django-bolt 0.1.0__cp310-abi3-win_amd64.whl → 0.1.1__cp310-abi3-win_amd64.whl

{django_bolt-0.1.0.dist-info → django_bolt-0.1.1.dist-info}/RECORD

@@ -1,20 +1,19 @@
-django_bolt-0.1.0.dist-info/METADATA,sha256=3Mfr4jMEEumR7ssfUB3v0tBJ-t8UNOfO7F_Z1tM8-2k,21102
-django_bolt-0.1.0.dist-info/WHEEL,sha256=4EDp_7DiFfWl1yYv5M4wSosAn5L_xgD1dyrQxQxfCx8,95
-django_bolt-0.1.0.dist-info/entry_points.txt,sha256=cUEGAdiOY6BryNhsgOS_50AONPPHajI3yvhqr56ZiaU,51
-django_bolt/__init__.py,sha256=SOWp15QP7uIZBC-gcbbxu4oGICTgZlteyH0liMEaGZc,3051
-django_bolt/_core.pyd,sha256=2f7Emz055G-jShl2Tl6BZ2ONNtlj7kLg5HS14o32PYY,8875520
+django_bolt-0.1.1.dist-info/METADATA,sha256=h0ifCk91UOPGcMEaReodmlr2UBdueXw40w4HVUgEA94,21343
+django_bolt-0.1.1.dist-info/WHEEL,sha256=4EDp_7DiFfWl1yYv5M4wSosAn5L_xgD1dyrQxQxfCx8,95
+django_bolt-0.1.1.dist-info/entry_points.txt,sha256=cUEGAdiOY6BryNhsgOS_50AONPPHajI3yvhqr56ZiaU,51
+django_bolt/__init__.py,sha256=fhXQUJR5SO-GwhF_2N9w0UK6rIFx7kWGfpOPyIKvB9Q,3139
+django_bolt/_core.pyd,sha256=iMY9GY4G-NVQHoAtoIHjpukLVrjiqsZZPym6uYGILus,8905728
+django_bolt/_json.py,sha256=oGxi29DHB8UYvbqjtqtrP6gThk7Qonlw333c4_cTr6s,4917
 django_bolt/admin/__init__.py,sha256=BNN1afSvWvt-377rNzZLdNDEvKyMZXkmB_0MhTxAN8k,601
 django_bolt/admin/admin_detection.py,sha256=1yQkLx9rF5DLMjJqbx8n4c82UgS9JEAnUcPdRfFqAXk,5825
 django_bolt/admin/asgi_bridge.py,sha256=oJrOqbBi8w-OUZD_wvpa5FlRFGIOyRvV284z8OS1kiY,9030
 django_bolt/admin/routes.py,sha256=dGrSz6fOwofLuBpNpzyqtcLuGbd4AgSQ2jZub_3cz1Y,3235
 django_bolt/admin/static.py,sha256=eXeOs2VWnxKdLDKarI4eD2q92K9R3JJHW1XQYmAsVDA,4692
-django_bolt/admin/static_routes.py,sha256=U12cU2Vpk_6dppAF2o4JDWG2s_Lk73kkCnSBJ5yuQAQ,3810
-django_bolt/api.py,sha256=fAw_SG6SyVgAEmvMpIWN30wE20k6vUgywKDx7bfpcnA,45901
+django_bolt/admin/static_routes.py,sha256=sdpuCPhULMr5LccVxfbU2XSfpmL8oP7DCXqUpy0cnNY,3512
+django_bolt/api.py,sha256=1wJOg4-fuDzhG9ovHXjA6ONqlEFEvfrjx97xpja4oBU,49386
 django_bolt/apps.py,sha256=OKBK6McSzRZ8zGQaId5iw239QbIgqs8tIbAqpuYxmn0,193
 django_bolt/async_collector.py,sha256=m1U6wjE9wheVMuql8aooR47tkLz_RlADgkIl2p9H6Uw,7749
-django_bolt/auth/README.md,sha256=YOOuGtq8Ss-WRGh2ODqzFxM252GsEB28LDZedBKn2u0,16582
-django_bolt/auth/REVOCATION_EXAMPLE.md,sha256=5gGUt7cMXuzEM4-24J8hZJe8OLZGLp6eN1A7QTSNdrs,11056
-django_bolt/auth/__init__.py,sha256=nIc_P5rXLjOkq3eFyzZ0B6vDmIGWlb-m1LsmF1LISos,1880
+django_bolt/auth/__init__.py,sha256=ygi_SCzH1CNOcQwDe0ZKIe072xBa7zeKVUtUoG0_dwY,1968
 django_bolt/auth/backends.py,sha256=T02zfiC17GZrARKlqzKSnkMOtEcYQDTmS4PouRvsNOU,7944
 django_bolt/auth/guards.py,sha256=Dwbqhq4_I41BoN0eWrQ7Ad9mmr9zgCoPAg4C3GElTio,6591
 django_bolt/auth/jwt_utils.py,sha256=phLKyXQXrqL8TLLZVA-reitOVylSTJ9FKSBETa1_OCg,6518
@@ -24,9 +23,9 @@ django_bolt/binding.py,sha256=UtmwW55RKyBwNxbX5QQ74NF0EF5k5zaMGa5el7mgljg,12860
