Skip to main content

Installable Django Authentication that adds support for Platform One

Project description

p1-auth

Provides an authentication system for Platform One by decoding non-encrypted JWTs.

Additionally provides configurations to automatically populate user attributes and assign user membership from JWT fields.

settings.py

This section covers configurations that can be set in the settings.py file.

USER_ATTRIBUTES_MAP

A python dictionary to map between fields on the User model and the JWT fields.

USER_ATTRIBUTES_MAP = {
    "PYTHON_USER_MODEL_FIELD_NAME": "JWT_FIELD_NAME",
    "first_name": "given_name",
}

USER_MEMBERSHIPS

A python dictionary to map between models based on JWT fields. The JWT side can be an id, string, or list.

NOTE: the connection between the models must allow connections like the following user.connection_name.update_or_create(**{"field_name": "jwt_memberships"})

USER_MEMBERSHIPS = {
    "PYTHON_USER_MODEL_CONNECTION_NAME": {
        "CONNECTED_MODEL_FIELD": "JWT_MEMBERSHIP_FIELD"
    },
    "groups": {
        "name": "simple_groups"
    },
}

USER_STAFF_FLAG

A key for the JWT to be checked to determine if the user should be marked as staff. This uses the is_staff flag Django's AbstractUser model.

NOTE: if USER_STAFF_VALUE is not set, staff status will be determined by USER_STAFF_FLAG existing in the JWT, and having a non-empty value. So an empty list or string will not confer staff status.

USER_STAFF_FLAG = "JWT_STAFF_FLAG"

USER_STAFF_VALUE

A value to check for in the JWT under the USER_STAFF_FLAG. If the JWT contains a list under USER_STAFF_FLAG, it will check to see if the value of USER_STAFF_VALUE is within the list. The value of USER_STAFF_VALUE is not type restricted, but the comparison is type dependent, so '1' == 1 would fail.

USER_STAFF_VALUE = 123

USER_SUPERUSER_FLAG

A key for the JWT to be checked to determine if the user should be marked as superuser. This uses the is_superuser flag Django's AbstractUser model.

NOTE: if USER_SUPERUSER_VALUE is not set, superuser status will be determined by USER_SUPERUSER_FLAG existing in the JWT, and having a non-empty value. So an empty list or string will not confer staff status.

USER_SUPERUSER_FLAG = "JWT_SUPERUSER_FLAG"

USER_SUPERUSER_VALUE

A value to check for in the JWT under the USER_SUPERUSER_FLAG. If the JWT contains a list under USER_SUPERUSER_FLAG, it will check to see if the value of USER_SUPERUSER_VALUE is within the list. The value of USER_SUPERUSER_VALUE is not type restricted, but the comparison is type dependent, so '1' == 1 would fail.

USER_SUPERUSER_VALUE = 123

REQUIRE_JWT

A flag to require JWTs on every request.

REQUIRE_JWT = True

Django Admin

This section covers configurations that can be set in the Django Admin.

RelatedAssignment

RelatedAssignment allows selecting a Model (object_model) and instance (object_pk) that a user should be assigned to if all related AttributeChecks pass.

Object_model is a dropdown of the enabled content types within the application, where you select the object type you want to assign users to.

Object_pk is the Primary Key of the object you want to assign users to.

AttributeCheck

AttributeCheck allows specifying the JWT key (jwt_attribute) and an expected value.

Jwt_attribute should be a valid JSON key, or a JSON object for traversing the JWT to where the key will be.

Expected_value is the expected JSON value.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

p1_auth-0.1.1.tar.gz (7.6 kB view details)

Uploaded Source

Built Distribution

p1_auth-0.1.1-py3-none-any.whl (8.0 kB view details)

Uploaded Python 3

File details

Details for the file p1_auth-0.1.1.tar.gz.

File metadata

  • Download URL: p1_auth-0.1.1.tar.gz
  • Upload date:
  • Size: 7.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.0 CPython/3.11.7

File hashes

Hashes for p1_auth-0.1.1.tar.gz
Algorithm Hash digest
SHA256 9535dc21151b7999316775ed4580dbe20340e975d53b97ba4af300f1e06b9ba6
MD5 eaecb6352ca7aa928600e015daf42d1e
BLAKE2b-256 b06747ce24100976b68f6eb9174bece46e112ef870929dafc1dfe8ce21fe83db

See more details on using hashes here.

File details

Details for the file p1_auth-0.1.1-py3-none-any.whl.

File metadata

  • Download URL: p1_auth-0.1.1-py3-none-any.whl
  • Upload date:
  • Size: 8.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.0 CPython/3.11.7

File hashes

Hashes for p1_auth-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 8a6f5c6943ab7c1662a629494a7f3a2c21220f061dc671417ec03d69192afd68
MD5 b5af3bfd90a77397d58339b8cb3000a6
BLAKE2b-256 309b8f0c00b4be4ac69fdab38f1d8a4489e3719f156ed5252f57300a15146f03

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page