django-bolt 0.2.0__cp310-abi3-win_amd64.whl → 0.2.3__cp310-abi3-win_amd64.whl

django_bolt/testing/__init__.py

@@ -2,9 +2,8 @@
 
 Provides test clients for in-memory testing without subprocess/network overhead.
 """
-from django_bolt.testing.client import TestClient, AsyncTestClient
+from django_bolt.testing.client import TestClient
 
 __all__ = [
     "TestClient",
-    "AsyncTestClient",
 ]

django_bolt/testing/client.py

@@ -129,6 +129,31 @@ class TestClient(httpx.Client):
 
     __test__ = False  # Tell pytest this is not a test class
 
+    @staticmethod
+    def _read_cors_settings_from_django() -> list[str] | None:
+        """Read CORS_ALLOWED_ORIGINS from Django settings (same as production server).
+
+        Returns:
+            List of allowed origins from Django settings, or None if not configured
+        """
+        try:
+            from django.conf import settings
+
+            # Check if CORS_ALLOWED_ORIGINS is defined
+            if hasattr(settings, 'CORS_ALLOWED_ORIGINS'):
+                origins = settings.CORS_ALLOWED_ORIGINS
+                if isinstance(origins, (list, tuple)):
+                    return list(origins)
+
+            # Check for CORS_ALLOW_ALL_ORIGINS (wildcard)
+            if hasattr(settings, 'CORS_ALLOW_ALL_ORIGINS') and settings.CORS_ALLOW_ALL_ORIGINS:
+                return ["*"]
+
+            return None
+        except (ImportError, AttributeError):
+            # Django not configured or settings not available
+            return None
+
     def __init__(
         self,
         api: BoltAPI,
@@ -136,6 +161,7 @@ class TestClient(httpx.Client):
         raise_server_exceptions: bool = True,
         use_http_layer: bool = False,
         cors_allowed_origins: list[str] | None = None,
+        read_django_settings: bool = True,
         **kwargs: Any,
     ):
         """Initialize test client.
@@ -146,11 +172,19 @@ class TestClient(httpx.Client):
             raise_server_exceptions: If True, raise exceptions from handlers
             use_http_layer: If True, route through Actix HTTP layer (enables testing
                            CORS, rate limiting, compression). Default False for fast tests.
-            cors_allowed_origins: Global CORS allowed origins for testing
+            cors_allowed_origins: Global CORS allowed origins for testing.
+                                  If None and read_django_settings=True, reads from Django settings.
+            read_django_settings: If True, read CORS_ALLOWED_ORIGINS from Django settings
+                                 when cors_allowed_origins is None. Default True.
             **kwargs: Additional arguments passed to httpx.Client
         """
         from django_bolt import _core
 
+        # If cors_allowed_origins not provided and read_django_settings=True,
+        # read from Django settings (same as production server does)
+        if cors_allowed_origins is None and read_django_settings:
+            cors_allowed_origins = self._read_cors_settings_from_django()
+
         # Create test app instance
         self.app_id = _core.create_test_app(api._dispatch, False, cors_allowed_origins)
 