 django_bolt/bootstrap.py,sha256=zXkVhcDZxluQBWXc_UHK0FfgOfpdgxCg01DmSbSdXos,3007
 django_bolt/cli.py,sha256=0TBGM37cCqKEew_QA26ru7KkR8_6mP5wKXgFhr8GWng,4647
 django_bolt/compression.py,sha256=8ioDa2j0TG_mna-Jh34-e6WjCeY0GSKwRPHMn8en8OQ,4025
-django_bolt/decorators.py,sha256=oe1ZVuBhPadpHJv7CO0fTRvjeB_giIqxuVyTscW5u0I,6188
-django_bolt/dependencies.py,sha256=Vv72NT6CfBc6B6qEzAHN25qN9xUj7rJp6h-fDvEjERg,4146
-django_bolt/error_handlers.py,sha256=VYBJ0a5hbV6AhBvqycmiK6HLlPbxHkTBzzUpTqvyB6E,10018
+django_bolt/decorators.py,sha256=hvfIZMxZI3S4eo6KYiOiEC-1Z96fSwQxQopLB4jmez0,6656
+django_bolt/dependencies.py,sha256=D_D9onQLMH85q0o4tSeKo0nTiJmx_Hifg3AwwcTfRUM,4443
+django_bolt/error_handlers.py,sha256=uD9_9vnub8FxZCRXgcqOdMic5M8cFD-sPXePdSl9IaY,10032
 django_bolt/exceptions.py,sha256=iYTkmtel7VlpjwuOrijDgt8fsx8_Kd0gezLEdR6CrDs,8823
 django_bolt/health.py,sha256=MBcXlgkTAdEiAvmGRPSgn9iePhH-rcHXan7Ge1EaPog,3356
 django_bolt/logging/__init__.py,sha256=bI71S22rJoMLtGg-ejh6qrlwDaW_lSV0ufxNbDw3NRQ,230
@@ -40,9 +39,9 @@ django_bolt/middleware/compiler.py,sha256=Knxh3XouU70ymIskDB-JWn1TcHSMPQvUBXtTPH
 django_bolt/middleware/middleware.py,sha256=Qdr16OM15oOS1OYNnxFY3hJ0un9E8VaVwht-A8Qcuws,8113
 django_bolt/openapi/__init__.py,sha256=LgvKbDBCGGKBvm6vW0nSmagtXw1CZ2swZf_ElhXIn68,572
 django_bolt/openapi/config.py,sha256=PHqd2LkSUZWpssj7hQHnUhgqKzaARjgKWyPdfEMlxvs,6230
-django_bolt/openapi/plugins.py,sha256=jKFx6jcpd9-gS7uWCY7v_PX68I-pRwT_lQ7iBs2AX94,15306
+django_bolt/openapi/plugins.py,sha256=ncoxieMFzP4YAO4_gaNomcOBd6HZ0z3N-5TBU1d2ZTs,15348
 django_bolt/openapi/routes.py,sha256=08Tn1EA5wjvzJzks7v4oHI5qyrbU9-5KLLkfuij7JfI,6047
-django_bolt/openapi/schema_generator.py,sha256=j7wWW37MSibsBbo0XlfzQ966H7lw4z_l6wBVY7w5HUs,20468
+django_bolt/openapi/schema_generator.py,sha256=JtTOccrSXjwcaMPMAftqjPQbzjEmr16kG0OOuaTuEJA,22237
 django_bolt/openapi/spec/__init__.py,sha256=a1ZJNgdoXKZSKOnxThuwhhDYqTBGSlUJU4JElfjtZY0,1759
 django_bolt/openapi/spec/base.py,sha256=qXTjQiKSllTDSTNTvXnxkyYXG4vQZnZU5Ev4jQfyfec,2418
 django_bolt/openapi/spec/callback.py,sha256=mvz71QTtYWQZQheWSsrvyssi3lb-vH7Diqj9Cf71ezg,937
@@ -76,53 +75,17 @@ django_bolt/openapi/spec/server.py,sha256=wvo84Z7WbV5s8glor5N5ywwM-B7C6YUqS_il0Q
 django_bolt/openapi/spec/server_variable.py,sha256=ZEqqp1FWOMARl2YIWrRXtX7AuwnuX5WtlN_63eQ5Jk0,1182
 django_bolt/openapi/spec/tag.py,sha256=uxn6IpNMDaTUdziQNVOMoZq4uAOGGSR1b5DbTcLvm8Y,913
 django_bolt/openapi/spec/xml.py,sha256=WfuYpX_eROu5bmGTeR5x6dK0T0nw6RIJP9Hc-nQBNZ4,1725
-django_bolt/pagination.py,sha256=3CfcWl3VgTAH0lyz0fbajV3lYzYS3coBjHCjiQeaLpU,22459
+django_bolt/pagination.py,sha256=SUEgNxK4BWLTdNiegJeFoAWSxCAI1au8PO0IYGlGq5Q,22473
 django_bolt/param_functions.py,sha256=GIdm4ti7D40iVzj496ICq9Iu8TPeGVXNCJsODcTs4nE,1120
