PyPI - mdb-engine - Versions diffs - 0.5.1__py3-none-any.whl → 0.7.0__py3-none-any.whl - Mend

mdb-engine 0.5.1py3-none-any.whl → 0.7.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

mdb_engine/__init__.py +13 -9
mdb_engine/auth/__init__.py +18 -0
mdb_engine/auth/csrf.py +651 -69
mdb_engine/auth/provider.py +10 -0
mdb_engine/auth/shared_users.py +73 -2
mdb_engine/auth/users.py +2 -1
mdb_engine/auth/utils.py +31 -6
mdb_engine/auth/websocket_sessions.py +433 -0
mdb_engine/auth/websocket_tickets.py +307 -0
mdb_engine/core/app_registration.py +10 -0
mdb_engine/core/engine.py +656 -21
mdb_engine/core/manifest.py +26 -0
mdb_engine/core/ray_integration.py +4 -4
mdb_engine/core/types.py +2 -0
mdb_engine/database/connection.py +6 -3
mdb_engine/database/scoped_wrapper.py +3 -3
mdb_engine/indexes/manager.py +3 -3
mdb_engine/observability/health.py +7 -7
mdb_engine/routing/README.md +9 -2
mdb_engine/routing/websockets.py +479 -56
{mdb_engine-0.5.1.dist-info → mdb_engine-0.7.0.dist-info}/METADATA +128 -4
{mdb_engine-0.5.1.dist-info → mdb_engine-0.7.0.dist-info}/RECORD +26 -24
{mdb_engine-0.5.1.dist-info → mdb_engine-0.7.0.dist-info}/WHEEL +0 -0
{mdb_engine-0.5.1.dist-info → mdb_engine-0.7.0.dist-info}/entry_points.txt +0 -0
{mdb_engine-0.5.1.dist-info → mdb_engine-0.7.0.dist-info}/licenses/LICENSE +0 -0
{mdb_engine-0.5.1.dist-info → mdb_engine-0.7.0.dist-info}/top_level.txt +0 -0

mdb_engine/__init__.py CHANGED Viewed

@@ -82,15 +82,19 @@ from .repositories import Entity, MongoRepository, Repository, UnitOfWork
 from .utils import clean_mongo_doc, clean_mongo_docs
 __version__ = (
-    "0.5.0"  # Major WebSocket security overhaul - cookie-based authentication
-    # - BREAKING CHANGE: Removed subprotocol tunneling support
-    # - NEW: Exclusive httpOnly cookie-based WebSocket authentication
-    # - Comprehensive security guide (WEBSOCKET_SECURITY_MULTI_APP_SSO.md)
-    # - Updated all documentation to reflect cookie-based authentication
-    # - Enhanced CSRF protection for WebSocket upgrades
-    # - Added integration tests for cookie-based WebSocket authentication
-    # - Complete test coverage for WebSocket security scenarios
-    # - Multi-app SSO compatibility with path="/" cookies
+    "0.6.0"  # Secure-by-default WebSocket authentication with encrypted session keys
+    # - NEW: WebSocket session key generation and management
+    # - NEW: Envelope encryption for WebSocket session keys
+    # - NEW: Secure-by-default CSRF protection (csrf_required: true)
+    # - NEW: WebSocketSessionManager with private collection storage
+    # - NEW: Session key endpoint (/auth/websocket-session)
+    # - NEW: Session key integration in login flow
+    # - ENHANCED: WebSocket authentication with session key support
+    # - ENHANCED: CSRF middleware session key validation
+    # - ENHANCED: Multi-app WebSocket routing with session keys
+    # - BACKWARD COMPATIBLE: Cookie-based authentication fallback
+    # - UPDATED: All documentation for secure-by-default approach
+    # - COMPREHENSIVE: Unit and integration tests for session keys
 )
 __all__ = [

mdb_engine/auth/__init__.py CHANGED Viewed

@@ -125,6 +125,18 @@ from .utils import (
     validate_password_strength_async,
 )
+# WebSocket sessions
+from .websocket_sessions import (
+    WebSocketSessionManager,
+    create_websocket_session_endpoint,
+)
+# WebSocket tickets
+from .websocket_tickets import (
+    WebSocketTicketStore,
+    create_websocket_ticket_endpoint,
+)
 __all__ = [
     # Base classes
     "BaseAuthorizationProvider",
@@ -232,4 +244,10 @@ __all__ = [
     "generate_csrf_token",
     "validate_csrf_token",
     "get_csrf_token",
+    # WebSocket sessions
+    "WebSocketSessionManager",
+    "create_websocket_session_endpoint",
+    # WebSocket tickets
+    "WebSocketTicketStore",
+    "create_websocket_ticket_endpoint",
 ]

mdb-engine 0.5.1__py3-none-any.whl → 0.7.0__py3-none-any.whl

mdb-engine 0.5.1py3-none-any.whl → 0.7.0py3-none-any.whl