authlix 0.3.0__tar.gz

authlix-0.3.0/PKG-INFO

@@ -0,0 +1,240 @@
+Metadata-Version: 2.4
+Name: authlix
+Version: 0.3.0
+Summary: Client and manager helpers for Authlix
+Author-email: Authlix <me@showdown.boo>
+Project-URL: Homepage, https://authlix.io/
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+Requires-Dist: requests>=2.31.0
+
+# Authlix Python SDK
+
+> Client and manager helpers for integrating public validation flows and project operations with the Authlix API.
+
+**License client** – validates license keys, collects environment metadata and lets end-users update `client_editable` fields.
+**Manager client** – handles authentication plus CRUD operations for projects, metadata schemas and licenses.
+**Environment helpers** – gather HWID, local/public IPs and other contextual information in one call.
+
+The SDK targets Python 3.9+ and is published to PyPI as `authlix`.
+
+## Installation
+
+```bash
+pip install authlix
+```
+
+
+
+## Quick start
+
+### Validate a license key
+
+```python
+from authlix import LicenseClient
+
+client = LicenseClient(
+  base_url="https://authlix.io",
+  project_id=42,
+)
+
+# Automatically collects HWID, LAN/public IP, etc.
+result = client.validate_with_environment("CL-XXXX-XXXX")
+print(result)
+```
+
+To control the payload manually, call `validate_license` and pass `hwid`, `ip`, and `metadata` yourself. The metadata must only contain fields that are marked `client_editable` in your project schema.
+
+### Manage projects and licenses
+
+```python
+from authlix import ManagerClient
+
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("automation_bot", api_key="sk_live_XXXXXXXXXXXXXXXX")
+
+# Create project and create license
+project = manager.create_project(
+  name="My Awesome App",
+  description="Tooling pour la communauté",
+)
+license_data = manager.create_license(
+  project_id=project["id"],
+  days_valid=30,
+  metadata={"plan": "pro"},
+)
+
+# Revoke a license
+manager.update_license(
+    license_id=license_data["id"],
+    is_active=False,
+    metadata={"plan": "revoked", "notes": "Chargeback"},
+)
+
+# Update a license
+manager.update_license(
+  license_id=license_data["id"],
+  metadata={"plan": "enterprise", "notes": "Upgraded"},
+)
+
+# Delegate day-to-day operations to another teammate
+manager.add_project_manager(project_id=project["id"], username="support_team")
+```
+
+More helpers are exposed for listing projects/licenses, extending expirations, resetting HWIDs, or deleting keys entirely.
+
+### Look up a license by key
+
+For efficiency, use `get_license_by_key` when you only need to look up a single license instead of fetching all licenses:
+
+```python
+try:
+    license_data = manager.get_license_by_key(
+        project_id=42,
+        license_key="CL-XXXX-XXXX"
+    )
+    print(f"License ID: {license_data['id']}, Active: {license_data['is_active']}")
+except NotFoundError:
+    print("License key not found in this project")
+except ForbiddenError:
+    print("Insufficient permissions for this project")
+```
+
+The key is automatically normalized to uppercase to avoid case mismatches. This method is ideal for dashboards and support tools that need to quickly retrieve license details by key.
+
+### API key management
+
+Automations or SDKs can provision scoped API keys and rotate them without touching end-user credentials.
+
+```python
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("admin", password="password")
+
+# Create a key limited to a project (secret is returned once)
+api_key = manager.create_api_key(
+  label="CI Runner",
+  project_ids=[project["id"]],
+  allow_all_projects=False,
+)
+
+# Update its scopes or friendly label
+manager.update_api_key(
+  api_key_id=api_key["id"],
+  project_ids=[project["id"], 7],
+)
+
+# Dashboard helper: only show keys relevant to a project
+manager.list_project_api_keys(project_id=project["id"])
+
+# Cleanup when the automation is retired
+manager.delete_api_key(api_key_id=api_key["id"])
+```
+
+Use `manager.list_api_keys()` to render an operator-wide view (active + revoked keys).
+
+## Client-editable metadata workflow
+
+Certain metadata fields can be safely mutated by the end-user thanks to the `client_editable` flag defined in the project schema.
+
+1. **Manager** defines the schema:
+
+```python
+from authlix import ManagerClient
+
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("admin", "password")
+
+manager.update_metadata_schema(
+  project_id=42,
+  fields=[
+    {"name": "notes", "type": "string", "client_editable": True},
+    {"name": "plan", "type": "string", "client_editable": False},
+  ],
+)
+```
+
+2. **Client** updates the editable fields:
+
+```python
+from authlix import LicenseClient
+
+client = LicenseClient(base_url="https://authlix.io", project_id=42)
+
+client.update_client_metadata(
+  key="CL-XXXX-XXXX",
+  metadata={"notes": "Nouvelle machine"},
+)
+```
+
+`update_client_metadata` validates locally that `project_id` is an `int` and the `metadata` dictionary is non-empty before calling `POST /api/client_metadata`. Server responses bubble up any JSON `msg` errors through `ApiError` for easier debugging (e.g., non editable field, inactive key, etc.).
+
+## Environment helpers
+
+```python
+from authlix import collect_environment_metadata
+
+print(collect_environment_metadata())
+```
+
+The helper returns HWID, hostname, LAN IP, optional public IP, and other useful attributes. Use it to enrich `validate_license` calls or to store telemetry on validated machines.
+
+## Error handling
+
+The SDK provides specific exception classes for common HTTP errors:
+
+- `BadRequestError` – raised for HTTP 400 (Bad Request, e.g., missing or invalid parameters)
+- `ForbiddenError` – raised for HTTP 403 (Forbidden, e.g., insufficient project scope)
+- `NotFoundError` – raised for HTTP 404 (Not Found, e.g., unknown license key)
+- `ApiError(status_code, message, payload)` – generic error for other HTTP ≥ 400 responses
+- `AuthenticationError` – surfaces authentication/authorization issues in manager flows
+- `AuthlixError` – base class for all SDK exceptions for easy broad exception handling
+
+All error classes include a `status_code` and `payload` for detailed debugging:
+
+```python
+from authlix import ApiError, BadRequestError, ForbiddenError, NotFoundError
+
+try:
+    license_data = manager.get_license_by_key(project_id=42, license_key="CL-XXXX")
+except BadRequestError as exc:
+    print(f"Invalid request: {exc}")
+except ForbiddenError as exc:
+    print(f"Access denied to project: {exc}")
+except NotFoundError as exc:
+    print(f"License not found: {exc}")
+except ApiError as exc:
+    print(f"API error {exc.status_code}: {exc}")
+    print(exc.payload)
+```
+
+## Local development
+
+```bash
+python -m venv .venv
+.venv\Scripts\activate
+pip install -e .
+python -m build
+```
+
+Additional helpers:
+
+- `list_licenses(project_id)` – list all licenses (keys + live metadata and usage counters) for a project (prefer `get_license_by_key` for single lookups)
+- `get_license_by_key(project_id, license_key)` – efficiently retrieve a single license by its key (automatically normalized to uppercase)
+- `create_license(project_id, days_valid=None, metadata=None)` – generate a new license key
+- `update_license(license_id, is_active=None, expires_at=None, reset_hwid=False, metadata=None)` – ban/disable, move expiration, reset HWID, or overwrite metadata
+- `extend_license(project_id, license_id, days)` – convenience method to push expiration forward
+- `delete_license(license_id)` – hard-delete a key
+- `add_project_manager(project_id, username)` – delegate back-office access to teammates
+- `create_api_key(label, project_ids=None, allow_all_projects=False)` – mint scoped API keys from the dashboard
+- `update_api_key(api_key_id, ...)`/`delete_api_key(api_key_id)` – rotate or revoke keys instantly
+- `list_api_keys()`/`list_project_api_keys(project_id)` – audit keys globally or per project
+
+## Environment helpers
+
+```python
+from authlix import collect_environment_metadata
+
+print(collect_environment_metadata())
+```
+
+Returns HWID, hostname, LAN IP, and (if available) public IP.