 django_bolt/params.py,sha256=_7N3_oa0mWuCuh1LKuaBDUS6TIeYWD_wVFrMJ-1L8Yg,8371
 django_bolt/request_parsing.py,sha256=7ZHfD7FkTJYsFSrEsFqmFW7JlC4m-0fAaTx089GXpf4,4818
-django_bolt/responses.py,sha256=_7SmTteQ-Tdgz020zWItX4b3JGys2NUfHCKVIK800wk,7231
+django_bolt/responses.py,sha256=B0LXHN431c1-o93DC_xTF-wrnv8CMxn-1Sd0Yi4cwjE,7238
 django_bolt/router.py,sha256=wTFsPasg5Sh5hgdFp1kCmUrK6ugwRPWEj7PsxWOc9lc,1532
-django_bolt/serialization.py,sha256=S08Yq_H2YtEU9c7O7VZ4tkDv6BiOUobQQX_Ervh70pY,8832
+django_bolt/serialization.py,sha256=Uza6jzQPTFxTQHnXEWBEDYY-3xDOGZinBSRE0T4KK28,8825
 django_bolt/status_codes.py,sha256=jTZ32kPwj3tC23jh6uC1Ci1P9EKttywsvyWINQIEwGg,9386
 django_bolt/testing/__init__.py,sha256=5UDYTmdyKkkY5ENlOlZcK0twbsLSylpjlp7oFgqNC-0,257
 django_bolt/testing/client.py,sha256=X1DXulzJHuN3RKvyMhEP4yhymc2UrUDBrnngho-m1yA,10008
 django_bolt/testing/helpers.py,sha256=Vv-4KuIbOVfCWQvohKpO37u59uhrhpWnRU5bWzbK5rg,2820
-django_bolt/tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-django_bolt/tests/admin_tests/__init__.py,sha256=7n1EF-XwQVo-2VQXFt-W8EosL8l6w6LOJ5Ff3Jkpo_Q,25
-django_bolt/tests/admin_tests/conftest.py,sha256=i8Og6NWC2c-i0p2zuXyeaKzRSZYvntaEJO51OMLdVew,172
-django_bolt/tests/admin_tests/test_admin_with_django.py,sha256=BuRaHpZ_Xt8aHhllhK4XIGsl8_oJxqTslgQ4Bm2Kdbc,9320
-django_bolt/tests/admin_tests/urls.py,sha256=gF111ic0YAEE_2_BEI0LKwmnacVqp4sft955AoH_XXg,182
-django_bolt/tests/cbv/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-django_bolt/tests/cbv/test_class_views.py,sha256=uYx_UHxS2Dxno7MJnDQpXFY5fiJ-TGeaXkk42mXOX2s,16390
-django_bolt/tests/cbv/test_class_views_django_orm.py,sha256=bl_j2fB4IP35BIBPAzvkcfRuHOUFrt61rE3PKG1CpzE,23553
-django_bolt/tests/cbv/test_class_views_features.py,sha256=ub3wmlXnYSF0CUeFMkzr-Tg22lkPIK-BkWtaIV1oqHU,45032
-django_bolt/tests/cbv/test_class_views_with_client.py,sha256=_S3Qkw3T2RhF0Eme4xKQ7HpG1j9goylD9drF2Xotzbg,19410
-django_bolt/tests/conftest.py,sha256=RtuDXQy5tU6FJ_QydNe4rKok2dbXHOIolf4p4iCFqYc,5557
-django_bolt/tests/test_action_decorator.py,sha256=3mhv6Y2MisnoxTM0Fcy0Eqvlsn4ucRnFOwB6bK2bKQc,13002
-django_bolt/tests/test_auth_secret_key.py,sha256=GZzqCYmr8O20cBELttK59vUgRGsy1TDjHXsCPspz-cw,2915
-django_bolt/tests/test_decorator_syntax.py,sha256=LtcINgNxs8dIP1Ryl7lTwaxH7u8-BQRCdjCk0DJZg1A,4512
-django_bolt/tests/test_error_handling.py,sha256=RI0CEz02jSoH6wUZ-xNs2X0M8MROOyqhfx2SoAY3UC8,18260
-django_bolt/tests/test_file_response.py,sha256=ydBfSPk5YvblWArPiI24gSMuJtJR4kmdClNNs-_Ltxg,6190
-django_bolt/tests/test_global_cors.py,sha256=sf51Lj50Xklzy6-EXMOlF40VGYszTD34V17W3ypmAog,6451
-django_bolt/tests/test_guards_auth.py,sha256=bLwVCjfJBemgd8ksO7Su1efdVLOvX7bdZI7VMEN-WCs,15202
-django_bolt/tests/test_guards_integration.py,sha256=PFXNt3zwZH5PH3IeCiLr8dNSrjFTJw_M7kPvavqhJ_Y,10744
