PyPI - plain.auth - Versions diffs - 0.12.1__tar.gz → 0.14.0__tar.gz - Mend

plain.auth 0.12.1tar.gz → 0.14.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

{plain_auth-0.12.1 → plain_auth-0.14.0}/.gitignore RENAMED Viewed

@@ -4,7 +4,6 @@
 *.py[co]
 __pycache__
 *.DS_Store
-.coverage
 # Test apps
 plain*/tests/.plain
@@ -14,4 +13,7 @@ plain*/tests/.plain
 /llms-full.txt
-/.plain
+# Plain temp dirs
+.plain
+.vscode

{plain_auth-0.12.1 → plain_auth-0.14.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plain.auth
-Version: 0.12.1
+Version: 0.14.0
 Summary: User authentication and authorization for Plain.
 Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
 License-File: LICENSE

plain_auth-0.14.0/plain/auth/CHANGELOG.md ADDED Viewed

@@ -0,0 +1,21 @@
+# plain-auth changelog
+## [0.14.0](https://github.com/dropseed/plain/releases/plain-auth@0.14.0) (2025-07-18)
+### What's changed
+- Added OpenTelemetry tracing support with automatic user ID attribute setting in auth middleware ([b0224d0](https://github.com/dropseed/plain/commit/b0224d0418))
+### Upgrade instructions
+- No changes required
+## [0.13.0](https://github.com/dropseed/plain/releases/plain-auth@0.13.0) (2025-06-23)
+### What's changed
+- Added `login_client` and `logout_client` helpers to `plain.auth.test` for easily logging users in and out of the Django test client ([eb8a023](https://github.com/dropseed/plain/commit/eb8a023)).
+### Upgrade instructions
+- No changes required

plain_auth-0.14.0/plain/auth/__init__.py ADDED Viewed

@@ -0,0 +1,8 @@
+from .sessions import get_user, get_user_model, login, logout
+__all__ = [
+    "login",
+    "logout",
+    "get_user_model",
+    "get_user",
+]

{plain_auth-0.12.1 → plain_auth-0.14.0}/plain/auth/middleware.py RENAMED Viewed

@@ -1,3 +1,6 @@
+from opentelemetry import trace
+from opentelemetry.semconv._incubating.attributes.user_attributes import USER_ID
 from plain import auth
 from plain.exceptions import ImproperlyConfigured
 from plain.utils.functional import SimpleLazyObject
@@ -6,6 +9,8 @@ from plain.utils.functional import SimpleLazyObject
 def get_user(request):
     if not hasattr(request, "_cached_user"):
         request._cached_user = auth.get_user(request)
+        if request._cached_user:
+            trace.get_current_span().set_attribute(USER_ID, request._cached_user.id)
     return request._cached_user

plain_auth-0.14.0/plain/auth/test.py ADDED Viewed

@@ -0,0 +1,40 @@
+from http.cookies import SimpleCookie
+from plain.http.request import HttpRequest
+from plain.runtime import settings
+from plain.sessions import SessionStore
+from .sessions import get_user, login, logout
+def login_client(client, user):
+    """Log a user into a test client."""
+    request = HttpRequest()
+    if client.session:
+        request.session = client.session
+    else:
+        request.session = SessionStore()
+    login(request, user)
+    request.session.save()
+    session_cookie = settings.SESSION_COOKIE_NAME
+    client.cookies[session_cookie] = request.session.session_key
+    cookie_data = {
+        "max-age": None,
+        "path": "/",
+        "domain": settings.SESSION_COOKIE_DOMAIN,
+        "secure": settings.SESSION_COOKIE_SECURE or None,
+        "expires": None,
+    }
+    client.cookies[session_cookie].update(cookie_data)
+def logout_client(client):
+    """Log out a user from a test client."""
+    request = HttpRequest()
+    if client.session:
+        request.session = client.session
+        request.user = get_user(request)
+    else:
+        request.session = SessionStore()
+    logout(request)
+    client.cookies = SimpleCookie()