authlix-0.3.0/README.md

@@ -0,0 +1,230 @@
+# Authlix Python SDK
+
+> Client and manager helpers for integrating public validation flows and project operations with the Authlix API.
+
+**License client** – validates license keys, collects environment metadata and lets end-users update `client_editable` fields.
+**Manager client** – handles authentication plus CRUD operations for projects, metadata schemas and licenses.
+**Environment helpers** – gather HWID, local/public IPs and other contextual information in one call.
+
+The SDK targets Python 3.9+ and is published to PyPI as `authlix`.
+
+## Installation
+
+```bash
+pip install authlix
+```
+
+
+
+## Quick start
+
+### Validate a license key
+
+```python
+from authlix import LicenseClient
+
+client = LicenseClient(
+  base_url="https://authlix.io",
+  project_id=42,
+)
+
+# Automatically collects HWID, LAN/public IP, etc.
+result = client.validate_with_environment("CL-XXXX-XXXX")
+print(result)
+```
+
+To control the payload manually, call `validate_license` and pass `hwid`, `ip`, and `metadata` yourself. The metadata must only contain fields that are marked `client_editable` in your project schema.
+
+### Manage projects and licenses
+
+```python
+from authlix import ManagerClient
+
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("automation_bot", api_key="sk_live_XXXXXXXXXXXXXXXX")
+
+# Create project and create license
+project = manager.create_project(
+  name="My Awesome App",
+  description="Tooling pour la communauté",
+)
+license_data = manager.create_license(
+  project_id=project["id"],
+  days_valid=30,
+  metadata={"plan": "pro"},
+)
+
+# Revoke a license
+manager.update_license(
+    license_id=license_data["id"],
+    is_active=False,
+    metadata={"plan": "revoked", "notes": "Chargeback"},
+)
+
+# Update a license
+manager.update_license(
+  license_id=license_data["id"],
+  metadata={"plan": "enterprise", "notes": "Upgraded"},
+)
+
+# Delegate day-to-day operations to another teammate
+manager.add_project_manager(project_id=project["id"], username="support_team")
+```
+
+More helpers are exposed for listing projects/licenses, extending expirations, resetting HWIDs, or deleting keys entirely.
+
+### Look up a license by key
+
+For efficiency, use `get_license_by_key` when you only need to look up a single license instead of fetching all licenses:
+
+```python
+try:
+    license_data = manager.get_license_by_key(
+        project_id=42,
+        license_key="CL-XXXX-XXXX"
+    )
+    print(f"License ID: {license_data['id']}, Active: {license_data['is_active']}")
+except NotFoundError:
+    print("License key not found in this project")
+except ForbiddenError:
+    print("Insufficient permissions for this project")
+```
+
+The key is automatically normalized to uppercase to avoid case mismatches. This method is ideal for dashboards and support tools that need to quickly retrieve license details by key.
+
+### API key management
+
+Automations or SDKs can provision scoped API keys and rotate them without touching end-user credentials.
+
+```python
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("admin", password="password")
+
+# Create a key limited to a project (secret is returned once)
+api_key = manager.create_api_key(
+  label="CI Runner",
+  project_ids=[project["id"]],
+  allow_all_projects=False,
+)
+
+# Update its scopes or friendly label
+manager.update_api_key(
+  api_key_id=api_key["id"],
+  project_ids=[project["id"], 7],
+)
+
+# Dashboard helper: only show keys relevant to a project
+manager.list_project_api_keys(project_id=project["id"])
+
+# Cleanup when the automation is retired
+manager.delete_api_key(api_key_id=api_key["id"])
+```
+
+Use `manager.list_api_keys()` to render an operator-wide view (active + revoked keys).
+
+## Client-editable metadata workflow
+
+Certain metadata fields can be safely mutated by the end-user thanks to the `client_editable` flag defined in the project schema.
+
+1. **Manager** defines the schema:
+
+```python
+from authlix import ManagerClient
+
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("admin", "password")
+
+manager.update_metadata_schema(
+  project_id=42,
+  fields=[
+    {"name": "notes", "type": "string", "client_editable": True},
+    {"name": "plan", "type": "string", "client_editable": False},
+  ],
+)
+```
+
+2. **Client** updates the editable fields:
+
+```python
+from authlix import LicenseClient
+
+client = LicenseClient(base_url="https://authlix.io", project_id=42)
+
+client.update_client_metadata(
+  key="CL-XXXX-XXXX",
+  metadata={"notes": "Nouvelle machine"},
+)
+```
+
+`update_client_metadata` validates locally that `project_id` is an `int` and the `metadata` dictionary is non-empty before calling `POST /api/client_metadata`. Server responses bubble up any JSON `msg` errors through `ApiError` for easier debugging (e.g., non editable field, inactive key, etc.).
+
+## Environment helpers
+
+```python
+from authlix import collect_environment_metadata
+
+print(collect_environment_metadata())
+```
+
+The helper returns HWID, hostname, LAN IP, optional public IP, and other useful attributes. Use it to enrich `validate_license` calls or to store telemetry on validated machines.
+
+## Error handling
+
+The SDK provides specific exception classes for common HTTP errors:
+
+- `BadRequestError` – raised for HTTP 400 (Bad Request, e.g., missing or invalid parameters)
+- `ForbiddenError` – raised for HTTP 403 (Forbidden, e.g., insufficient project scope)
+- `NotFoundError` – raised for HTTP 404 (Not Found, e.g., unknown license key)
+- `ApiError(status_code, message, payload)` – generic error for other HTTP ≥ 400 responses
+- `AuthenticationError` – surfaces authentication/authorization issues in manager flows
+- `AuthlixError` – base class for all SDK exceptions for easy broad exception handling
+
+All error classes include a `status_code` and `payload` for detailed debugging:
+
+```python
+from authlix import ApiError, BadRequestError, ForbiddenError, NotFoundError
+
+try:
+    license_data = manager.get_license_by_key(project_id=42, license_key="CL-XXXX")
+except BadRequestError as exc:
+    print(f"Invalid request: {exc}")
+except ForbiddenError as exc:
+    print(f"Access denied to project: {exc}")
+except NotFoundError as exc:
+    print(f"License not found: {exc}")
+except ApiError as exc:
+    print(f"API error {exc.status_code}: {exc}")
+    print(exc.payload)
+```
+
+## Local development
+
+```bash
+python -m venv .venv
+.venv\Scripts\activate
+pip install -e .
+python -m build
+```
+
+Additional helpers:
+
+- `list_licenses(project_id)` – list all licenses (keys + live metadata and usage counters) for a project (prefer `get_license_by_key` for single lookups)
+- `get_license_by_key(project_id, license_key)` – efficiently retrieve a single license by its key (automatically normalized to uppercase)
+- `create_license(project_id, days_valid=None, metadata=None)` – generate a new license key
+- `update_license(license_id, is_active=None, expires_at=None, reset_hwid=False, metadata=None)` – ban/disable, move expiration, reset HWID, or overwrite metadata
+- `extend_license(project_id, license_id, days)` – convenience method to push expiration forward
+- `delete_license(license_id)` – hard-delete a key
+- `add_project_manager(project_id, username)` – delegate back-office access to teammates
+- `create_api_key(label, project_ids=None, allow_all_projects=False)` – mint scoped API keys from the dashboard
+- `update_api_key(api_key_id, ...)`/`delete_api_key(api_key_id)` – rotate or revoke keys instantly
+- `list_api_keys()`/`list_project_api_keys(project_id)` – audit keys globally or per project
+
+## Environment helpers
+
+```python
+from authlix import collect_environment_metadata
+
+print(collect_environment_metadata())
+```
+
+Returns HWID, hostname, LAN IP, and (if available) public IP.