-django_bolt/tests/test_health.py,sha256=IgGfkizK-20hIFi56PygjcLtkQToxWZ6aI683-dQVn8,9092
-django_bolt/tests/test_integration_validation.py,sha256=QkHJuHliWzDmx7A3t6Lkr-ONuWDYv1uScs2DHIowp8E,14013
-django_bolt/tests/test_json_validation.py,sha256=zTQCZMTnzMiFTABDD0XhjU0uYYmmNoNZbtEjr_VnwdU,19615
-django_bolt/tests/test_jwt_auth.py,sha256=F3poh-a9uGKYLi4rGgtCYc92nLbDrxjst-Vl15gKN5s,9851
-django_bolt/tests/test_jwt_token.py,sha256=iOaa9_iZofSrv952lQfRyyNnkhmLx_bwSowYPIu2--A,15735
-django_bolt/tests/test_logging.py,sha256=zpzx3GP8G0o7jbwXMy6_CvF9c86SOvaQa05nDdytNEw,35751
-django_bolt/tests/test_logging_merge.py,sha256=sGELEpWWhVBP5HXKTJjtVX7CF6ZzUeAlrcr6tWJLcGY,16226
-django_bolt/tests/test_middleware.py,sha256=kIqcICLNSA5S8-mnyH_hvzx3YutPtpYYl8RzsUu_888,17091
-django_bolt/tests/test_middleware_server.py,sha256=HoRrroK8a6iusAOwnsEE7nR0vzZO5kW830JGJ3NZyKg,7810
-django_bolt/tests/test_model_viewset.py,sha256=b7x60ftTMwdCPprsiztWpU6KwWcG0-Fn2LevlYcbETw,11061
-django_bolt/tests/test_models.py,sha256=BuKmNOb-BkwBry_vUOZF2jFABZ1uh-vi_O9EiQRurxk,717
-django_bolt/tests/test_pagination.py,sha256=7hueeu7e5k2ZiZ6fvFilYEUsxqM5NTTFM0Uay8UvYLQ,39823
-django_bolt/tests/test_parameter_validation.py,sha256=M2Nr-WNOuUhv91I0RYBzjtv3wkYJSsTAQSSV1CoSXg4,5538
-django_bolt/tests/test_syntax.py,sha256=IyyP9q0w-poVxUrSOk2tsEHl9nx1ERs25ugmgZqaY2o,22071
-django_bolt/tests/test_testing_utilities.py,sha256=39w47yO6lE_FYWWDnQP24T-fkftJL2mZclWi2ZTNUvw,4787
-django_bolt/tests/test_testing_utilities_simple.py,sha256=sBaLWG0pb_-pyVjG8_StkBxIWCWdzTsV5LRkkV53cLQ,4223
-django_bolt/tests/test_viewset_unified.py,sha256=G-yWkvr9byXPOJGuVQhWe7XpSGnffXoxOTguJTyy3ZY,12219
 django_bolt/typing.py,sha256=sGlFUUXY8EJbYWCgARgNGLZPu7SaxxohZaSx1SRLYaE,8686
 django_bolt/views.py,sha256=KewSpL6g-zZxXnEkwun6hueX3S_Eji-d2dawzoqe-GM,41715
-django_bolt-0.1.0.dist-info/RECORD,,
+django_bolt-0.1.1.dist-info/RECORD,,

django_bolt/auth/README.md

@@ -1,464 +0,0 @@
-# Django-Bolt Authentication System
-
-High-performance authentication and authorization system where **validation happens in Rust without the GIL**, achieving 60k+ RPS with JWT authentication.
-
-## Architecture
-
-```
-┌─────────────────────────────────────────────────────────────────┐
-│ Python Layer (Configuration)                                    │
-│                                                                  │
-│  ┌──────────────┐  ┌──────────────┐  ┌──────────────┐         │
-│  │ JWTAuth      │  │ APIKeyAuth   │  │ Guards       │         │
-│  │              │  │              │  │              │         │
-│  │ .to_metadata()│  │ .to_metadata()│  │ .to_metadata()│         │
-│  └──────┬───────┘  └──────┬───────┘  └──────┬───────┘         │
-│         │                  │                  │                  │
-│         └──────────────────┴──────────────────┘                  │