{plain_auth-0.12.1 → plain_auth-0.14.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "plain.auth"
-version = "0.12.1"
+version = "0.14.0"
 description = "User authentication and authorization for Plain."
 authors = [{name = "Dave Gaeddert", email = "dave.gaeddert@dropseed.dev"}]
 readme = "README.md"
@@ -13,6 +13,11 @@ dependencies = [
     "plain.sessions<1.0.0",
 ]
+[tool.uv]
+dev-dependencies = [
+    "plain.pytest<1.0.0",
+]
 [tool.hatch.build.targets.wheel]
 packages = ["plain"]

plain_auth-0.14.0/tests/app/settings.py ADDED Viewed

@@ -0,0 +1,14 @@
+SECRET_KEY = "test"
+URLS_ROUTER = "app.urls.AppRouter"
+INSTALLED_PACKAGES = [
+    "plain.auth",
+    "plain.sessions",
+    "plain.models",
+    "app.users",
+]
+MIDDLEWARE = [
+    "plain.sessions.middleware.SessionMiddleware",
+    "plain.auth.middleware.AuthenticationMiddleware",
+]
+AUTH_LOGIN_URL = "login"
+AUTH_USER_MODEL = "users.User"

plain_auth-0.14.0/tests/app/urls.py ADDED Viewed

@@ -0,0 +1,45 @@
+from plain.auth.views import AuthViewMixin
+from plain.urls import Router, path
+from plain.views import View
+class LoginView(View):
+    def get(self):
+        return "login"
+class ProtectedView(AuthViewMixin, View):
+    def get(self):
+        return "protected"
+class OpenView(AuthViewMixin, View):
+    login_required = False
+    def get(self):
+        return "open"
+class AdminView(AuthViewMixin, View):
+    admin_required = True
+    def get(self):
+        return "admin"
+class NoLoginUrlView(AuthViewMixin, View):
+    login_url = None
+    def get(self):
+        return "none"
+class AppRouter(Router):
+    namespace = ""
+    urls = [
+        path("login/", LoginView, name="login"),
+        path("protected/", ProtectedView, name="protected"),
+        path("open/", OpenView, name="open"),
+        path("admin/", AdminView, name="admin"),
+        path("nolink/", NoLoginUrlView, name="nolink"),
+    ]

plain_auth-0.14.0/tests/app/users/migrations/0001_initial.py ADDED Viewed

@@ -0,0 +1,21 @@
+# Generated by Plain 0.21.5 on 2025-02-17 04:12
+from plain import models
+from plain.models import migrations
+class Migration(migrations.Migration):
+    initial = True
+    dependencies = []
+    operations = [
+        migrations.CreateModel(
+            name="User",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True)),
+                ("username", models.CharField(max_length=255)),
+                ("is_admin", models.BooleanField(default=False)),
+            ],
+        ),
+    ]

plain_auth-0.14.0/tests/app/users/migrations/__init__.py ADDED Viewed

File without changes

plain_auth-0.14.0/tests/app/users/models.py ADDED Viewed

@@ -0,0 +1,7 @@
+from plain import models
+@models.register_model
+class User(models.Model):
+    username = models.CharField(max_length=255)
+    is_admin = models.BooleanField(default=False)

plain_auth-0.14.0/tests/test_views.py ADDED Viewed

@@ -0,0 +1,41 @@
+from plain.auth import get_user_model
+from plain.test import Client
+def test_login_required_redirect(db):
+    client = Client()
+    response = client.get("/protected/")
+    assert response.status_code == 302
+    assert response.url == "/login/?next=/protected/"
+def test_view_without_login_required(db):
+    client = Client()
+    response = client.get("/open/")
+    assert response.status_code == 200
+    assert response.content == b"open"
+    assert response.headers["Cache-Control"] == "private"
+def test_admin_required(db):
+    client = Client()
+    # login required first
+    assert client.get("/admin/").status_code == 302
+    user = get_user_model().objects.create(username="user")
+    client.force_login(user)
+    # not admin -> 404
+    assert client.get("/admin/").status_code == 404
+    user.is_admin = True
+    user.save()
+    # now admin -> success
+    resp = client.get("/admin/")
+    assert resp.status_code == 200
+    assert resp.content == b"admin"
+def test_no_login_url_forbidden(db):
+    client = Client()
+    response = client.get("/nolink/")
+    assert response.status_code == 403