authlix-0.3.0/authlix/__init__.py

@@ -0,0 +1,39 @@
+"""Official Authlix helper library.
+
+This package exposes two primary interfaces:
+
+- :class:`authlix.client.LicenseClient` for end-users validating licenses
+- :class:`authlix.manager.ManagerClient` for operators managing projects
+
+Utility helpers live in :mod:`authlix.environment` for gathering HWID/IP metadata.
+"""
+
+from .client import LicenseClient
+from .manager import ManagerClient
+from .environment import (
+    get_machine_fingerprint,
+    get_public_ip,
+    collect_environment_metadata,
+)
+from .exceptions import (
+    AuthlixError,
+    AuthenticationError,
+    ApiError,
+    BadRequestError,
+    ForbiddenError,
+    NotFoundError,
+)
+
+__all__ = [
+    "LicenseClient",
+    "ManagerClient",
+    "get_machine_fingerprint",
+    "get_public_ip",
+    "collect_environment_metadata",
+    "AuthlixError",
+    "AuthenticationError",
+    "ApiError",
+    "BadRequestError",
+    "ForbiddenError",
+    "NotFoundError",
+]

authlix-0.3.0/authlix/client.py

@@ -0,0 +1,142 @@
+"""Client-facing helpers for validating Authlix keys."""
+
+from __future__ import annotations
+
+from typing import Any, Dict, Optional
+
+import requests
+
+from .environment import collect_environment_metadata, get_machine_fingerprint, get_public_ip
+from .exceptions import ApiError
+
+
+class LicenseClient:
+    """Simple wrapper for the public validation endpoint.
+
+    Parameters
+    ----------
+    base_url:
+        Base URL of the CyberLicensing API (e.g. ``"https://licensing.example.com"``).
+    project_id:
+        Owning project id, required by ``POST /api/validate_license`` to scope
+        licenses per product.
+    timeout:
+        Optional HTTP timeout in seconds.
+    """
+
+    def __init__(self, base_url: str, project_id: int, timeout: float = 5.0):
+        self.base_url = base_url.rstrip('/')
+        self.project_id = project_id
+        self.timeout = timeout
+
+    def _handle_response(self, response: requests.Response) -> Dict:
+        if response.status_code >= 400:
+            payload: Optional[Dict[str, Any]] = None
+            if response.content:
+                try:
+                    payload = response.json()
+                except ValueError:
+                    payload = None
+            message = (
+                payload.get("msg")
+                if isinstance(payload, dict) and payload.get("msg")
+                else response.text
+            )
+            raise ApiError(response.status_code, message, payload)
+        if response.content:
+            try:
+                return response.json()
+            except ValueError as exc:
+                raise ApiError(response.status_code, f"Invalid JSON response: {exc}", None)
+        return {}
+
+    def validate_license(
+        self,
+        key: str,
+        hwid: Optional[str] = None,
+        ip: Optional[str] = None,
+        metadata: Optional[Dict[str, Any]] = None,
+    ) -> Dict:
+        """Validate a license key against the public endpoint.
+
+        The request payload matches the backend contract::
+
+            {
+                "project_id": 1,
+                "key": "XXXX-XXXX-XXXX-XXXX",
+                "hwid": "unique-hardware-id"
+            }
+
+        ``metadata`` can be supplied to share additional key-value pairs, but it
+        must only contain fields flagged as ``client_editable`` in the project
+        metadata schema configured by the project manager.
+        """
+
+        payload: Dict[str, Any] = {
+            "project_id": self.project_id,
+            "key": key,
+        }
+        if hwid:
+            payload["hwid"] = hwid
+        if ip:
+            payload["ip"] = ip
+        if metadata:
+            payload["metadata"] = metadata
+
+        response = requests.post(
+            f"{self.base_url}/api/validate_license",
+            json=payload,
+            timeout=self.timeout,
+        )
+        return self._handle_response(response)
+
+    def validate_with_environment(self, key: str, extra_metadata: Optional[Dict[str, Any]] = None) -> Dict:
+        """Validate a key while auto-populating the machine fingerprint as HWID.
+
+        The public IP is captured automatically server-side, no need to send it.
+        Only extra_metadata with client_editable fields can be provided.
+        """
+
+        hwid = get_machine_fingerprint()
+
+        return self.validate_license(
+            key=key,
+            hwid=hwid,
+            metadata=extra_metadata if extra_metadata else None,
+        )
+
+    def update_client_metadata(self, key: str, metadata: Dict[str, Any]) -> Dict[str, Any]:
+        """Update client-editable metadata fields for a specific key.
+
+        Parameters
+        ----------
+        key:
+            License key to mutate.
+        metadata:
+            Non-empty dictionary of ``client_editable`` fields to update.
+        """
+
+        if not isinstance(self.project_id, int):
+            raise ValueError("project_id must be an integer")
+        if not isinstance(metadata, dict) or not metadata:
+            raise ValueError("metadata must be a non-empty dictionary")
+
+        payload = {
+            "project_id": self.project_id,
+            "key": key,
+            "metadata": metadata,
+        }
+        response = requests.post(
+            f"{self.base_url}/api/client_metadata",
+            json=payload,
+            timeout=self.timeout,
+        )
+        return self._handle_response(response)
+
+    @staticmethod
+    def get_default_hwid() -> str:
+        return get_machine_fingerprint()
+
+    @staticmethod
+    def get_default_ip() -> Optional[str]:
+        return get_public_ip()