@@ -193,82 +227,3 @@ class TestClient(httpx.Client):
         except:
             pass
         return super().__exit__(*args)
-
-
-class AsyncTestClient(httpx.AsyncClient):
-    """Asynchronous test client for django-bolt using per-instance test state."""
-
-    __test__ = False  # Tell pytest this is not a test class
-
-    def __init__(
-        self,
-        api: BoltAPI,
-        base_url: str = "http://testserver.local",
-        raise_server_exceptions: bool = True,
-        use_http_layer: bool = False,
-        cors_allowed_origins: list[str] | None = None,
-        **kwargs: Any,
-    ):
-        """Initialize async test client.
-
-        Args:
-            api: BoltAPI instance to test
-            base_url: Base URL for requests
-            raise_server_exceptions: If True, raise exceptions from handlers
-            use_http_layer: If True, route through Actix HTTP layer (enables testing
-                           CORS, rate limiting, compression). Default False for fast tests.
-            cors_allowed_origins: Global CORS allowed origins for testing
-            **kwargs: Additional arguments passed to httpx.AsyncClient
-        """
-        from django_bolt import _core
-
-        # Create test app instance
-        self.app_id = _core.create_test_app(api._dispatch, False, cors_allowed_origins)
-
-        # Register routes
-        rust_routes = [
-            (method, path, handler_id, handler)
-            for method, path, handler_id, handler in api._routes
-        ]
-        _core.register_test_routes(self.app_id, rust_routes)
-
-        # Register middleware metadata if any exists
-        if api._handler_middleware:
-            middleware_data = [
-                (handler_id, meta)
-                for handler_id, meta in api._handler_middleware.items()
-            ]
-            _core.register_test_middleware_metadata(self.app_id, middleware_data)
-
-        # Ensure runtime is ready
-        _core.ensure_test_runtime(self.app_id)
-
-        # Create async transport
-        class AsyncTransport(httpx.AsyncBaseTransport):
-            def __init__(self, app_id: int, raise_exceptions: bool, use_http_layer: bool):
-                self._sync_transport = BoltTestTransport(app_id, raise_exceptions, use_http_layer)
-
-            async def handle_async_request(self, request: httpx.Request) -> httpx.Response:
-                return self._sync_transport.handle_request(request)
-
-        super().__init__(
-            base_url=base_url,
-            transport=AsyncTransport(self.app_id, raise_server_exceptions, use_http_layer),
-            follow_redirects=True,
-            **kwargs,
-        )
-        self.api = api
-
-    async def __aenter__(self):
-        """Enter async context manager."""
-        return await super().__aenter__()
-
-    async def __aexit__(self, *args):
-        """Exit async context manager and cleanup test app."""
-        from django_bolt import _core
-
-        try:
-            _core.destroy_test_app(self.app_id)
-        except:
-            pass
-        return await super().__aexit__(*args)

django_bolt/testing/helpers.py

@@ -4,7 +4,7 @@ from __future__ import annotations
 from typing import Any
 
 from django_bolt import BoltAPI
-from django_bolt.testing.client import AsyncTestClient, TestClient
+from django_bolt.testing.client import TestClient
 
 
 def create_test_client(
@@ -48,46 +48,3 @@ def create_test_client(
         bootstrap_django=bootstrap_django,
         **kwargs,
     )
-
-
-def create_async_test_client(
-    api: BoltAPI,
-    base_url: str = "http://testserver.local",
-    raise_server_exceptions: bool = True,
-    bootstrap_django: bool = True,
-    **kwargs: Any,
-) -> AsyncTestClient:
-    """Create an asynchronous test client.
-
-    Args:
-        api: BoltAPI instance to test
-        base_url: Base URL for requests
-        raise_server_exceptions: If True, raise handler exceptions instead of 500 responses
-        **kwargs: Additional httpx.AsyncClient arguments
-
-    Returns:
-        AsyncTestClient instance
-
-    Example:
-        from django_bolt import BoltAPI
-        from django_bolt.testing import create_async_test_client
-
-        api = BoltAPI()
-
-        @api.get("/users/{user_id}")
-        async def get_user(user_id: int):
-            return {"id": user_id, "name": "Test User"}
-
-        async def test_get_user():
-            async with create_async_test_client(api) as client:
-                response = await client.get("/users/123")
-                assert response.status_code == 200
-                assert response.json()["id"] == 123
-    """
-    return AsyncTestClient(
-        api=api,
-        base_url=base_url,
-        raise_server_exceptions=raise_server_exceptions,
-        bootstrap_django=bootstrap_django,
-        **kwargs,
-    )

{django_bolt-0.2.0.dist-info → django_bolt-0.2.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: django-bolt
-Version: 0.2.0
+Version: 0.2.3
 Classifier: Development Status :: 3 - Alpha
 Classifier: Intended Audience :: Developers
 Classifier: License :: OSI Approved :: MIT License
@@ -24,6 +24,7 @@ Requires-Dist: django>=4.2
 Requires-Dist: click>=8.1
 Requires-Dist: msgspec>=0.18
 Requires-Dist: multipart>=1.3
+Requires-Dist: pyjwt>=2.10.1
 Requires-Dist: pyyaml>=6.0 ; extra == 'yaml'
 Provides-Extra: yaml
 Summary: High-performance API framework for Django with Rust-powered endpoints delivering 60k+ RPS
@@ -92,6 +93,7 @@ python manage.py runbolt --dev  # for development with reload enabled
 [django-bolt] Workers: 1, Processes: 1
 [django-bolt] OpenAPI docs enabled at http://0.0.0.0:8000/docs/ #swagger docs builtin
 
