token system using MongoDB
Project description
Moth was conceived to be used as an email-only authentication scheme (mail auth -> mauth -> moth), however, it is generic enough to be used for pretty much any token-based authentication.
Relevant Links
Synchronous vs. Asynchronous
To create a synchronous moth object:
from moth import Moth moth_object = Moth()
To create an asynchronous moth object:
from moth import AsyncMoth moth_object = AsyncMoth()
All method calls are supported and identically named in Moth vs. AsyncMoth. For the rest of this README, Moth will refer to both Moth and AsyncMoth unless stated otherwise.
Initialization
Initiating Moth takes the credentials for creating a connection to MongoDB, as well as the database name (which defaults to “moth”).
AsyncMoth.__init__() blocks while creating a connection. It is the only method which does so. It is recommended that you initialize AsyncMoth as part of your tornado server’s startup.
Creating Tokens
Calling moth.create_token() generates a random token and stores it along with email address and optional IP address, expiration (in days), and retval. The method returns the token.
Authenticating Tokens
Calling moth.auth_token() queries mongo for the passed email/token combination. If IP address is in the record returned from mongo, it is validated. If expiration is returned, it is compared to datetime.now()
If either IP address or expiration fails to validate, the token will be deleted.
If the token validates, retval is queried. If a retval exists, it is returned. If it doesn’t, moth.auth_token() returns True.
Additional Methods
All other methods are fairly self explanatory, and/or mostly for internal purposes. Read the code to figure out how it works.
What is retval?
retval is the value that will be returned when moth.auth_token() is successful. It is completely optional. If you don’t pass a retval to moth.create_token(), and don’t call moth.set_retval(), then moth.auth_token() will return True on successful calls.
Why use it?
For the project I’m working on which lead to the creation of Moth, retval is an OAuth token. When I call moth.auth_token(), I validate the moth token, which gives me the user’s OAuth token for making API calls.
Requirements
Moth requires Motor, as well as Tornado and Pymongo (which are both installed via Motor).
Examples
Examples can be found on ReadTheDocs
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file moth-2.1.1.tar.gz.
File metadata
- Download URL: moth-2.1.1.tar.gz
- Upload date:
- Size: 5.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 29e9cd6b735e99d658f2b6377193e985adb4785eeb407f38301fbbc349dc37bc |
|
| MD5 | 662416cd932d419e39bdf9a60dc16a1d |
|
| BLAKE2b-256 | 25309760875c4803fba53389dc9554d9ec02b97cb85d826858417da75ababa09 |
