PyPI - auth-kit-fastapi - Versions diffs - 0.1.0__py3-none-any.whl - Mend

auth-kit-fastapi 0.1.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

auth_kit_fastapi/__init__.py +27 -0
auth_kit_fastapi/schemas/__init__.py +84 -0
auth_kit_fastapi/schemas/auth.py +145 -0
auth_kit_fastapi/schemas/passkey.py +129 -0
auth_kit_fastapi/schemas/two_factor.py +73 -0
auth_kit_fastapi/services/__init__.py +17 -0
auth_kit_fastapi/services/email_service.py +468 -0
auth_kit_fastapi/services/passkey_service.py +461 -0
auth_kit_fastapi/services/two_factor_service.py +422 -0
auth_kit_fastapi/services/user_service.py +407 -0
auth_kit_fastapi-0.1.0.dist-info/METADATA +226 -0
auth_kit_fastapi-0.1.0.dist-info/RECORD +20 -0
auth_kit_fastapi-0.1.0.dist-info/WHEEL +5 -0
auth_kit_fastapi-0.1.0.dist-info/top_level.txt +2 -0
tests/__init__.py +1 -0
tests/conftest.py +198 -0
tests/test_auth_endpoints.py +350 -0
tests/test_passkey_endpoints.py +282 -0
tests/test_services.py +449 -0
tests/test_two_factor_endpoints.py +377 -0

auth_kit_fastapi/__init__.py ADDED Viewed

@@ -0,0 +1,27 @@
+"""
+Auth Kit FastAPI - Complete authentication solution for FastAPI applications
+"""
+from .core.config import AuthConfig
+from .core.app import create_auth_app
+from .core.dependencies import (
+    get_current_user,
+    get_current_active_user,
+    require_verified_user,
+    require_superuser
+)
+from .models.user import BaseUser
+from .core.events import auth_events
+__version__ = "1.0.0"
+__all__ = [
+    "AuthConfig",
+    "create_auth_app",
+    "get_current_user",
+    "get_current_active_user",
+    "require_verified_user",
+    "require_superuser",
+    "BaseUser",
+    "auth_events"
+]

auth_kit_fastapi/schemas/__init__.py ADDED Viewed

@@ -0,0 +1,84 @@
+"""
+Export all schemas
+"""
+from .auth import (
+    UserBase,
+    UserCreate,
+    UserUpdate,
+    UserResponse,
+    LoginRequest,
+    TokenResponse,
+    LoginResponse,
+    RefreshTokenRequest,
+    LogoutRequest,
+    PasswordChangeRequest,
+    PasswordResetRequest,
+    PasswordResetConfirmRequest,
+    EmailVerificationRequest,
+    MessageResponse,
+    ErrorResponse
+)
+from .passkey import (
+    PasskeyBase,
+    PasskeyCreate,
+    PasskeyResponse,
+    PasskeyListResponse,
+    RegistrationOptionsResponse,
+    RegistrationCompleteRequest,
+    AuthenticationOptionsResponse,
+    AuthenticationCompleteRequest,
+    AuthenticationBeginRequest
+)
+from .two_factor import (
+    TwoFactorSetupResponse,
+    TwoFactorVerifyRequest,
+    TwoFactorEnableResponse,
+    TwoFactorDisableRequest,
+    RecoveryCodesRegenerateRequest,
+    RecoveryCodesResponse,
+    TwoFactorLoginVerifyRequest,
+    TwoFactorStatusResponse
+)
+__all__ = [
+    # Auth schemas
+    "UserBase",
+    "UserCreate",
+    "UserUpdate",
+    "UserResponse",
+    "LoginRequest",
+    "TokenResponse",
+    "LoginResponse",
+    "RefreshTokenRequest",
+    "LogoutRequest",
+    "PasswordChangeRequest",
+    "PasswordResetRequest",
+    "PasswordResetConfirmRequest",
+    "EmailVerificationRequest",
+    "MessageResponse",
+    "ErrorResponse",
+    # Passkey schemas
+    "PasskeyBase",
+    "PasskeyCreate",
+    "PasskeyResponse",
+    "PasskeyListResponse",
+    "RegistrationOptionsResponse",
+    "RegistrationCompleteRequest",
+    "AuthenticationOptionsResponse",
+    "AuthenticationCompleteRequest",
+    "AuthenticationBeginRequest",
+    # 2FA schemas
+    "TwoFactorSetupResponse",
+    "TwoFactorVerifyRequest",
+    "TwoFactorEnableResponse",
+    "TwoFactorDisableRequest",
+    "RecoveryCodesRegenerateRequest",
+    "RecoveryCodesResponse",
+    "TwoFactorLoginVerifyRequest",
+    "TwoFactorStatusResponse"
+]