authlix-0.3.0/authlix/environment.py

@@ -0,0 +1,53 @@
+"""Environment helpers for Authlix SDK."""
+
+from __future__ import annotations
+
+import hashlib
+import platform
+import socket
+import uuid
+from typing import Dict, Optional
+
+import requests
+
+PUBLIC_IP_ENDPOINT = "https://api.ipify.org?format=json"
+
+
+def get_public_ip(timeout: float = 3.0) -> Optional[str]:
+    """Return the machine's public IP using a lightweight HTTPS call."""
+
+    try:
+        response = requests.get(PUBLIC_IP_ENDPOINT, timeout=timeout)
+        response.raise_for_status()
+        return response.json().get("ip")
+    except Exception:
+        return None
+
+
+def get_machine_fingerprint() -> str:
+    """Compute a stable machine fingerprint using MAC + platform info."""
+
+    mac = uuid.getnode()
+    platform_bits = platform.platform()
+    processor = platform.processor()
+    base_string = f"{mac}-{platform_bits}-{processor}"
+    digest = hashlib.sha256(base_string.encode("utf-8")).hexdigest()
+    return digest
+
+
+def collect_environment_metadata(include_public_ip: bool = False) -> Dict[str, Optional[str]]:
+    """Gather useful metadata (HWID only by default).
+
+    Note: Public IP is captured automatically by the server.
+    """
+
+    metadata: Dict[str, Optional[str]] = {
+        "hwid": get_machine_fingerprint(),
+    }
+
+    # Ces champs ne sont inclus que si explicitement demandé
+    # et nécessitent une configuration client_editable côté projet
+    if include_public_ip:
+        metadata["ip"] = get_public_ip()
+
+    return metadata

authlix-0.3.0/authlix/exceptions.py

@@ -0,0 +1,39 @@
+class AuthlixError(Exception):
+    """Base class for SDK-specific exceptions."""
+
+
+class AuthenticationError(AuthlixError):
+    """Raised when authentication fails or a token is missing."""
+
+
+class ApiError(CyberLicensingError):
+    """Raised when the API returns an error response."""
+
+    def __init__(self, status_code: int, message: str, payload=None):
+        super().__init__(message)
+        self.status_code = status_code
+        self.payload = payload or {}
+
+    def __str__(self) -> str:
+        return f"API Error {self.status_code}: {super().__str__()}"
+
+
+class BadRequestError(ApiError):
+    """Raised when the API returns HTTP 400 (Bad Request)."""
+
+    def __init__(self, message: str, payload=None):
+        super().__init__(400, message, payload)
+
+
+class ForbiddenError(ApiError):
+    """Raised when the API returns HTTP 403 (Forbidden - insufficient project scope)."""
+
+    def __init__(self, message: str, payload=None):
+        super().__init__(403, message, payload)
+
+
+class NotFoundError(ApiError):
+    """Raised when the API returns HTTP 404 (Not Found)."""
+
+    def __init__(self, message: str, payload=None):
+        super().__init__(404, message, payload)