-│                            │                                     │
-│                   Compile to metadata                           │
-│                            │                                     │
-└────────────────────────────┼─────────────────────────────────────┘
-                             │
-                             ▼
-┌─────────────────────────────────────────────────────────────────┐
-│ Rust Layer (Validation - NO GIL)                               │
-│                                                                  │
-│  ┌──────────────────────────────────────────────────────────┐  │
-│  │ Route Registration                                       │  │
-│  │ • Parse metadata → typed Rust enums                     │  │
-│  │ • Store auth backends & guards per route               │  │
-│  └──────────────────────────────────────────────────────────┘  │
-│                                                                  │
-│  ┌──────────────────────────────────────────────────────────┐  │
-│  │ Request Processing (HOT PATH - NO GIL)                  │  │
-│  │                                                          │  │
-│  │  1. Extract token from header                           │  │
-│  │  2. Validate JWT (jsonwebtoken crate)                   │  │
-│  │  3. Check guards/permissions                            │  │
-│  │  4. Populate request.context with auth data             │  │
-│  │                                                          │  │
-│  │  ⚡ All happens without touching Python/GIL              │  │
-│  └──────────────────────────────────────────────────────────┘  │
-└─────────────────────────────────────────────────────────────────┘
-                             │
-                             ▼
-┌─────────────────────────────────────────────────────────────────┐
-│ Python Handler (WITH AuthContext)                              │
-│                                                                  │
-│  async def my_handler(request):                                 │
-│      user_id = request["context"]["user_id"]                    │
-│      is_admin = request["context"]["is_admin"]                  │
-│      permissions = request["context"]["permissions"]            │
-│      claims = request["context"]["auth_claims"]                 │
-│      ...                                                         │
-└─────────────────────────────────────────────────────────────────┘
-```
-
-## Module Structure
-
-```
-django_bolt/auth/
-├── __init__.py          # Public API exports
-├── README.md            # This file
-├── backends.py          # Authentication backends (JWT, API key, Session)
-├── guards.py            # Permission guards (IsAuthenticated, IsAdmin, etc.)
