Session-cookie authentication primitives — middleware, login/logout, redirect helpers for simple_module
Project description
simple_module_auth
Pluggable authentication core for simple_module apps. Owns the stable public contracts every other module imports — UserContext, the AuthProvider protocol, the PrincipalResolver chain, and the get_current_user / CurrentUser / require_permission dependencies — plus the AuthMiddleware that resolves the current principal on every request.
Heads up: for most apps you don't install this directly — an auth-provider module (simple_module_users for email+password, simple_module_keycloak for OIDC) pulls it in and registers itself on app.state.auth.auth_provider.
Install
pip install simple_module_auth
What it provides
UserContext— the request-scoped principal (id,name,email,roles).AuthProviderprotocol — the swappable-backend contract (resolve_user,get_login_url,get_logout_url,get_public_paths,is_bearer_request); exactly one provider module registers an implementation onapp.state.auth.auth_provider.PrincipalResolverchain — async(Request) -> UserContext | Nonecallables apps append toapp.state.auth.principal_resolvers(e.g. PAT/bearer-token or API-key auth), consulted after the session path.AuthMiddleware— delegates to the provider + resolver chain on every request and populates the request principal.get_current_user/CurrentUserdependency and therequire_permission(*permissions)dependency factory.- Anonymous-access is declared via the framework's method-aware
register_public_routeshook (with theSM_AUTH_PUBLIC_PATHShost-level escape hatch).
Usage
from fastapi import APIRouter
from auth.deps import CurrentUser
router = APIRouter()
@router.get("/me")
async def me(user: CurrentUser):
return {"user_id": user.id, "email": user.email}
Routes that need a specific permission use the require_permission(...) dependency factory:
from fastapi import Depends
from auth.deps import require_permission
@router.post("/", dependencies=[Depends(require_permission("products.create"))])
async def create_product(): ...
Depends on
simple_module_core,simple_module_dbitsdangerous
License
MIT — see LICENSE.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file simple_module_auth-0.0.22.tar.gz.
File metadata
- Download URL: simple_module_auth-0.0.22.tar.gz
- Upload date:
- Size: 12.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
63c52f7db163265900e39328341b4fcd7cbe3a99f6997aafecfe79fab3ee51ac
|
|
| MD5 |
3bb0ac256ddeef6c268b98fa6a3be60a
|
|
| BLAKE2b-256 |
5fd30004231779681e3c5759602f4077c8ce2e13add9a58cb21d34f416845b99
|
Provenance
The following attestation bundles were made for simple_module_auth-0.0.22.tar.gz:
Publisher:
release.yml on antosubash/simple_module_python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
simple_module_auth-0.0.22.tar.gz -
Subject digest:
63c52f7db163265900e39328341b4fcd7cbe3a99f6997aafecfe79fab3ee51ac - Sigstore transparency entry: 2026027904
- Sigstore integration time:
-
Permalink:
antosubash/simple_module_python@f0a4767b739ded92dd993ab5cab3d1cebffd7c66 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/antosubash
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@f0a4767b739ded92dd993ab5cab3d1cebffd7c66 -
Trigger Event:
workflow_dispatch
-
Statement type:
File details
Details for the file simple_module_auth-0.0.22-py3-none-any.whl.
File metadata
- Download URL: simple_module_auth-0.0.22-py3-none-any.whl
- Upload date:
- Size: 12.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
52a8ca9f62d94c615465c60f74de4047e7ba3de66710ba6844bf6847daf3a63a
|
|
| MD5 |
d88c8bab794aa9238d7b280c9cf00474
|
|
| BLAKE2b-256 |
32af23ff86db0f5cbe398f3d85728ace8f57c70f6f7199fddeb70e362fa24c60
|
Provenance
The following attestation bundles were made for simple_module_auth-0.0.22-py3-none-any.whl:
Publisher:
release.yml on antosubash/simple_module_python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
simple_module_auth-0.0.22-py3-none-any.whl -
Subject digest:
52a8ca9f62d94c615465c60f74de4047e7ba3de66710ba6844bf6847daf3a63a - Sigstore transparency entry: 2026027985
- Sigstore integration time:
-
Permalink:
antosubash/simple_module_python@f0a4767b739ded92dd993ab5cab3d1cebffd7c66 -
Branch / Tag:
refs/heads/main - Owner: https://github.com/antosubash
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@f0a4767b739ded92dd993ab5cab3d1cebffd7c66 -
Trigger Event:
workflow_dispatch
-
Statement type: