fastlifeweb 0.22.0__py3-none-any.whl → 0.23.0__py3-none-any.whl

CHANGELOG.md

@@ -1,3 +1,17 @@
+## 0.23.0  - Released on 2024-12-04
+* Update Request type.
+  * Breaking changes: Request[TUser, TRegistry] -> Request[TRegistry, TIdentity, TClaimedIdentity].
+* Update SecurityPolicy, designed for MFA by default.
+  * Breaking changes: new abstract method added. build_authentication_state.
+  * Breaking changes: there is no more get_authenticated_userid method.
+  * The identity method is not abstract anymore, result comes from the build_authentication_state.
+  * New method get_authentication_state, claimed_identity and pre_remember.
+* Add a AbstractNoMFASecurityPolicy that build a AbstractSecurityPolicy without TClaimedIdentity as None.
+* New ACL type added to raise 401 errors due to missing MFA which may not be same url as tu login/password.
+
+## 0.22.1  - Released on 2024-11-27
+* Improve Request typing
+
 ## 0.22.0  - Released on 2024-11-23
 * Add a way to add fatal errors on form in order to display an error block.
 * The localizer can be called gettext in the depency in order to simple translation.

fastlife/__init__.py

@@ -7,7 +7,13 @@ from fastapi.responses import RedirectResponse
 
 from .adapters.fastapi.form import form_model
 from .adapters.fastapi.localizer import Localizer
-from .adapters.fastapi.request import AnyRequest, Registry, Request, get_request
+from .adapters.fastapi.request import (
+    AnyRequest,
+    Registry,
+    Request,
+    get_registry,
+    get_request,
+)
 from .config import (
     Configurator,
     GenericConfigurator,
@@ -21,17 +27,27 @@ from .domain.model.form import FormModel
 from .domain.model.request import GenericRequest
 from .domain.model.security_policy import (
     Allowed,
+    Anonymous,
+    Authenticated,
+    AuthenticationState,
     Denied,
     Forbidden,
     HasPermission,
+    NoMFAAuthenticationState,
+    PendingMFA,
+    PreAuthenticated,
     Unauthenticated,
     Unauthorized,
 )
 from .domain.model.template import JinjaXTemplate
 
 # from .request.form_data import model
-from .service.registry import DefaultRegistry, GenericRegistry
-from .service.security_policy import AbstractSecurityPolicy, InsecurePolicy
+from .service.registry import DefaultRegistry, GenericRegistry, TRegistry, TSettings
+from .service.security_policy import (
+    AbstractNoMFASecurityPolicy,
+    AbstractSecurityPolicy,
+    InsecurePolicy,
+)
 from .settings import Settings
 
 __all__ = [
@@ -47,6 +63,9 @@ __all__ = [
     "resource_view",
     "Configurator",
     "DefaultRegistry",
+    "TSettings",
+    "TRegistry",
+    "get_registry",
     # Form
     "FormModel",
     "form_model",
@@ -60,13 +79,20 @@ __all__ = [
     "RedirectResponse",
     # Security
     "AbstractSecurityPolicy",
+    "AbstractNoMFASecurityPolicy",
     "HasPermission",
     "Unauthenticated",
+    "PreAuthenticated",
     "Allowed",
     "Denied",
     "Unauthorized",
     "Forbidden",
     "InsecurePolicy",
+    "Anonymous",
+    "PendingMFA",
+    "Authenticated",
+    "AuthenticationState",
+    "NoMFAAuthenticationState",
     # Template
     "JinjaXTemplate",
     # i18n

fastlife/adapters/fastapi/request.py

@@ -9,18 +9,18 @@ from fastlife.domain.model.request import GenericRequest
 from fastlife.service.registry import DefaultRegistry
 
 
-def get_request(request: FastAPIRequest) -> GenericRequest[Any]:
+def get_request(request: FastAPIRequest) -> GenericRequest[Any, Any, Any]:
     """Return the Fastlife Request object."""
     return request  # type: ignore
 
 
-Request = Annotated[GenericRequest[DefaultRegistry], Depends(get_request)]
+Request = Annotated[GenericRequest[DefaultRegistry, Any, Any], Depends(get_request)]
 """A request that is associated to the default registry."""
 # FastAPI handle its Request objects using a lenient_issubclass,
-# basically a issubclass(Request), doe to the Generic[T], it does not work.
+# basically a issubclass(Request), does not work with Generic[T].
 
 
-AnyRequest = Annotated[GenericRequest[Any], Depends(get_request)]
+AnyRequest = Annotated[GenericRequest[Any, Any, Any], Depends(get_request)]
 """A request version that is associated to the any registry."""
 
 

fastlife/adapters/fastapi/routing/route.py

@@ -41,7 +41,7 @@ class Route(APIRoute):
         orig_route_handler = super().get_route_handler()
 
         async def route_handler(request: StarletteRequest) -> Response:
-            req = GenericRequest(self._registry, request)
+            req = GenericRequest[Any, Any, Any](self._registry, request)
             return await orig_route_handler(req)
 
         return route_handler

fastlife/config/configurator.py

@@ -144,7 +144,7 @@ class GenericConfigurator(Generic[TRegistry]):
         self._route_prefix: str = ""
         self._routers: dict[str, Router] = defaultdict(Router)
         self._security_policies: dict[
-            str, type[AbstractSecurityPolicy[Any, TRegistry]]
+            str, type[AbstractSecurityPolicy[Any, Any, TRegistry]]
         ] = {}
 
         self._registered_permissions: set[str] = set()
@@ -322,7 +322,7 @@ class GenericConfigurator(Generic[TRegistry]):
         return self
 
     def set_security_policy(
-        self, security_policy: "type[AbstractSecurityPolicy[Any, TRegistry]]"
+        self, security_policy: "type[AbstractSecurityPolicy[TRegistry, Any, Any]]"
     ) -> Self:
         """
         Set a security policy for the application.
@@ -594,7 +594,7 @@ class GenericConfigurator(Generic[TRegistry]):
             # class is wrong.
             # Until we store a security policy per rooter, we rebuild an
             # incomplete request here.
-            req = GenericRequest[DefaultRegistry](self.registry, request)
+            req = GenericRequest[DefaultRegistry, Any, Any](self.registry, request)
             resp = handler(req, exc)
             if isinstance(resp, Response):
                 return resp

fastlife/domain/model/request.py

@@ -5,6 +5,7 @@ from typing import TYPE_CHECKING, Any, Generic
 from starlette.requests import Request as BaseRequest
 
 from fastlife.domain.model.csrf import CSRFToken, create_csrf_token
+from fastlife.domain.model.security_policy import TClaimedIdentity, TIdentity
 from fastlife.service.registry import TRegistry
 
 if TYPE_CHECKING:
@@ -14,7 +15,7 @@ if TYPE_CHECKING:
     )
 
 
-class GenericRequest(BaseRequest, Generic[TRegistry]):
+class GenericRequest(BaseRequest, Generic[TRegistry, TIdentity, TClaimedIdentity]):
     """HTTP Request representation."""
 
     registry: TRegistry
@@ -22,7 +23,9 @@ class GenericRequest(BaseRequest, Generic[TRegistry]):
     locale_name: str
     """Request locale used for the i18n of the response."""
 
-    security_policy: "AbstractSecurityPolicy[Any, TRegistry] | None"
+    security_policy: (
+        "AbstractSecurityPolicy[TRegistry, TIdentity, TClaimedIdentity] | None"
+    )
     """Request locale used for the i18n of the response."""
 
     renderer_globals: dict[str, Any]

fastlife/domain/model/security_policy.py

@@ -2,7 +2,7 @@
 
 import logging
 from collections.abc import Callable, Coroutine
-from typing import Any, Literal, TypeVar
+from typing import Any, Generic, Literal, TypeVar
 
 from fastapi import HTTPException
 from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN
@@ -10,13 +10,62 @@ from starlette.status import HTTP_401_UNAUTHORIZED, HTTP_403_FORBIDDEN
 CheckPermissionHook = Callable[..., Coroutine[Any, Any, None]] | Callable[..., None]
 CheckPermission = Callable[[str], CheckPermissionHook]
 
-TUser = TypeVar("TUser")
+TClaimedIdentity = TypeVar("TClaimedIdentity")
+TIdentity = TypeVar("TIdentity")
 
 log = logging.getLogger(__name__)
 
 
+class _Anonymous: ...
+
+
+Anonymous = _Anonymous()
+"""
+The user is not authenticated.
+"""
+
+
+class PendingMFA(Generic[TClaimedIdentity]):
+    """
+    The user provided its identity, usually validated with a first factor,
+    such as a password but it has not totally proved its authentication
+    by a second or many other factors of authentication.
+    The type TClaimedIdentity will store the relevant informations during
+    this authentication phase.
+    """
+
+    claimed: TClaimedIdentity | None
+    __match_args__ = ("claimed",)
+
+    def __init__(self, claimed: TClaimedIdentity) -> None:
+        self.claimed = claimed
+
+
+class Authenticated(Generic[TIdentity]):
+    """The identity has been validated."""
+
+    __match_args__ = ("identity",)
+
+    def __init__(self, identity: TIdentity) -> None:
+        self.identity = identity
+
+
+AuthenticationState = (
+    _Anonymous | PendingMFA[TClaimedIdentity] | Authenticated[TIdentity]
+)
+"""
+Type representing the state of an authentication.
+"""
+
+NoMFAAuthenticationState = AuthenticationState[None, TIdentity]
+"""
+Type representing a state of authentication when no multiple factor of authentication
+is involved.
+"""
+
+
 class Unauthorized(HTTPException):
-    """An exception raised to stop a request exectution and return an HTTP Error."""
+    """An exception raised to stop a request execution and return a 401 HTTP Error."""
 
     def __init__(
         self,
@@ -27,8 +76,22 @@ class Unauthorized(HTTPException):
         super().__init__(status_code, detail, headers)
 
 
+class MFARequired(Unauthorized):
+    """
+    An exception raised to stop a request execution and return a 401 HTTP Error for MFA.
+    """
+
+    def __init__(
+        self,
+        status_code: int = HTTP_401_UNAUTHORIZED,
+        detail: str = "MFA Required",
+        headers: dict[str, str] | None = None,
+    ) -> None:
+        super().__init__(status_code, detail, headers)
+
+
 class Forbidden(HTTPException):
-    """An exception raised to stop a request exectution and return an HTTP Error."""
+    """An exception raised to stop a request execution and return a 403 HTTP Error."""
 
     def __init__(
         self,
@@ -59,7 +122,7 @@ class HasPermission(int, metaclass=BoolMeta):
     or the frontend may use the information to adapt its interface.
     """
 
-    kind: Literal["allowed", "unauthenticated", "denied"]
+    kind: Literal["allowed", "unauthenticated", "mfa_required", "denied"]
     """
     Identified basic information of the response.
     It distinguished unauthenticated and denied to eventually raised 401 over 403 error.
@@ -96,6 +159,16 @@ class Unauthenticated(HasPermission):
     reason = "Authentication required"
 
 
+class PreAuthenticated(HasPermission):
+    """
+    Represent a permission check result that is not allowed due to
+    missing secondary authentication mechanism.
+    """
+
+    kind = "mfa_required"
+    reason = "MFA required"
+
+
 class Denied(HasPermission):
     """
     Represent a permission check result that is not allowed due to lack of permission.

fastlife/service/check_permission.py

@@ -34,6 +34,8 @@ def check_permission(permission_name: str) -> CheckPermissionHook:
                 return
             case "denied":
                 raise request.security_policy.Forbidden(detail=allowed.reason)
+            case "mfa_required":
+                raise request.security_policy.MFARequired(detail=allowed.reason)
             case "unauthenticated":
                 raise request.security_policy.Unauthorized(detail=allowed.reason)
 

fastlife/service/locale_negociator.py

@@ -10,14 +10,16 @@ LocaleName = str
 
 from fastlife.adapters.fastapi.request import GenericRequest  # coverage: ignore
 
-LocaleNegociator = Callable[[GenericRequest[Any]], LocaleName]  # coverage: ignore
+LocaleNegociator = Callable[
+    [GenericRequest[Any, Any, Any]], LocaleName
+]  # coverage: ignore
 """Interface to implement to negociate a locale"""  # coverage: ignore
 
 
 def default_negociator(settings: Settings) -> LocaleNegociator:
     """The default local negociator return the locale set in the conf."""
 
-    def locale_negociator(request: "GenericRequest[Any]") -> str:
+    def locale_negociator(request: "GenericRequest[Any, Any, Any]") -> str:
         return settings.default_locale
 
     return locale_negociator

fastlife/service/security_policy.py

@@ -2,34 +2,44 @@
 
 import abc
 from typing import Annotated, Any, Generic
-from uuid import UUID
 
 from fastapi import Depends
 
 from fastlife import GenericRequest, get_request
 from fastlife.domain.model.security_policy import (
     Allowed,
+    Anonymous,
+    Authenticated,
+    AuthenticationState,
     Forbidden,
     HasPermission,
-    TUser,
+    MFARequired,
+    PendingMFA,
+    TClaimedIdentity,
+    TIdentity,
     Unauthorized,
 )
 from fastlife.service.registry import TRegistry
 
 
-class AbstractSecurityPolicy(abc.ABC, Generic[TUser, TRegistry]):
+class AbstractSecurityPolicy(abc.ABC, Generic[TRegistry, TIdentity, TClaimedIdentity]):
     """Security policy base class."""
 
     Forbidden = Forbidden
     """The exception raised if the user identified is not granted."""
     Unauthorized = Unauthorized
     """The exception raised if no user has been identified."""
+    MFARequired = MFARequired
+    """The exception raised if no user has been authenticated using a MFA."""
 
-    request: GenericRequest[TRegistry]
+    request: GenericRequest[TRegistry, TIdentity, TClaimedIdentity]
     """Request where the security policy is applied."""
 
     def __init__(
-        self, request: Annotated[GenericRequest[TRegistry], Depends(get_request)]
+        self,
+        request: Annotated[
+            GenericRequest[TRegistry, TIdentity, TClaimedIdentity], Depends(get_request)
+        ],
     ):
         """
         Build the security policy.
@@ -42,17 +52,48 @@ class AbstractSecurityPolicy(abc.ABC, Generic[TUser, TRegistry]):
         """
         self.request = request
         self.request.security_policy = self  # we do backref to implement has_permission
+        self._authentication_state: (
+            AuthenticationState[TClaimedIdentity, TIdentity] | None
+        ) = None
 
-    @abc.abstractmethod
-    async def identity(self) -> TUser | None:
+    async def get_authentication_state(
+        self,
+    ) -> AuthenticationState[TClaimedIdentity, TIdentity]:
+        """
+        Return app-specific user object or None.
+        """
+        if self._authentication_state is None:
+            self._authentication_state = await self.build_authentication_state()
+        return self._authentication_state
+
+    async def claimed_identity(self) -> TClaimedIdentity | None:
+        """
+        Return app-specific user object that pretend to be identified.
+        """
+        auth = await self.get_authentication_state()
+        match auth:
+            case PendingMFA(claimed):
+                return claimed
+            case _:
+                return None
+
+    async def identity(self) -> TIdentity | None:
         """
-        Return app-specific user object or raise an HTTPException.
+        Return app-specific user object after an mfa authentication or None.
         """
+        auth = await self.get_authentication_state()
+        match auth:
+            case Authenticated(identity):
+                return identity
+            case _:
+                return None
 
     @abc.abstractmethod
-    async def authenticated_userid(self) -> str | UUID | None:
+    async def build_authentication_state(
+        self,
+    ) -> AuthenticationState[TClaimedIdentity, TIdentity]:
         """
-        Return app-specific user object or raise an HTTPException.
+        Return the authentication state for the current request.
         """
 
     @abc.abstractmethod
@@ -62,7 +103,11 @@ class AbstractSecurityPolicy(abc.ABC, Generic[TUser, TRegistry]):
         """Allow access to everything if signed in."""
 
     @abc.abstractmethod
-    async def remember(self, user: TUser) -> None:
+    async def pre_remember(self, claimed_identity: TClaimedIdentity) -> None:
+        """Save the user identity in the request session."""
+
+    @abc.abstractmethod
+    async def remember(self, identity: TIdentity) -> None:
         """Save the user identity in the request session."""
 
     @abc.abstractmethod
@@ -70,7 +115,12 @@ class AbstractSecurityPolicy(abc.ABC, Generic[TUser, TRegistry]):
         """Destroy the request session."""
 