-├── middleware.py        # Middleware decorators (cors, rate_limit, etc.)
-└── token.py             # JWT Token dataclass with encode/decode
-```
-
-## Quick Start
-
-### 1. Define Authentication Backend
-
-```python
-from django_bolt import BoltAPI, JWTAuthentication, IsAuthenticated, Token
-from datetime import timedelta
-
-api = BoltAPI()
-
-# Create JWT token for a user
-def create_token_for_user(user):
-    return Token.create(
-        sub=str(user.id),
-        expires_delta=timedelta(hours=1),
-        is_staff=user.is_staff,
-        is_admin=user.is_superuser,
-        permissions=list(user.get_all_permissions()),
-        email=user.email,
-    ).encode(secret=settings.SECRET_KEY)
-
-# Protected endpoint
-@api.get(
-    "/profile",
-    auth=[JWTAuthentication()],
-    guards=[IsAuthenticated()]
-)
-async def get_profile(request):
-    user_id = request["context"]["user_id"]
-    is_admin = request["context"]["is_admin"]
-
-    return {
-        "user_id": user_id,
-        "is_admin": is_admin,
-        "permissions": request["context"].get("permissions", [])
-    }
-```
-
-### 2. Global Authentication (Settings)
-
-```python
-# settings.py
-
-BOLT_AUTHENTICATION_CLASSES = [
-    JWTAuthentication(
-        secret=SECRET_KEY,
-        algorithms=["HS256"],
-        header="authorization",
-        audience="my-api",
-    )
-]
-
-BOLT_DEFAULT_PERMISSION_CLASSES = [
-    IsAuthenticated()
-]
-```
-
-Now all routes are protected by default unless you override with `guards=[AllowAny()]`.
-
-### 3. Per-Route Authentication Override
-
-```python
-from django_bolt import APIKeyAuthentication, HasPermission
-
-# Admin-only endpoint with API key auth
-@api.delete(
-    "/users/{user_id}",
-    auth=[APIKeyAuthentication(api_keys={"admin-key-123"})],
-    guards=[HasPermission("users.delete")]
-)
-async def delete_user(user_id: int):
-    # Only callable with valid API key and users.delete permission
-    return {"deleted": user_id}
-```
-
-## Authentication Backends
-
-### JWTAuthentication
-
-High-performance JWT validation in Rust using the `jsonwebtoken` crate.
-
-```python
-from django_bolt import JWTAuthentication
-
-auth = JWTAuthentication(
-    secret="your-secret-key",              # Default: Django SECRET_KEY
-    algorithms=["HS256"],                  # Supported: HS256/384/512, RS256/384/512, ES256/384
-    header="authorization",                # Header to extract token from
-    audience="my-api",                     # Optional: validate aud claim
-    issuer="auth-service",                 # Optional: validate iss claim
-)
-```
-
-**Token Format**: `Authorization: Bearer <jwt-token>`
-
-**Performance**: ~60k RPS with JWT validation
-
-### APIKeyAuthentication
-
-Simple API key validation with optional per-key permissions.
-
-```python
-from django_bolt import APIKeyAuthentication
-
-auth = APIKeyAuthentication(
-    api_keys={"key1", "key2", "admin-key"},
-    header="x-api-key",
-    key_permissions={
-        "admin-key": ["users.create", "users.delete", "posts.create"],
-        "key1": ["users.view"],
-        "key2": ["posts.view", "posts.create"],
-    }
-)
-```
-
-**Header Format**: `X-API-Key: your-api-key`
-
-### SessionAuthentication
-
-Django session-based authentication (falls back to Python execution).
