Verify JWTs with multiple public keys, FastAPI middleware for auth
Project description
Verify JWTs with multiple public keys, FastAPI middleware for auth
NOTE: Due to https://github.com/encode/starlette/discussions/2446 .env file is no longer supported for configuration.
Creating signing keys
multikeyjwt genkey ./jwtsign.keysee –help for more info
Docker
For more controlled deployments and to get rid of “works on my computer” -syndrome, we always make sure our software works under docker.
It’s also a quick way to get started with a standard development environment.
SSH agent forwarding
We need buildkit:
export DOCKER_BUILDKIT=1
And also the exact way for forwarding agent to running instance is different on OSX:
export DOCKER_SSHAGENT="-v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock -e SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock"
and Linux:
export DOCKER_SSHAGENT="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -e SSH_AUTH_SOCK"
Creating a development container
Build image, create container and start it:
docker build --ssh default --target devel_shell -t multikeyjwt:devel_shell . docker create --name multikeyjwt_devel -v `pwd`":/app" -it `echo $DOCKER_SSHAGENT` multikeyjwt:devel_shell docker start -i multikeyjwt_devel
pre-commit considerations
If working in Docker instead of native env you need to run the pre-commit checks in docker too:
docker exec -i multikeyjwt_devel /bin/bash -c "pre-commit install" docker exec -i multikeyjwt_devel /bin/bash -c "pre-commit run --all-files"
You need to have the container running, see above. Or alternatively use the docker run syntax but using the running container is faster:
docker run --rm -it -v `pwd`":/app" multikeyjwt:devel_shell -c "pre-commit run --all-files"
Test suite
You can use the devel shell to run py.test when doing development, for CI use the “tox” target in the Dockerfile:
docker build --ssh default --target tox -t multikeyjwt:tox . docker run --rm -it -v `pwd`":/app" `echo $DOCKER_SSHAGENT` multikeyjwt:tox
Production docker
There’s a “production” target as well for running the application, remember to change that architecture tag to arm64 if building on ARM:
docker build --ssh default --target production -t multikeyjwt:latest . docker run -it --name multikeyjwt multikeyjwt:amd64-latest
Development
TLDR:
Create and activate a Python 3.8 virtualenv (assuming virtualenvwrapper):
mkvirtualenv -p `which python3.8` my_virtualenv
change to a branch:
git checkout -b my_branch
install Poetry: https://python-poetry.org/docs/#installation
Install project deps and pre-commit hooks:
poetry install pre-commit install pre-commit run --all-files
Ready to go.
Remember to activate your virtualenv whenever working on the repo, this is needed because pylint and mypy pre-commit hooks use the “system” python for now (because reasons).
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file multikeyjwt-1.4.2.tar.gz.
File metadata
- Download URL: multikeyjwt-1.4.2.tar.gz
- Upload date:
- Size: 10.4 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.8.16
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | deacd3f8bf16463fc542d6071d01e8a61938bd5de52382b930a48633c3a83ae2 |
|
| MD5 | de3e29c9f5bc2136c31ab1d47d3f9994 |
|
| BLAKE2b-256 | 2a5bda26a3e6397dd4ad1a16eda95236654108be1402a1b108ca3cb0ad80000d |
File details
Details for the file multikeyjwt-1.4.2-py3-none-any.whl.
File metadata
- Download URL: multikeyjwt-1.4.2-py3-none-any.whl
- Upload date:
- Size: 12.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.8.16
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 57d7963d62154072232155c6a483fd24f65098de3ebf18f740a330d0de4150e5 |
|
| MD5 | 3759a101b2158bae34263599e157c09a |
|
| BLAKE2b-256 | 1049114a5d9b1bba69fedbeab5041056b7fa9ceab8c623b98c71b834cb4ec378 |
