (cde083b)

  • Refactor CRUD form/grid render to extract template args (34d4a20)

0.2.4

  • Show verification URL on CLI even if mail flag is off

0.2.3

  • Fix requires_user decorator for usage with blueprints

0.2.1

  • Fix nav items to cache on per user basis

  • Fix token generated in CLI having an unknown timezone applied

0.2.0

  • Support permissions

  • Decorate blueprints, classes, methods for user/permission requirements

  • Support request loaders for tokens

0.1.0

  • Initial release

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Keg-Auth-0.8.0.tar.gz (122.3 kB view details)

Uploaded Source

Built Distribution

Keg_Auth-0.8.0-py2.py3-none-any.whl (119.1 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file Keg-Auth-0.8.0.tar.gz.

File metadata

  • Download URL: Keg-Auth-0.8.0.tar.gz
  • Upload date:
  • Size: 122.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.0 CPython/3.9.19

File hashes

Hashes for Keg-Auth-0.8.0.tar.gz
Algorithm Hash digest
SHA256 91327ef103a31a696242475cccee464b9200e2eea2bc5f69e85777a6e626494f
MD5 ee47a3ae93d4f7f9f2178983d5902da6
BLAKE2b-256 5e239efcd735ba77079e8c59b174d5eaa6c245812852db931bed0a3bec59dfde

See more details on using hashes here.

File details

Details for the file Keg_Auth-0.8.0-py2.py3-none-any.whl.

File metadata

  • Download URL: Keg_Auth-0.8.0-py2.py3-none-any.whl
  • Upload date:
  • Size: 119.1 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.0 CPython/3.9.19

File hashes

Hashes for Keg_Auth-0.8.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 25b33702f73740692426b805dddb926d6bbc296459e96f4499bce44fc1c0c740
MD5 ab924ea5266b2508e18483752efac2d6
BLAKE2b-256 f93be00f28aff63603bb7dca127713441aae61c045fa0e1cbd9b5666072ff7e2

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page