-
-```python
-from django_bolt import SessionAuthentication
-
-auth = SessionAuthentication()
-```
-
-**Note**: This has higher overhead than JWT/API key as it requires Python execution per request.
-
-## Permission Guards
-
-Guards are checked **after authentication** in Rust, providing early 403 responses without GIL overhead.
-
-### AllowAny
-
-Allow unauthenticated requests (bypasses global defaults).
-
-```python
-from django_bolt import AllowAny
-
-@api.get("/public", guards=[AllowAny()])
-async def public_endpoint():
-    return {"message": "Anyone can access this"}
-```
-
-### IsAuthenticated
-
-Require valid authentication (any backend).
-
-```python
-from django_bolt import IsAuthenticated
-
-@api.get("/protected", guards=[IsAuthenticated()])
-async def protected():
-    return {"message": "Must be authenticated"}
-```
-
-### IsAdminUser / IsStaff
-
-Require admin or staff status (from JWT claims `is_superuser`, `is_admin`, or `is_staff`).
-
-```python
-from django_bolt import IsAdminUser, IsStaff
-
-@api.get("/admin", guards=[IsAdminUser()])
-async def admin_only():
-    return {"message": "Admin access"}
-
-@api.get("/staff", guards=[IsStaff()])
-async def staff_only():
-    return {"message": "Staff access"}
-```
-
-### HasPermission / HasAnyPermission / HasAllPermissions
-
-Fine-grained permission checking.
-
-```python
-from django_bolt import HasPermission, HasAnyPermission, HasAllPermissions
-
-# Require specific permission
-@api.delete("/users/{id}", guards=[HasPermission("users.delete")])
-async def delete_user(id: int):
-    pass
-
-# Require at least one permission
-@api.put("/users/{id}", guards=[HasAnyPermission("users.edit", "users.admin")])
-async def edit_user(id: int):
-    pass
-
-# Require all permissions
-@api.post("/admin/reset", guards=[HasAllPermissions("admin.full", "admin.reset")])
-async def reset_system():
-    pass
-```
-
-## JWT Token Class
-
-The `Token` dataclass provides a Pythonic interface for JWT tokens with validation.
-
-### Creating Tokens
-
-```python
-from django_bolt import Token
-from datetime import datetime, timedelta, timezone
-
-# Option 1: Direct instantiation
-token = Token(
-    sub="user123",
-    exp=datetime.now(timezone.utc) + timedelta(hours=1),
-    is_staff=True,
-    permissions=["read", "write"],
-)
-
-# Option 2: Factory method (recommended)
-token = Token.create(
-    sub="user123",
-    expires_delta=timedelta(hours=1),
-    is_staff=True,
-    is_admin=False,
-    permissions=["users.view", "posts.create"],
-    # Extra custom claims
-    tenant_id="acme-corp",
-    role="manager",
-)
-
-# Encode to JWT string
-jwt_string = token.encode(secret="my-secret", algorithm="HS256")
-```
-
-### Decoding Tokens
-
-```python
-# Decode and validate
-token = Token.decode(
-    jwt_string,
-    secret="my-secret",
-    algorithm="HS256",
-    audience="my-api",        # Optional
-    issuer="auth-service",    # Optional
-    verify_exp=True,          # Verify expiration
-    verify_nbf=True,          # Verify not-before
-)
-
-print(token.sub)          # "user123"
-print(token.is_staff)     # True
-print(token.permissions)  # ["users.view", "posts.create"]
-print(token.extras)       # {"tenant_id": "acme-corp", "role": "manager"}
-```
-
-### Integration with Django Users
-
-```python
-from django_bolt.jwt_utils import create_jwt_for_user
-
-# Create token from Django User instance
-user = await User.objects.aget(username="john")
-token = create_jwt_for_user(
-    user,
-    expires_in=3600,  # 1 hour
-    extra_claims={
-        "permissions": ["users.view", "posts.create"],
-        "tenant": "acme",
-    }
-)
-
-# Use in login endpoint
-@api.post("/login")
-async def login(username: str, password: str):
-    # Authenticate user...