authlix-0.3.0/authlix/manager.py

@@ -0,0 +1,248 @@
+"""Manager-side client for Authlix operations."""
+
+from __future__ import annotations
+
+from datetime import datetime, timedelta
+from typing import Any, Dict, List, Optional
+
+import requests
+
+from .exceptions import ApiError, AuthenticationError, BadRequestError, ForbiddenError, NotFoundError
+
+
+class ManagerClient:
+    def __init__(self, base_url: str, token: Optional[str] = None, timeout: float = 5.0):
+        self.base_url = base_url.rstrip('/')
+        self.timeout = timeout
+        self.token = token
+
+    # --- Auth helpers ---
+    def authenticate(
+        self,
+        username: str,
+        *,
+        password: Optional[str] = None,
+        api_key: Optional[str] = None,
+    ) -> str:
+        if not username:
+            raise AuthenticationError("username is required")
+        if (password is None and api_key is None) or (password is not None and api_key is not None):
+            raise AuthenticationError("Provide exactly one of password or api_key")
+
+        payload: Dict[str, Any] = {"username": username}
+        if password is not None:
+            payload["password"] = password
+        else:
+            payload["api_key"] = api_key
+
+        response = requests.post(
+            f"{self.base_url}/api/login",
+            json=payload,
+            timeout=self.timeout,
+        )
+        if response.status_code != 200:
+            message = "Invalid credentials"
+            try:
+                data = response.json()
+            except ValueError:
+                data = None
+            if isinstance(data, dict) and data.get("msg"):
+                message = data["msg"]
+            raise AuthenticationError(message)
+        token = response.json().get("access_token")
+        if not token:
+            raise AuthenticationError("Unable to retrieve access token")
+        self.token = token
+        return token
+
+    def _headers(self) -> Dict[str, str]:
+        if not self.token:
+            raise AuthenticationError("JWT token missing. Call authenticate() first or set token.")
+        return {"Authorization": f"Bearer {self.token}"}
+
+    def _request(self, method: str, path: str, require_auth: bool = True, **kwargs):
+        headers = kwargs.pop('headers', {})
+        if require_auth:
+            headers.update(self._headers())
+        response = requests.request(
+            method,
+            f"{self.base_url}{path}",
+            headers=headers,
+            timeout=self.timeout,
+            **kwargs,
+        )
+        if response.status_code >= 400:
+            payload = None
+            if response.content:
+                try:
+                    payload = response.json()
+                except ValueError:
+                    payload = None
+            message = (
+                payload.get("msg")
+                if isinstance(payload, dict) and payload.get("msg")
+                else response.text
+            )
+            # Raise specific exceptions for common error codes
+            if response.status_code == 400:
+                raise BadRequestError(message, payload)
+            elif response.status_code == 403:
+                raise ForbiddenError(message, payload)
+            elif response.status_code == 404:
+                raise NotFoundError(message, payload)
+            else:
+                raise ApiError(response.status_code, message, payload)
+        if response.content:
+            return response.json()
+        return None
+
+    # --- Project helpers ---
+    def list_projects(self) -> List[Dict]:
+        return self._request('GET', '/api/projects')
+
+    def create_project(self, name: str, description: Optional[str] = None) -> Dict:
+        payload: Dict[str, Any] = {"name": name}
+        if description is not None:
+            payload["description"] = description
+        return self._request('POST', '/api/projects', json=payload)
+
+    def add_project_manager(self, project_id: int, username: str) -> Dict:
+        payload = {"username": username}
+        return self._request('POST', f'/api/projects/{project_id}/add_manager', json=payload)
+
+    def update_metadata_schema(self, project_id: int, fields: List[Dict[str, Any]]) -> Dict:
+        return self._request('PUT', f'/api/projects/{project_id}/metadata_fields', json={"fields": fields})
+
+    def list_licenses(self, project_id: int) -> List[Dict]:
+        return self._request('GET', f'/api/projects/{project_id}/licenses')
+
+    def get_license_by_key(self, project_id: int, license_key: str) -> Dict:
+        """Retrieve a single license by its key.
+
+        This is more efficient than fetching all licenses when you only need
+        to look up one license by its key. The key is automatically converted