+python manage.py runbolt --processes 8 workers 1 #for deployment (depends on your cpu cores)
 # processes are python processes that handle request 1 actix worker
 ```
 
@@ -166,7 +168,11 @@ python manage.py runbolt --dev  # for development with reload enabled
 
 - ✅ **Global Middleware** - Apply to all routes via `BoltAPI(middleware=[...])`
 - ✅ **Per-Route Middleware** - `@middleware`, `@rate_limit`, `@cors` decorators
-- ✅ **CORS Middleware** - Full CORS support with preflight
+- ✅ **CORS Middleware** - Full CORS support with preflight handling
+  - Django settings integration (`CORS_ALLOWED_ORIGINS`, `CORS_ALLOW_ALL_ORIGINS`)
+  - Route-level overrides with `@cors()` decorator
+  - Origin validation, credentials support, preflight caching
+  - Runs entirely in Rust (zero GIL overhead)
 - ✅ **Rate Limiting** - Token bucket algorithm (in Rust, no GIL)
 - ✅ **Compression** - Automatic gzip/brotli/zstd compression (client-negotiated)
 - ✅ **Skip Middleware** - `@skip_middleware("cors", "rate_limit", "compression")`
@@ -190,13 +196,6 @@ python manage.py runbolt --dev  # for development with reload enabled
   - Constant-time comparison (timing attack prevention)
   - Fast validation in Rust
 
-- ✅ **Session Authentication** - **Complete** (Django session integration)
-
-  - Django session backend integration
-  - Automatic user lookup from session
-  - Compatible with Django's session middleware
-  - Supports both cookie-based and custom session stores
-
 - ✅ **Permission Guards** (all run in Rust):
 
   - `AllowAny()` - Public access
@@ -374,24 +373,45 @@ async def login(username: str, password: str):
 
 **📖 See [docs/SECURITY.md](docs/SECURITY.md) for complete authentication documentation.**
 
-### Middleware
+### Middleware & CORS
 
 ```python
 from django_bolt import BoltAPI
 from django_bolt.middleware import cors, rate_limit, skip_middleware
 
-# Global middleware
+# Option 1: Use Django settings (recommended for production)
+# In settings.py:
+# CORS_ALLOWED_ORIGINS = ["https://example.com", "https://app.example.com"]
+# CORS_ALLOW_CREDENTIALS = True
+# CORS_MAX_AGE = 3600
+
+api = BoltAPI()  # Automatically reads Django CORS settings
+
+# Option 2: Global middleware config
 api = BoltAPI(
     middleware_config={
         "cors": {
             "origins": ["http://localhost:3000"],
             "methods": ["GET", "POST", "PUT", "DELETE"],
             "credentials": True,
+            "max_age": 3600,
         }
     }
 )
 
-# Per-route rate limiting (runs in Rust, no GIL)
+# Option 3: Per-route CORS override (overrides global/Django settings)
+@api.get("/public-api")
+@cors(origins=["*"], credentials=False)  # Allow all origins
+async def public_endpoint():
+    return {"message": "Public endpoint with custom CORS"}
+
+# CORS with credentials and specific origins
+@api.post("/auth-endpoint")
+@cors(origins=["https://app.example.com"], credentials=True, max_age=3600)
+async def auth_endpoint():
+    return {"message": "Authenticated endpoint with CORS"}
+
+# Rate limiting (runs in Rust, no GIL)
 @api.get("/limited")
 @rate_limit(rps=100, burst=200, key="ip")  # 100 req/s with burst of 200
 async def limited_endpoint():
@@ -403,12 +423,6 @@ async def limited_endpoint():
 async def user_limited():
     return {"message": "Per-user rate limiting"}
 
-# Custom CORS for specific route
-@api.get("/public")
-@cors(origins=["https://example.com"], credentials=True, max_age=3600)
-async def public_endpoint():
-    return {"message": "Public endpoint with CORS"}
-
 # Skip global middleware
 @api.get("/no-cors")
 @skip_middleware("cors", "rate_limit")
@@ -606,4 +620,5 @@ Django-Bolt is open source and available under the MIT License.
 