auth_kit_fastapi/schemas/auth.py ADDED Viewed

@@ -0,0 +1,145 @@
+"""
+Authentication schemas for request/response validation
+"""
+from datetime import datetime
+from typing import Optional, Dict, Any
+from uuid import UUID
+from pydantic import BaseModel, EmailStr, Field, validator
+# Base schemas
+class UserBase(BaseModel):
+    """Base user schema"""
+    email: EmailStr
+    first_name: Optional[str] = None
+    last_name: Optional[str] = None
+    phone_number: Optional[str] = None
+class UserCreate(UserBase):
+    """User registration schema"""
+    password: str = Field(..., min_length=8, max_length=128)
+    confirm_password: Optional[str] = None
+    accept_terms: Optional[bool] = False
+    @validator('confirm_password')
+    def passwords_match(cls, v, values):
+        if 'password' in values and v != values['password']:
+            raise ValueError('Passwords do not match')
+        return v
+class UserUpdate(BaseModel):
+    """User profile update schema"""
+    first_name: Optional[str] = None
+    last_name: Optional[str] = None
+    phone_number: Optional[str] = None
+    avatar_url: Optional[str] = None
+class UserResponse(UserBase):
+    """User response schema"""
+    id: UUID
+    is_active: bool
+    is_verified: bool
+    is_superuser: bool
+    two_factor_enabled: bool
+    created_at: datetime
+    updated_at: datetime
+    last_login_at: Optional[datetime] = None
+    class Config:
+        from_attributes = True
+# Authentication schemas
+class LoginRequest(BaseModel):
+    """Login request schema (OAuth2 compatible)"""
+    username: EmailStr  # OAuth2 spec requires 'username'
+    password: str
+    grant_type: Optional[str] = "password"
+    scope: Optional[str] = ""
+    client_id: Optional[str] = None
+    client_secret: Optional[str] = None
+class TokenResponse(BaseModel):
+    """Token response schema (OAuth2 compatible)"""
+    access_token: str
+    refresh_token: Optional[str] = None
+    token_type: str = "bearer"
+    expires_in: Optional[int] = None
+    scope: Optional[str] = ""
+class LoginResponse(BaseModel):
+    """Enhanced login response with user data"""
+    user: UserResponse
+    tokens: TokenResponse
+    requires_2fa: bool = False
+    message: Optional[str] = None
+class RefreshTokenRequest(BaseModel):
+    """Refresh token request"""
+    refresh_token: str
+class LogoutRequest(BaseModel):
+    """Logout request"""
+    refresh_token: str
+    everywhere: bool = False  # Logout from all devices
+# Password management schemas
+class PasswordChangeRequest(BaseModel):
+    """Password change request"""
+    current_password: str
+    new_password: str = Field(..., min_length=8, max_length=128)
+    confirm_password: Optional[str] = None
+    @validator('confirm_password')
+    def passwords_match(cls, v, values):
+        if 'new_password' in values and v != values['new_password']:
+            raise ValueError('Passwords do not match')
+        return v
+class PasswordResetRequest(BaseModel):
+    """Password reset request"""
+    email: EmailStr
+class PasswordResetConfirmRequest(BaseModel):
+    """Password reset confirmation"""
+    token: str
+    new_password: str = Field(..., min_length=8, max_length=128)
+    confirm_password: Optional[str] = None
+    @validator('confirm_password')
+    def passwords_match(cls, v, values):
+        if 'new_password' in values and v != values['new_password']:
+            raise ValueError('Passwords do not match')
+        return v
+# Email verification schemas
+class EmailVerificationRequest(BaseModel):
+    """Request email verification resend"""
+    email: Optional[EmailStr] = None  # Use current user's email if not provided
+# Response messages
+class MessageResponse(BaseModel):
+    """Generic message response"""
+    message: str
+    success: bool = True
+    data: Optional[Dict[str, Any]] = None
+class ErrorResponse(BaseModel):
+    """Error response"""
+    detail: str
+    code: Optional[str] = None
+    field: Optional[str] = None