+        to uppercase to avoid case mismatches.
+
+        Parameters
+        ----------
+        project_id:
+            The project ID that owns the license.
+        license_key:
+            The license key to look up (e.g., "CL-XXXX-XXXX").
+
+        Returns
+        -------
+        Dict containing the license data.
+
+        Raises
+        ------
+        BadRequestError:
+            If the key parameter is missing or invalid (HTTP 400).
+        ForbiddenError:
+            If the token doesn't have access to this project (HTTP 403).
+        NotFoundError:
+            If the license key doesn't exist in the project (HTTP 404).
+        """
+        # Convert key to uppercase to avoid case mismatches
+        normalized_key = license_key.upper()
+        return self._request('GET', f'/api/projects/{project_id}/licenses/by_key?key={normalized_key}')
+
+    def create_license(
+        self,
+        project_id: int,
+        days_valid: Optional[int] = None,
+        metadata: Optional[Dict[str, Any]] = None,
+    ) -> Dict:
+        payload: Dict[str, object] = {}
+        if days_valid is not None:
+            payload['days_valid'] = days_valid
+        if metadata is not None:
+            payload['metadata'] = metadata
+        return self._request('POST', f'/api/projects/{project_id}/licenses', json=payload)
+
+    def update_license(
+        self,
+        license_id: int,
+        *,
+        is_active: Optional[bool] = None,
+        expires_at: Optional[str] = None,
+        reset_hwid: bool = False,
+        metadata: Optional[Dict[str, Any]] = None,
+    ) -> Dict:
+        payload: Dict[str, object] = {}
+        if is_active is not None:
+            payload['is_active'] = is_active
+        if expires_at is not None:
+            payload['expires_at'] = expires_at
+        if reset_hwid:
+            payload['reset_hwid'] = True
+        if metadata is not None:
+            payload['metadata'] = metadata
+        return self._request('PUT', f'/api/licenses/{license_id}', json=payload)
+
+    def extend_license(self, project_id: int, license_id: int, days: int) -> Dict:
+        """Convenience helper to push expiration forward by *days*."""
+
+        licenses = self.list_licenses(project_id)
+        license_data = next((lic for lic in licenses if lic['id'] == license_id), None)
+        if not license_data:
+            raise ApiError(404, f"License {license_id} not found in project {project_id}", {})
+
+        expires_at = license_data.get('expires_at')
+        if not expires_at:
+            raise ApiError(400, "License is lifetime; set an explicit expiration first", {})
+
+        try:
+            current_exp = datetime.fromisoformat(expires_at)
+        except ValueError as exc:
+            raise ApiError(500, f"Invalid expiration format: {expires_at}", {"error": str(exc)})
+
+        new_expiration = (current_exp + timedelta(days=days)).date().isoformat()
+        return self.update_license(license_id, expires_at=new_expiration)
+
+    def delete_license(self, license_id: int) -> Dict:
+        return self._request('DELETE', f'/api/licenses/{license_id}')
+
+    # --- API key helpers ---
+    def list_api_keys(self) -> List[Dict[str, Any]]:
+        return self._request('GET', '/api/api_keys')
+
+    def create_api_key(
+        self,
+        label: str,
+        *,
+        project_ids: Optional[List[int]] = None,
+        allow_all_projects: bool = False,
+    ) -> Dict[str, Any]:
+        payload: Dict[str, Any] = {
+            "label": label,
+            "allow_all_projects": allow_all_projects,
+        }
+        if project_ids is not None:
+            payload["project_ids"] = project_ids
+        return self._request('POST', '/api/api_keys', json=payload)
+
+    def update_api_key(
+        self,
+        api_key_id: int,
+        *,
+        label: Optional[str] = None,
+        project_ids: Optional[List[int]] = None,
+        allow_all_projects: Optional[bool] = None,
+    ) -> Dict[str, Any]:
+        payload: Dict[str, Any] = {}
+        if label is not None:
+            payload["label"] = label
+        if project_ids is not None:
+            payload["project_ids"] = project_ids
+        if allow_all_projects is not None:
+            payload["allow_all_projects"] = allow_all_projects
+        if not payload:
+            raise ValueError("At least one field must be provided to update an API key")
+        return self._request('PUT', f'/api/api_keys/{api_key_id}', json=payload)
+
+    def delete_api_key(self, api_key_id: int) -> Dict[str, Any]:
+        return self._request('DELETE', f'/api/api_keys/{api_key_id}')
+
+    def list_project_api_keys(self, project_id: int) -> List[Dict[str, Any]]:
+        return self._request('GET', f'/api/projects/{project_id}/api_keys')