-    token = create_jwt_for_user(user)
-    return {"access_token": token, "token_type": "bearer"}
-```
-
-## Request Context
-
-After authentication, the request context is populated with auth data:
-
-```python
-@api.get("/me")
-async def get_current_user_info(request):
-    ctx = request["context"]
-
-    # Always available after successful auth
-    user_id = ctx["user_id"]              # str: User identifier
-    is_staff = ctx["is_staff"]            # bool: Staff status
-    is_admin = ctx["is_admin"]            # bool: Admin status
-    backend = ctx["auth_backend"]         # str: "jwt", "api_key", etc.
-
-    # Available if permissions configured
-    permissions = ctx.get("permissions", [])  # list[str]: Permission strings
-
-    # Available for JWT auth
-    if "auth_claims" in ctx:
-        claims = ctx["auth_claims"]
-        exp = claims["exp"]               # Expiration timestamp
-        iat = claims["iat"]               # Issued at timestamp
-        # Plus any custom claims
-
-    return {"user_id": user_id, "is_admin": is_admin}
-```
-
-### Helper Functions
-
-```python
-from django_bolt.jwt_utils import (
-    get_current_user,           # Fetch Django User from DB
-    extract_user_id_from_context,
-    get_auth_context,
-)
-from django_bolt.params import Depends
-
-# Dependency injection to get Django User
-@api.get("/profile")
-async def my_profile(user=Depends(get_current_user)):
-    if not user:
-        return {"error": "Not authenticated"}
-
-    return {
-        "id": user.id,
-        "username": user.username,
-        "email": user.email,
-    }
-
-# Extract just the user ID
-@api.get("/data")
-async def get_data(request):
-    user_id = extract_user_id_from_context(request)
-    # Use user_id...
-```
-
-## Performance Characteristics
-
-| Operation | Performance | Notes |
-|-----------|-------------|-------|
-| JWT Validation | ~60k+ RPS | Entirely in Rust, no GIL |
-| API Key Check | ~65k+ RPS | Simple HashSet lookup |
-| Guard Check | ~65k+ RPS | In-memory permission check |
-| Session Auth | ~10-15k RPS | Falls back to Python/Django |
-
-**Key Insight**: Authentication/authorization happens in the hot path **before** calling Python handlers, so most invalid requests are rejected at ~60k RPS without ever touching the GIL.
-
-## Rust Implementation Details
-
-### Key Files
-
-- **`src/middleware/auth.rs`**: JWT/API key validation, Claims struct, AuthContext
-- **`src/metadata.rs`**: Parse Python metadata → Rust types at registration
-- **`src/permissions.rs`**: Guard enum and validation logic
-- **`src/lib.rs`**: Request processing pipeline
-
-### Performance Optimizations
-
-1. **Zero-copy validation**: JWT validation uses `jsonwebtoken` crate directly on request bytes
-2. **No GIL during auth**: Entire auth pipeline runs without acquiring GIL
-3. **Early rejection**: Invalid tokens/permissions rejected before Python handler call
-4. **Metadata compilation**: Auth config parsed once at registration, not per-request
-5. **Efficient data structures**: DashMap for rate limiting, HashSet for permissions
-
-## Testing
-
-```bash
-# Run auth tests
-uv run pytest python/django_bolt/tests/test_guards_auth.py -v
-uv run pytest python/django_bolt/tests/test_jwt_token.py -v
-
-# All tests
-uv run pytest python/django_bolt/tests/ -v
-```
-
-## Migration from Old Code
-
-If you had direct imports from `django_bolt.auth` or `django_bolt.permissions`, they still work:
-
-```python
-# Old imports (still work via backward compat shim)
-from django_bolt.auth import JWTAuthentication
-from django_bolt.permissions import IsAuthenticated
-
-# New organized imports (recommended)
-from django_bolt.auth import JWTAuthentication, IsAuthenticated
-# or
-from django_bolt import JWTAuthentication, IsAuthenticated
-```
-
-## Examples
-
-See `/python/examples/testproject/testproject/api.py` for real-world usage examples.
-
-## Benchmarks
-
-```bash
-# Run auth-specific benchmarks
-make bench-auth  # TODO: Add auth benchmarks to Makefile
-```