 
-class InsecurePolicy(AbstractSecurityPolicy[None, Any]):
+class AbstractNoMFASecurityPolicy(AbstractSecurityPolicy[TRegistry, TIdentity, None]):
+    async def pre_remember(self, claimed_identity: None) -> None:
+        """Do Nothing."""
+
+
+class InsecurePolicy(AbstractNoMFASecurityPolicy[Any, None]):
     """
     An implementation of the security policy made for explicit unsecured access.
 
@@ -79,13 +129,10 @@ class InsecurePolicy(AbstractSecurityPolicy[None, Any]):
     or your own reason, the InsecurePolicy has to be set to the configurator.
     """
 
-    async def identity(self) -> None:
-        """Nobodies is identified."""
-        return None
-
-    async def authenticated_userid(self) -> str | UUID:
-        """An uuid mades of 0."""
-        return UUID(int=0)
+    async def build_authentication_state(
+        self,
+    ) -> AuthenticationState[None, None]:
+        return Anonymous
 
     async def has_permission(
         self, permission: str
@@ -93,7 +140,7 @@ class InsecurePolicy(AbstractSecurityPolicy[None, Any]):
         """Access is allways granted."""
         return Allowed
 
-    async def remember(self, user: None) -> None:
+    async def remember(self, identity: None) -> None:
         """Do nothing."""
 
     async def forget(self) -> None:

{fastlifeweb-0.22.0.dist-info → fastlifeweb-0.23.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: fastlifeweb
-Version: 0.22.0
+Version: 0.23.0
 Summary: High-level web framework
 Author-Email: Guillaume Gauvrit <guillaume@gauvr.it>
 License: MIT License