authlix-0.3.0/authlix.egg-info/PKG-INFO

@@ -0,0 +1,240 @@
+Metadata-Version: 2.4
+Name: authlix
+Version: 0.3.0
+Summary: Client and manager helpers for Authlix
+Author-email: Authlix <me@showdown.boo>
+Project-URL: Homepage, https://authlix.io/
+Requires-Python: >=3.9
+Description-Content-Type: text/markdown
+Requires-Dist: requests>=2.31.0
+
+# Authlix Python SDK
+
+> Client and manager helpers for integrating public validation flows and project operations with the Authlix API.
+
+**License client** – validates license keys, collects environment metadata and lets end-users update `client_editable` fields.
+**Manager client** – handles authentication plus CRUD operations for projects, metadata schemas and licenses.
+**Environment helpers** – gather HWID, local/public IPs and other contextual information in one call.
+
+The SDK targets Python 3.9+ and is published to PyPI as `authlix`.
+
+## Installation
+
+```bash
+pip install authlix
+```
+
+
+
+## Quick start
+
+### Validate a license key
+
+```python
+from authlix import LicenseClient
+
+client = LicenseClient(
+  base_url="https://authlix.io",
+  project_id=42,
+)
+
+# Automatically collects HWID, LAN/public IP, etc.
+result = client.validate_with_environment("CL-XXXX-XXXX")
+print(result)
+```
+
+To control the payload manually, call `validate_license` and pass `hwid`, `ip`, and `metadata` yourself. The metadata must only contain fields that are marked `client_editable` in your project schema.
+
+### Manage projects and licenses
+
+```python
+from authlix import ManagerClient
+
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("automation_bot", api_key="sk_live_XXXXXXXXXXXXXXXX")
+
+# Create project and create license
+project = manager.create_project(
+  name="My Awesome App",
+  description="Tooling pour la communauté",
+)
+license_data = manager.create_license(
+  project_id=project["id"],
+  days_valid=30,
+  metadata={"plan": "pro"},
+)
+
+# Revoke a license
+manager.update_license(
+    license_id=license_data["id"],
+    is_active=False,
+    metadata={"plan": "revoked", "notes": "Chargeback"},
+)
+
+# Update a license
+manager.update_license(
+  license_id=license_data["id"],
+  metadata={"plan": "enterprise", "notes": "Upgraded"},
+)
+
+# Delegate day-to-day operations to another teammate
+manager.add_project_manager(project_id=project["id"], username="support_team")
+```
+
+More helpers are exposed for listing projects/licenses, extending expirations, resetting HWIDs, or deleting keys entirely.
+
+### Look up a license by key
+
+For efficiency, use `get_license_by_key` when you only need to look up a single license instead of fetching all licenses:
+
+```python
+try:
+    license_data = manager.get_license_by_key(
+        project_id=42,
+        license_key="CL-XXXX-XXXX"
+    )
+    print(f"License ID: {license_data['id']}, Active: {license_data['is_active']}")
+except NotFoundError:
+    print("License key not found in this project")
+except ForbiddenError:
+    print("Insufficient permissions for this project")
+```
+
+The key is automatically normalized to uppercase to avoid case mismatches. This method is ideal for dashboards and support tools that need to quickly retrieve license details by key.
+
+### API key management
+
+Automations or SDKs can provision scoped API keys and rotate them without touching end-user credentials.
+
+```python
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("admin", password="password")
+
+# Create a key limited to a project (secret is returned once)
+api_key = manager.create_api_key(
+  label="CI Runner",
+  project_ids=[project["id"]],
+  allow_all_projects=False,
+)
+
+# Update its scopes or friendly label
+manager.update_api_key(
+  api_key_id=api_key["id"],
+  project_ids=[project["id"], 7],
+)
+
+# Dashboard helper: only show keys relevant to a project
+manager.list_project_api_keys(project_id=project["id"])
+
+# Cleanup when the automation is retired
+manager.delete_api_key(api_key_id=api_key["id"])
+```
+
+Use `manager.list_api_keys()` to render an operator-wide view (active + revoked keys).
+
+## Client-editable metadata workflow
+
+Certain metadata fields can be safely mutated by the end-user thanks to the `client_editable` flag defined in the project schema.
+
+1. **Manager** defines the schema:
+
+```python
+from authlix import ManagerClient
+
+manager = ManagerClient(base_url="https://authlix.io")
+manager.authenticate("admin", "password")
+
+manager.update_metadata_schema(
+  project_id=42,
+  fields=[
+    {"name": "notes", "type": "string", "client_editable": True},
+    {"name": "plan", "type": "string", "client_editable": False},
+  ],
+)
+```
+
+2. **Client** updates the editable fields:
+
+```python
+from authlix import LicenseClient
+
+client = LicenseClient(base_url="https://authlix.io", project_id=42)
+
+client.update_client_metadata(
+  key="CL-XXXX-XXXX",
+  metadata={"notes": "Nouvelle machine"},
+)
+```
+
+`update_client_metadata` validates locally that `project_id` is an `int` and the `metadata` dictionary is non-empty before calling `POST /api/client_metadata`. Server responses bubble up any JSON `msg` errors through `ApiError` for easier debugging (e.g., non editable field, inactive key, etc.).
+
+## Environment helpers
+
+```python
+from authlix import collect_environment_metadata
+
+print(collect_environment_metadata())
+```
+
+The helper returns HWID, hostname, LAN IP, optional public IP, and other useful attributes. Use it to enrich `validate_license` calls or to store telemetry on validated machines.
+
+## Error handling
+
+The SDK provides specific exception classes for common HTTP errors:
+
+- `BadRequestError` – raised for HTTP 400 (Bad Request, e.g., missing or invalid parameters)
+- `ForbiddenError` – raised for HTTP 403 (Forbidden, e.g., insufficient project scope)
+- `NotFoundError` – raised for HTTP 404 (Not Found, e.g., unknown license key)
+- `ApiError(status_code, message, payload)` – generic error for other HTTP ≥ 400 responses
+- `AuthenticationError` – surfaces authentication/authorization issues in manager flows
+- `AuthlixError` – base class for all SDK exceptions for easy broad exception handling
+
+All error classes include a `status_code` and `payload` for detailed debugging:
+
+```python
+from authlix import ApiError, BadRequestError, ForbiddenError, NotFoundError
+
+try:
+    license_data = manager.get_license_by_key(project_id=42, license_key="CL-XXXX")
+except BadRequestError as exc:
+    print(f"Invalid request: {exc}")
+except ForbiddenError as exc:
+    print(f"Access denied to project: {exc}")
+except NotFoundError as exc:
+    print(f"License not found: {exc}")
+except ApiError as exc:
+    print(f"API error {exc.status_code}: {exc}")
+    print(exc.payload)
+```
+
+## Local development
+
+```bash
+python -m venv .venv
+.venv\Scripts\activate
+pip install -e .
+python -m build
+```
+
+Additional helpers:
+
+- `list_licenses(project_id)` – list all licenses (keys + live metadata and usage counters) for a project (prefer `get_license_by_key` for single lookups)
+- `get_license_by_key(project_id, license_key)` – efficiently retrieve a single license by its key (automatically normalized to uppercase)
+- `create_license(project_id, days_valid=None, metadata=None)` – generate a new license key
+- `update_license(license_id, is_active=None, expires_at=None, reset_hwid=False, metadata=None)` – ban/disable, move expiration, reset HWID, or overwrite metadata
+- `extend_license(project_id, license_id, days)` – convenience method to push expiration forward
+- `delete_license(license_id)` – hard-delete a key
+- `add_project_manager(project_id, username)` – delegate back-office access to teammates
+- `create_api_key(label, project_ids=None, allow_all_projects=False)` – mint scoped API keys from the dashboard
+- `update_api_key(api_key_id, ...)`/`delete_api_key(api_key_id)` – rotate or revoke keys instantly
+- `list_api_keys()`/`list_project_api_keys(project_id)` – audit keys globally or per project
+
+## Environment helpers
+
+```python
+from authlix import collect_environment_metadata
+
+print(collect_environment_metadata())
+```
+
+Returns HWID, hostname, LAN IP, and (if available) public IP.