auth_kit_fastapi/schemas/passkey.py ADDED Viewed

@@ -0,0 +1,129 @@
+"""
+Passkey/WebAuthn schemas
+"""
+from datetime import datetime
+from typing import Optional, List, Dict, Any
+from uuid import UUID
+from pydantic import BaseModel, Field
+class PasskeyBase(BaseModel):
+    """Base passkey schema"""
+    name: str = Field(..., min_length=3, max_length=255)
+class PasskeyCreate(PasskeyBase):
+    """Passkey registration request"""
+    pass
+class PasskeyResponse(PasskeyBase):
+    """Passkey response"""
+    id: UUID
+    credential_id: str
+    authenticator_type: str
+    is_discoverable: bool
+    created_at: datetime
+    last_used_at: Optional[datetime] = None
+    class Config:
+        from_attributes = True
+class PasskeyListResponse(BaseModel):
+    """List of user's passkeys"""
+    passkeys: List[PasskeyResponse]
+    total: int
+# WebAuthn schemas
+class PublicKeyCredentialRpEntity(BaseModel):
+    """Relying Party entity"""
+    id: str
+    name: str
+class PublicKeyCredentialUserEntity(BaseModel):
+    """User entity"""
+    id: str
+    name: str
+    displayName: str
+class PublicKeyCredentialParameters(BaseModel):
+    """Credential parameters"""
+    type: str = "public-key"
+    alg: int
+class PublicKeyCredentialDescriptor(BaseModel):
+    """Credential descriptor"""
+    type: str = "public-key"
+    id: str
+    transports: Optional[List[str]] = None
+class AuthenticatorSelectionCriteria(BaseModel):
+    """Authenticator selection criteria"""
+    authenticatorAttachment: Optional[str] = None
+    residentKey: Optional[str] = None
+    userVerification: Optional[str] = "preferred"
+class RegistrationOptionsResponse(BaseModel):
+    """WebAuthn registration options"""
+    challenge: str
+    rp: PublicKeyCredentialRpEntity
+    user: PublicKeyCredentialUserEntity
+    pubKeyCredParams: List[PublicKeyCredentialParameters]
+    timeout: Optional[int] = 60000
+    excludeCredentials: Optional[List[PublicKeyCredentialDescriptor]] = []
+    authenticatorSelection: Optional[AuthenticatorSelectionCriteria] = None
+    attestation: Optional[str] = "none"
+class RegistrationCredentialResponse(BaseModel):
+    """Registration credential from client"""
+    id: str
+    rawId: str
+    type: str = "public-key"
+    response: Dict[str, Any]
+    clientExtensionResults: Optional[Dict[str, Any]] = None
+    authenticatorAttachment: Optional[str] = None
+class RegistrationCompleteRequest(BaseModel):
+    """Complete registration request"""
+    name: str
+    response: RegistrationCredentialResponse
+    challenge: str
+class AuthenticationOptionsResponse(BaseModel):
+    """WebAuthn authentication options"""
+    challenge: str
+    timeout: Optional[int] = 60000
+    rpId: Optional[str] = None
+    allowCredentials: Optional[List[PublicKeyCredentialDescriptor]] = []
+    userVerification: Optional[str] = "preferred"
+class AuthenticationCredentialResponse(BaseModel):
+    """Authentication credential from client"""
+    id: str
+    rawId: str
+    type: str = "public-key"
+    response: Dict[str, Any]
+    clientExtensionResults: Optional[Dict[str, Any]] = None
+class AuthenticationCompleteRequest(BaseModel):
+    """Complete authentication request"""
+    response: AuthenticationCredentialResponse
+    challenge: str
+class AuthenticationBeginRequest(BaseModel):
+    """Begin authentication request"""
+    email: Optional[str] = None  # For discoverable credentials

auth_kit_fastapi/schemas/two_factor.py ADDED Viewed

@@ -0,0 +1,73 @@
+"""
+Two-Factor Authentication schemas
+"""
+from typing import List, Optional
+from pydantic import BaseModel, Field, validator
+class TwoFactorSetupResponse(BaseModel):
+    """2FA setup response"""
+    secret: str
+    qr_code: str  # Base64 encoded QR code image
+    manual_entry_key: str
+    message: str = "Scan the QR code with your authenticator app"
+class TwoFactorVerifyRequest(BaseModel):
+    """Verify 2FA code"""
+    code: str = Field(..., regex="^[0-9]{6}$")
+    @validator('code')
+    def validate_code(cls, v):
+        if not v.isdigit() or len(v) != 6:
+            raise ValueError('Code must be 6 digits')
+        return v
+class TwoFactorEnableResponse(BaseModel):
+    """2FA enable response"""
+    recovery_codes: List[str]
+    message: str = "Two-factor authentication has been enabled"
+class TwoFactorDisableRequest(BaseModel):
+    """Disable 2FA request"""
+    password: str
+class RecoveryCodesRegenerateRequest(BaseModel):
+    """Regenerate recovery codes request"""
+    password: str
+class RecoveryCodesResponse(BaseModel):
+    """Recovery codes response"""
+    recovery_codes: List[str]
+    message: str = "New recovery codes have been generated"
+class TwoFactorLoginVerifyRequest(BaseModel):
+    """Verify 2FA during login"""
+    code: str
+    is_recovery_code: bool = False
+    @validator('code')
+    def validate_code(cls, v, values):
+        if values.get('is_recovery_code'):
+            # Recovery code format: XXXX-XXXX-XXXX-XXXX
+            if not v.replace('-', '').isalnum():
+                raise ValueError('Invalid recovery code format')
+        else:
+            # TOTP code: 6 digits
+            if not v.isdigit() or len(v) != 6:
+                raise ValueError('Code must be 6 digits')
+        return v
+class TwoFactorStatusResponse(BaseModel):
+    """2FA status response"""
+    enabled: bool
+    method: Optional[str] = None
+    backup_codes_remaining: Optional[int] = None
+    created_at: Optional[str] = None

auth_kit_fastapi/services/__init__.py ADDED Viewed

@@ -0,0 +1,17 @@
+"""
+Service classes for auth-kit-fastapi
+Provides business logic layer for authentication operations
+"""
+from .user_service import UserService
+from .email_service import EmailService
+from .passkey_service import PasskeyService
+from .two_factor_service import TwoFactorService
+__all__ = [
+    "UserService",
+    "EmailService",
+    "PasskeyService",
+    "TwoFactorService"
+]