user and session management on postgresql database
Project description
User authentication and session management based on PostgreSQL
Installation
Just download it from PYPI using pip:
pip install pgusers
Usage
UserSpace(**kwargs)
Initialises the UserSpace, creating a database connection if it doesn’t exist. The arguments in kwargs can be any of the arguments for a PostgreSQL connection, some of the most common are the following:
Parameter |
Env Variable |
Meaning |
|---|---|---|
dbname |
PGUSERS_USERSPACE |
The userspace name, i.e. database containing the userspace |
user |
PGUSERS_ADMIN |
The admin user for the userspace |
password |
PGUSERS_PASSWORD |
The password for the admin user |
host |
PGUSERS_HOST |
The hostname (PostgreSQL server) where the userspace resides |
port |
PGUSERS_PORT |
The PorstgreSQL server port if not the usual 5432 |
For any of the above parameters, the corresponding environment variable can be specified in its place.
In addition to the above environment variables, PGUSERS_CONNECTION_STRING can be defined as well, with the format specified in PostgreSQL Connection Strings.
The parameters specified in kwargs take precedence over the Environment Variables, which, in turn, take precedence over parameters in the Connection String.
Repeated connections to the same userspace return the same object.
The following are the methods available to UserSpace instances.
create_user(self, username, password, email, admin=False, extra_data=None)
Creates a new user. Returns a numeric userid for the user created.
- username:
The username to be created, if there is already a record with that username, a BadCallError exception is raised.
- password:
The user’s password in cleartext.
- email:
Email for notifications or password recovery. BadCallError is raised if the email exists in the database.
- admin:
A boolean value indicating whether the user is an administrator.
- extra_data:
Any data that will be attached to the record. This can be anything that can be serialised using the pickle module from the standard library.
validate_user(self, username, password, extra_data=None)
Validates (or logs in) a user. Returns a tuple with a string containing a session key, a boolean value indicating whether the user is an admin, and the numeric userid. If the user was not found, the returned tuple would be ("", False, None)
- username:
The username to be authenticated.
- password:
The password in clear text.
- extra_data:
Optional data that will be attached to the session. This can be anything that can be serialised using the pickle module from the standard library.
delete_user(self, username=None, userid=None)
Delete a user given either its username or userid. Either username or userid must be specified. Returns OK if deleted, NOT_FOUND if not found.
- username:
The username.
- userid:
The numeric userid.
change_password(self, userid, newpassword, oldpassword=None)
Change a user’s password. Returns either OK, NOT_FOUND or REJECTED Throws BadCallError if neither username or userid are specified.
- userid:
The numeric user id, as returned by create_user()
- newpassword:
The new password, in cleartext.
- oldpassword:
The current password, in cleartext. If specified, oldpassword is checked against the current password and the call will fail if they don’t match. If oldpassword is not specified, the password will be changed unconditionally.
check_key(self, key)
Reset the session timeout. Resets the key’s Time To Live to the default value. Returns a tuple of the form (rc, username, userid, extra_data) where rc can be either OK, NOT_FOUND or EXPIRED. If NOT_FOUND or EXPIRED, username and userid will be None.
- key:
The session key as returned by validate_user()
set_session_TTL(self, secs)
Sets the TTL for all sessions. All new sessions or checked sessions will be set to this new TTL value.
- secs:
The number of seconds of Time To Live. The default TTL for a session is currently 864000 seconds, or 10 days. This might change in future releases.
find_user(self, username=None, email=None, userid=None)
Find a user given either its username, its email or its userid. At least one of those must be supplied.
This method does not validate the user or any session. It is used to retrieve information about a user in the database.
Returns a dictionary with fields userid, username, email, admin, and extra_data. None if the user was not found.
- username:
The username.
- email:
The email.
- userid:
The numeric userid.
modify_user(self, userid, username=None, email=None, extra_data=None)
Modify user data. Returns OK if successful NOT_FOUND if not.
- userid:
The user id as returned by create_user()
- username:
The new username to change, if specified.
- email:
The new email to change, if specified.
- extra_data:
The new extra_data to change, if specified.
is_admin(self, userid)
Checks whether the user is admin. Returns True if it is, False if not.
- userid:
The user id as returned by create_user()
set_admin(self, userid, admin=True)
Grant or revoke admin privileges to the user. To revoke, call with admin set to False
- userid:
The user id as returned by create_user()
- admin:
If set to True or not specified, mark the user as administrator. If set to False, revokes administrator rights.
all_users(self)
Generator yielding (userid, username, email, admin) tuples for all users in the userspace.
list_sessions(self, uid, expired=False)
Generator yielding all sessions for a user or for all users (i.e. all sessions) if uid is 0. If expired is set to True, yield only the sessions that have expired. Yields tuples of the form (username, key, expiration)
- userid:
The user id as returned by create_user(), or 0 to return all sessions.
- expired:
Boolean indicating whether the method should only return expired sessions.
kill_sessions(self, uid, expired=False)
Kill the sessions for a user or for all users (i.e. all sessions) if uid is 0. If expired is set to True, kill only the sessions that have expired. Killing a session removes it from the database, efectively invalidating it.
- userid:
The user id as returned by create_user(), or 0 to kill all sessions.
- expired:
Boolean indicating whether the method should only kill the expired sessions.
License
This software is licensed under the terms of the MIT license.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pgusers-0.9.4.tar.gz.
File metadata
- Download URL: pgusers-0.9.4.tar.gz
- Upload date:
- Size: 15.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a87d80f75c7f28fc27862fd29578acb93b14165f86a2e7e0244111cef278d088
|
|
| MD5 |
1972638e9af2e4c8084e1199379014f6
|
|
| BLAKE2b-256 |
8ac9ff39e7aacfd1e904c3001fc8197a75bd96afa35b40d70dda1e5ca5536aa1
|
File details
Details for the file pgusers-0.9.4-py3-none-any.whl.
File metadata
- Download URL: pgusers-0.9.4-py3-none-any.whl
- Upload date:
- Size: 14.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.12.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
acc329c8313d53c2f9020298304ce582e386f27db03e8e91b4d541a161d5a777
|
|
| MD5 |
9d28e4057231a90080b4df307697a065
|
|
| BLAKE2b-256 |
7994517f25341c09fe2e5de318b2d44a6366ecf261f8628673014622fc7e90e5
|
