neoteroi-auth 0.0.3

Framework to handle authentication and authorization.

Authentication and authorization framework for Python apps

Basic framework to handle authentication and authorization in asynchronous Python applications.

Features:

• strategy to implement authentication (who or what is using a service?)
• strategy to implement authorization (is the acting identity authorized to do a certain action?)
• support for dependency injection for classes handling authentication and authorization requirements
• built-in support for JSON Web Tokens (JWTs) authentication

This library is freely inspired by authorization in ASP.NET Core; although its implementation is extremely different.

Installation

pip install neoteroi-auth

To install with support for JSON Web Tokens (JWTs) validation:

pip install neoteroi-auth[jwt]

Examples

For examples, refer to the examples folder.

If you have doubts about authentication vs authorization...

Authentication answers the question: Who is the user who is initiating the action?, or more in general: Who is the user, or what is the service, that is initiating the action?.

Authorization answers the question: Is the user, or service, authorized to do something?.

Usually, to implement authorization, is necessary to have the context of the entity that is executing the action.

Usage in BlackSheep

neoteroi-auth is used in the second version of the BlackSheep web framework, to implement authentication and authorization strategies for request handlers.

To see how neoteroi-auth is used in blacksheep web framework, read:

• Authentication
• Authorization

Documentation

Under construction. 🚧