{fastlifeweb-0.22.0.dist-info → fastlifeweb-0.23.0.dist-info}/RECORD

@@ -1,13 +1,13 @@
-CHANGELOG.md,sha256=gtRawAWGc5B7HSVjRWA2eng5K_1jDm-AZrioc2niKWw,6987
-fastlife/__init__.py,sha256=vccDwPrkKjB4N-yBdqWN5fCaUJzUnFyNAE35pcIz9kU,1664
+CHANGELOG.md,sha256=Ap14kfVx07rFhITGDmtQfwEsJowg5osxKETE0w478lU,7801
+fastlife/__init__.py,sha256=cx3BScbBelH-Tm63VPdAp5siW1fBZ0uOMwNW_SPs2xQ,2126
 fastlife/adapters/__init__.py,sha256=imPD1hImpgrYkvUJRhHA5kVyGAua7VbP2WGkhSWKJT8,93
 fastlife/adapters/fastapi/__init__.py,sha256=1goV1FGFP04TGyskJBLKZam4Gvt1yoAvLMNs4ekWSSQ,243
 fastlife/adapters/fastapi/form.py,sha256=csxsDI6RK-g41pMwFhaVQCLDhF7dAZzgUp-VcrC3NFY,823
 fastlife/adapters/fastapi/form_data.py,sha256=2DQ0o-RvY6iROUKQjS-UJdNYEVSsNPd-AjpergI3w54,4473
 fastlife/adapters/fastapi/localizer.py,sha256=XD1kCJuAlkGevivmvAJEcGMCBWMef9rAfTOGmt3PVWU,436
-fastlife/adapters/fastapi/request.py,sha256=oyAZ1QKW2mh-9CadQdOdn_BqnVVjaZ6aG4eTNK2R2j0,1095
+fastlife/adapters/fastapi/request.py,sha256=COOoSMZAm4VhyJgM7dlqJ7YdGjeGI7qs93PtBsriEPc,1115
 fastlife/adapters/fastapi/routing/__init__.py,sha256=8EMnQE5n8oA4J9_c3nxzwKDVt3tefZ6fGH0d2owE8mo,195
-fastlife/adapters/fastapi/routing/route.py,sha256=g-MlXFvyRzVsNO_bBYDQQHD03fmRXEOm9KHxIHFZmug,1461
+fastlife/adapters/fastapi/routing/route.py,sha256=XnDPvd5V0Zl7Ke6bBErEtUCjmNQPcV2U_w1dWpx6qM4,1476
 fastlife/adapters/fastapi/routing/router.py,sha256=jzrnU_Lyywu21e3spPaWQw8ujZh_Yy_EJOojcCi6ew4,499
 fastlife/adapters/itsdangerous/__init__.py,sha256=7ocGY7v0cxooZBKQYjA2JkmzRqiBvcU1uzA84UsTVAI,84
 fastlife/adapters/itsdangerous/session.py,sha256=9h_WRsXqZbytHZOv5B_K3OWD5mbfYzxHulXoOf6D2MI,1685
@@ -1686,7 +1686,7 @@ fastlife/components/pydantic_form/FatalError.jinja,sha256=lFVlNrXzBR6ExMahq77h0t
 fastlife/components/pydantic_form/Hint.jinja,sha256=8leBpfMGDmalc_KAjr2paTojr_rwq-luS6m_1BGj7Tw,202
 fastlife/components/pydantic_form/Widget.jinja,sha256=PgguUpvhG6CY9AW6H8qQMjKqjlybjDCAaFFAOHzrzVQ,418
 fastlife/config/__init__.py,sha256=5qpuaVYqi-AS0GgsfggM6rFsSwXgrqrLBo9jH6dVroc,407
-fastlife/config/configurator.py,sha256=nxowUriGj_MYcBlcBLB49HepDIbHiF4gG3baC_V3mFM,24702
+fastlife/config/configurator.py,sha256=SURXmBrdTghHoG2f9R2BUF6TKZXg1lNmwP3ZbuApJ3M,24722
 fastlife/config/exceptions.py,sha256=9MdBnbfy-Aw-KaIFzju0Kh8Snk41-v9LqK2w48Tdy1s,1169
 fastlife/config/openapiextra.py,sha256=rYoerrn9sni2XwnO3gIWqaz7M0aDZPhVLjzqhDxue0o,514
 fastlife/config/resources.py,sha256=u6OgnbHfGkC5idH-YPNkIPf8GJnZpJoGVZ-Ym022BCo,8533
@@ -1696,8 +1696,8 @@ fastlife/domain/model/__init__.py,sha256=aoBjaSpDscuFXvtknJHwiNyoJRUpE-v4X54h_wN
 fastlife/domain/model/asgi.py,sha256=RSTnfTsofOmCaWzHNuRGowjlyHYmoDCrXFbvNY_B55k,129
 fastlife/domain/model/csrf.py,sha256=BUiWK-S7rVciWHO1qTkM8e_KxzpF6gGC4MMJK1v6iDo,414
 fastlife/domain/model/form.py,sha256=WriBT1qUUIbf5x5iewo9ChEcr6k0en8jMTD0iaei5Pk,3253
-fastlife/domain/model/request.py,sha256=K0_pSOboKw5IRL8SCIsEuPZlPPe3h0F5cugZEVFdfoo,2531
-fastlife/domain/model/security_policy.py,sha256=iYBKXOYaXxM_n-rsyB25lO6RblSx9icTx1Bg-s3Iz9k,2942