 ---
 
-For questions, issues, or feature requests, please visit our [GitHub repository](https://github.com/FarhanAliRaza/django-bolt).
+For questions, issues, or feature requests, please visit our [GitHub repository](https://github.com/FarhanAliRaza/django-bolt).
+

{django_bolt-0.2.0.dist-info → django_bolt-0.2.3.dist-info}/RECORD

@@ -1,8 +1,8 @@
-django_bolt-0.2.0.dist-info/METADATA,sha256=TiRxH-lX6g4ZTac9BorIcf27ZJbBD-HioI1_WxvB-OQ,21293
-django_bolt-0.2.0.dist-info/WHEEL,sha256=4EDp_7DiFfWl1yYv5M4wSosAn5L_xgD1dyrQxQxfCx8,95
-django_bolt-0.2.0.dist-info/entry_points.txt,sha256=cUEGAdiOY6BryNhsgOS_50AONPPHajI3yvhqr56ZiaU,51
+django_bolt-0.2.3.dist-info/METADATA,sha256=xrjcnw-AiqNcaJNTR9zjgP4cc26YTXJQhANvRaa-EkY,22007
+django_bolt-0.2.3.dist-info/WHEEL,sha256=4EDp_7DiFfWl1yYv5M4wSosAn5L_xgD1dyrQxQxfCx8,95
+django_bolt-0.2.3.dist-info/entry_points.txt,sha256=cUEGAdiOY6BryNhsgOS_50AONPPHajI3yvhqr56ZiaU,51
 django_bolt/__init__.py,sha256=fhXQUJR5SO-GwhF_2N9w0UK6rIFx7kWGfpOPyIKvB9Q,3139
-django_bolt/_core.pyd,sha256=1EA3IogC0D9ZShXU0qI6tM9Ud5Xmn-QoHa3BVSSM_X4,8905728
+django_bolt/_core.pyd,sha256=D_Mam9MZpy5OxV3_xC61vdndqwH4AqIr0hNFfE-zXg4,8941568
 django_bolt/_json.py,sha256=oGxi29DHB8UYvbqjtqtrP6gThk7Qonlw333c4_cTr6s,4917
 django_bolt/admin/__init__.py,sha256=BNN1afSvWvt-377rNzZLdNDEvKyMZXkmB_0MhTxAN8k,601
 django_bolt/admin/admin_detection.py,sha256=1yQkLx9rF5DLMjJqbx8n4c82UgS9JEAnUcPdRfFqAXk,5825
@@ -83,9 +83,9 @@ django_bolt/responses.py,sha256=B0LXHN431c1-o93DC_xTF-wrnv8CMxn-1Sd0Yi4cwjE,7238
 django_bolt/router.py,sha256=wTFsPasg5Sh5hgdFp1kCmUrK6ugwRPWEj7PsxWOc9lc,1532
 django_bolt/serialization.py,sha256=Uza6jzQPTFxTQHnXEWBEDYY-3xDOGZinBSRE0T4KK28,8825
 django_bolt/status_codes.py,sha256=jTZ32kPwj3tC23jh6uC1Ci1P9EKttywsvyWINQIEwGg,9386
-django_bolt/testing/__init__.py,sha256=5UDYTmdyKkkY5ENlOlZcK0twbsLSylpjlp7oFgqNC-0,257
-django_bolt/testing/client.py,sha256=X1DXulzJHuN3RKvyMhEP4yhymc2UrUDBrnngho-m1yA,10008
-django_bolt/testing/helpers.py,sha256=Vv-4KuIbOVfCWQvohKpO37u59uhrhpWnRU5bWzbK5rg,2820
+django_bolt/testing/__init__.py,sha256=TgJjct2WucKL7HyrbMuQfplNptlCPhu4CL-WQZxaoRY,216
+django_bolt/testing/client.py,sha256=Yx7N1lfXmJcH4yF--6K0YehtPY2_wiwb8U3a0qQoqDE,8616
+django_bolt/testing/helpers.py,sha256=hq2HD1IEwHuW8tMgZO9ZW6BFdcE_JQXaV8sZc58LBDc,1472
 django_bolt/typing.py,sha256=sGlFUUXY8EJbYWCgARgNGLZPu7SaxxohZaSx1SRLYaE,8686
 django_bolt/views.py,sha256=KewSpL6g-zZxXnEkwun6hueX3S_Eji-d2dawzoqe-GM,41715
-django_bolt-0.2.0.dist-info/RECORD,,
+django_bolt-0.2.3.dist-info/RECORD,,