The Ponddy Auth SSO authentication library
Project description
Ponddy Auth Library
-
Provide the class for the Django restful framework authentication, accept the
Auth
token and check the name of <API_AGENT_PREFIX>_<API_ID> in django.contrib.auth.models.Group or not. If the group exists then append the API_AGENT_PROPERTY_NAME intorequest.user
let you can check either API or user permissions. -
Provide the Django model permission class compatible with the restful framework, let it can support valid the permission what in this request contains the API's permission validation.
-
Provide the APIClient, it acts the role of API to execute the HTTP request
Usage
Install package
pip install -U ponddy-auth
Install into restful framework authentication setting
REST_FRAMEWORK = {
# ...
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'ponddy_auth.authentication.SSOAuthentication', # Add this line
),
}
Settings
AUTH_TOKEN_VALID_URL
The real Auth server URL
- None default
API_AGENT_PREFIX
The prefix of API name of group
- Default:
api_agent_
API_AGENT_PROPERTY_NAME
The property name what injects into the request.user
object
- Default:
_api_agent
PONDDY_AUTH_APP_NAME
Your APP name
PONDDY_AUTH_API_CLIENT_ID
Your client ID
PONDDY_AUTH_API_SECRET
Your client secret
PONDDY_AUTH_API_TOKEN_PREFIX
The token prefix, default is SSO
Alias
If you are already set some variables as another setting variable, you can change those to specify the settled variable name
PONDDY_AUTH_APP_NAME_SETTING_NAME
Setting alias of PONDDY_AUTH_APP_NAME
PONDDY_AUTH_API_CLIENT_ID_SETTING_NAME
Setting alias of PONDDY_AUTH_API_CLIENT_ID
PONDDY_AUTH_API_SECRET_SETTING_NAME
Setting alias of PONDDY_AUTH_API_SECRET
PONDDY_AUTH_API_TOKEN_PREFIX_SETTING_NAME
Setting alias of PONDDY_AUTH_API_TOKEN_PREFIX
Permission
Check permission manually
# project/app/views.py
from rest_framework.decorators import api_view
@api_view(['GET'])
def my_view(request):
if request.user._api_agent.has_perm('auth.view_users') or \
request.user._api_agent.has_perms(['app.perm', 'app.perm']):
# do something
pass
Use Permission class
# project/app/views.py
from django.contrib.auth.models import User
from rest_framework import viewsets
from ponddy_auth.permissions import SSODjangoModelPermissions
from .serializers import UserSerializer
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = [SSODjangoModelPermissions, ]
APIClient
Settings first
# project/settings.py
PONDDY_AUTH_APP_NAME = 'YOUR APP NAME'
PONDDY_AUTH_API_CLIENT_ID = 'your-client-id-uuid-like'
PONDDY_AUTH_API_SECRET = 'y0urSecretKey'
Make request
from ponddy_auth.utils import APIClient
session = APIClient()
url = 'https://some.app'
data = {'apply': True}
response = session.post(url, data=data)
Act as user
from ponddy_auth.utils import APIClient
session = APIClient(payload_patch={'email': 'user@userdomain.com'})
url = 'https://some.app'
data = {'apply': True}
response = session.post(url, data=data)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for ponddy_auth-0.1.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 066257b51b80825f03af34c718212df2082cf2fd2402dd55f890b3090cb43781 |
|
MD5 | e3d0369efcb5cf117de408635dce15a7 |
|
BLAKE2b-256 | bfccdb8c78a31261323386dc509b56382f0f62b87796ab7862d59567b6dab9ab |