+fastlife/domain/model/request.py,sha256=ZRHZW_MOmtO_DFHt2UYu_aUmtoMdD14085A8Z8_eS8s,2678
+fastlife/domain/model/security_policy.py,sha256=f9SLi54vvRU-KSPJ5K0unoqYpkxIyzuZjKf2Ylwf5Rg,4796
 fastlife/domain/model/template.py,sha256=z9oxdKme1hMPuvk7mBiKR_tuVY8TqH77aTYqMgvEGl8,876
 fastlife/domain/model/types.py,sha256=64jJKFAi5x0e3vr8naHU1m_as0Qy8MS-s9CG0z6K1qc,381
 fastlife/middlewares/__init__.py,sha256=C3DUOzR5EhlAv5Zq7h-Abyvkd7bUsJohTRSB2wpRYQE,220
@@ -1709,11 +1709,11 @@ fastlife/middlewares/session/middleware.py,sha256=ituZ5hNipDMkgCXNE4zbnmOcWEF151
 fastlife/middlewares/session/serializer.py,sha256=nbJGiCJ_ryZxkW1I28kmK6hD3U98D4ZlUQA7B8_tngQ,635
 fastlife/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 fastlife/service/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-fastlife/service/check_permission.py,sha256=-XD9qA11dLwen0bNCTy2Id_dCjzTJ0j7xuwB9IOtEY0,1695
+fastlife/service/check_permission.py,sha256=-TsI58YZJtWIw5bsm0fVpfuaCMUx4cmoLTKGXeyQPDk,1809
 fastlife/service/csrf.py,sha256=wC1PaKOmZ3il0FF_kevxnlg9PxDqruRdLrNnOA3ZHrU,1886
-fastlife/service/locale_negociator.py,sha256=wXgQR8jCtPd5XtM-vvGZ4OrVnBQlt0deSoE2nInNfb0,770
+fastlife/service/locale_negociator.py,sha256=JUqzTukxDqTJVOR-CNI7Vqo6kvdvwxYvZQe8P3V9S2U,796
 fastlife/service/registry.py,sha256=B6n5b_b0RgxJj0qFOpnrJFmG7_MPtvShwV6yH9V6vi0,2098
-fastlife/service/security_policy.py,sha256=Ytl8hgXtytvBNoBRHRmqVD96fJMnERnaL90q6XG7yI8,3036
+fastlife/service/security_policy.py,sha256=qYXs4mhfz_u4x59NhUkirqKYKQbFv9YrzyRuXj7mxE0,4688
 fastlife/service/templates.py,sha256=QPAIUbbZiekazz_jV3q4JCwQd6Q4KA6a4RDek2RWuhE,2548
 fastlife/service/translations.py,sha256=D-1D3pVNytEcps1u-0K7FmgQ8Wo6Yu4XVHvZrPhBmAI,5795
 fastlife/settings.py,sha256=q-rz4CEF2RQGow5-m-yZJOvdh3PPb2c1Q_ZLJGnu4VQ,3647
@@ -1728,9 +1728,9 @@ fastlife/testing/session.py,sha256=LEFFbiR67_x_g-ioudkY0C7PycHdbDfaIaoo_G7GXQ8,2
 fastlife/testing/testclient.py,sha256=JTIgeMKooA8L4gEodeC3gy4Lo27y3WNswSEIKLlVVPs,6745
 fastlife/views/__init__.py,sha256=zG8gveL8e2zBdYx6_9jtZfpQ6qJT-MFnBY3xXkLwHZI,22
 fastlife/views/pydantic_form.py,sha256=o7EUItciAGL1OSaGNHo-3BTrYAk34GuWE7zGikjiAGY,1486
-fastlifeweb-0.22.0.dist-info/METADATA,sha256=8ual_JaeNHufsRyP5pdCPu2yHuVpzMzR53aitRbHmjo,3663
-fastlifeweb-0.22.0.dist-info/WHEEL,sha256=thaaA2w1JzcGC48WYufAs8nrYZjJm8LqNfnXFOFyCC4,90
-fastlifeweb-0.22.0.dist-info/entry_points.txt,sha256=6OYgBcLyFCUgeqLgnvMyOJxPCWzgy7se4rLPKtNonMs,34
-fastlifeweb-0.22.0.dist-info/licenses/LICENSE,sha256=NlRX9Z-dcv8X1VFW9odlIQBbgNN9pcO94XzvKp2R16o,1075
+fastlifeweb-0.23.0.dist-info/METADATA,sha256=Eww8hBxH7oR5_EeqtALpdmUmJr2f1vs1E0EijXaxM30,3663
+fastlifeweb-0.23.0.dist-info/WHEEL,sha256=thaaA2w1JzcGC48WYufAs8nrYZjJm8LqNfnXFOFyCC4,90
+fastlifeweb-0.23.0.dist-info/entry_points.txt,sha256=6OYgBcLyFCUgeqLgnvMyOJxPCWzgy7se4rLPKtNonMs,34
+fastlifeweb-0.23.0.dist-info/licenses/LICENSE,sha256=NlRX9Z-dcv8X1VFW9odlIQBbgNN9pcO94XzvKp2R16o,1075
 tailwind.config.js,sha256=EN3EahBDmQBbmJvkw3SdGWNOkfkzw0cg-QvBikOhkrw,1348
-fastlifeweb-0.22.0.dist-info/RECORD,,
+fastlifeweb-0.23.0.dist-info/RECORD,,