The Ponddy Auth SSO authentication library
Project description
Ponddy Auth Library
-
Provide the class for the Django restful framework authentication, accept the
Auth
token and check the name of <API_AGENT_PREFIX>_<API_ID> in django.contrib.auth.models.Group or not. If the group exists then append the API_AGENT_PROPERTY_NAME intorequest.user
let you can check either API or user permissions. -
Provide the Django model permission class compatible with the restful framework, let it can support valid the permission what in this request contains the API's permission validation.
-
Provide the APIClient, it acts the role of API to execute the HTTP request
Usage
Install package
pip install -U ponddy-auth
Install into restful framework authentication setting
REST_FRAMEWORK = {
# ...
'DEFAULT_AUTHENTICATION_CLASSES': (
'rest_framework.authentication.SessionAuthentication',
'rest_framework.authentication.BasicAuthentication',
'ponddy_auth.authentication.SSOAuthentication', # Add this line
),
}
Settings
AUTH_TOKEN_VALID_URL
The real Auth server URL
- None default
API_AGENT_PREFIX
The prefix of API name of group
- Default:
api_agent_
API_AGENT_PROPERTY_NAME
The property name what injects into the request.user
object
- Default:
_api_agent
PONDDY_AUTH_APP_NAME
Your APP name
PONDDY_AUTH_API_CLIENT_ID
Your client ID
PONDDY_AUTH_API_SECRET
Your client secret
PONDDY_AUTH_API_TOKEN_PREFIX
The token prefix, default is SSO
Alias
If you are already set some variables as another setting variable, you can change those to specify the settled variable name
PONDDY_AUTH_APP_NAME_SETTING_NAME
Setting alias of PONDDY_AUTH_APP_NAME
PONDDY_AUTH_API_CLIENT_ID_SETTING_NAME
Setting alias of PONDDY_AUTH_API_CLIENT_ID
PONDDY_AUTH_API_SECRET_SETTING_NAME
Setting alias of PONDDY_AUTH_API_SECRET
PONDDY_AUTH_API_TOKEN_PREFIX_SETTING_NAME
Setting alias of PONDDY_AUTH_API_TOKEN_PREFIX
Permission
Check permission manually
# project/app/views.py
from rest_framework.decorators import api_view
@api_view(['GET'])
def my_view(request):
if request.user._api_agent.has_perm('auth.view_users') or \
request.user._api_agent.has_perms(['app.perm', 'app.perm']):
# do something
pass
Use Permission class
# project/app/views.py
from django.contrib.auth.models import User
from rest_framework import viewsets
from ponddy_auth.permissions import SSODjangoModelPermissions
from .serializers import UserSerializer
class UserViewSet(viewsets.ModelViewSet):
queryset = User.objects.all()
serializer_class = UserSerializer
permission_classes = [SSODjangoModelPermissions, ]
APIClient
Settings first
# project/settings.py
PONDDY_AUTH_APP_NAME = 'YOUR APP NAME'
PONDDY_AUTH_API_CLIENT_ID = 'your-client-id-uuid-like'
PONDDY_AUTH_API_SECRET = 'y0urSecretKey'
Make request
from ponddy_auth.utils import APIClient
session = APIClient()
url = 'https://some.app'
data = {'apply': True}
response = session.post(url, data=data)
Act as user
from ponddy_auth.utils import APIClient
session = APIClient(payload_patch={'email': 'user@userdomain.com'})
url = 'https://some.app'
data = {'apply': True}
response = session.post(url, data=data)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for ponddy_auth-0.1.5-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2fbaea44de6df53057226a48b713f4194f6aba92ba963be8e7406cc2c6163002 |
|
MD5 | 2693357977eaacfe3f8239bd31a64604 |
|
BLAKE2b-256 | ada713202d2900a8e07d1fae44f34e7fffa2f1329432a95a14ace53794fd8de8 |