authlix-0.3.0/authlix.egg-info/SOURCES.txt

@@ -0,0 +1,12 @@
+README.md
+pyproject.toml
+authlix/__init__.py
+authlix/client.py
+authlix/environment.py
+authlix/exceptions.py
+authlix/manager.py
+authlix.egg-info/PKG-INFO
+authlix.egg-info/SOURCES.txt
+authlix.egg-info/dependency_links.txt
+authlix.egg-info/requires.txt
+authlix.egg-info/top_level.txt

authlix-0.3.0/authlix.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

authlix-0.3.0/authlix.egg-info/requires.txt

@@ -0,0 +1 @@
+requests>=2.31.0

authlix-0.3.0/authlix.egg-info/top_level.txt

@@ -0,0 +1 @@
+authlix

authlix-0.3.0/pyproject.toml

@@ -0,0 +1,19 @@
+[build-system]
+requires = ["setuptools>=61", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "authlix"
+version = "0.3.0"
+description = "Client and manager helpers for Authlix"
+authors = [
+    { name = "Authlix", email = "me@showdown.boo" },
+]
+readme = "README.md"
+requires-python = ">=3.9"
+dependencies = [
+    "requests>=2.31.0",
+]
+
+[project.urls]
+Homepage = "https://authlix.io/"

authlix-0.3.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+