plain.auth 0.13.0__tar.gz → 0.14.0__tar.gz

{plain_auth-0.13.0 → plain_auth-0.14.0}/.gitignore

@@ -4,7 +4,6 @@
 *.py[co]
 __pycache__
 *.DS_Store
-.coverage
 
 # Test apps
 plain*/tests/.plain
@@ -16,3 +15,5 @@ plain*/tests/.plain
 
 # Plain temp dirs
 .plain
+
+.vscode

{plain_auth-0.13.0 → plain_auth-0.14.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plain.auth
-Version: 0.13.0
+Version: 0.14.0
 Summary: User authentication and authorization for Plain.
 Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
 License-File: LICENSE

{plain_auth-0.13.0 → plain_auth-0.14.0}/plain/auth/CHANGELOG.md

@@ -1,5 +1,15 @@
 # plain-auth changelog
 
+## [0.14.0](https://github.com/dropseed/plain/releases/plain-auth@0.14.0) (2025-07-18)
+
+### What's changed
+
+- Added OpenTelemetry tracing support with automatic user ID attribute setting in auth middleware ([b0224d0](https://github.com/dropseed/plain/commit/b0224d0418))
+
+### Upgrade instructions
+
+- No changes required
+
 ## [0.13.0](https://github.com/dropseed/plain/releases/plain-auth@0.13.0) (2025-06-23)
 
 ### What's changed

{plain_auth-0.13.0 → plain_auth-0.14.0}/plain/auth/middleware.py

@@ -1,3 +1,6 @@
+from opentelemetry import trace
+from opentelemetry.semconv._incubating.attributes.user_attributes import USER_ID
+
 from plain import auth
 from plain.exceptions import ImproperlyConfigured
 from plain.utils.functional import SimpleLazyObject
@@ -6,6 +9,8 @@ from plain.utils.functional import SimpleLazyObject
 def get_user(request):
     if not hasattr(request, "_cached_user"):
         request._cached_user = auth.get_user(request)
+        if request._cached_user:
+            trace.get_current_span().set_attribute(USER_ID, request._cached_user.id)
     return request._cached_user
 
 

{plain_auth-0.13.0 → plain_auth-0.14.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "plain.auth"
-version = "0.13.0"
+version = "0.14.0"
 description = "User authentication and authorization for Plain."
 authors = [{name = "Dave Gaeddert", email = "dave.gaeddert@dropseed.dev"}]
 readme = "README.md"
@@ -13,6 +13,11 @@ dependencies = [
     "plain.sessions<1.0.0",
 ]
 
+[tool.uv]
+dev-dependencies = [
+    "plain.pytest<1.0.0",
+]
+
 [tool.hatch.build.targets.wheel]
 packages = ["plain"]
 

plain_auth-0.14.0/tests/app/settings.py

@@ -0,0 +1,14 @@
+SECRET_KEY = "test"
+URLS_ROUTER = "app.urls.AppRouter"
+INSTALLED_PACKAGES = [
+    "plain.auth",
+    "plain.sessions",
+    "plain.models",
+    "app.users",
+]
+MIDDLEWARE = [
+    "plain.sessions.middleware.SessionMiddleware",
+    "plain.auth.middleware.AuthenticationMiddleware",
+]
+AUTH_LOGIN_URL = "login"
+AUTH_USER_MODEL = "users.User"

plain_auth-0.14.0/tests/app/urls.py

@@ -0,0 +1,45 @@
+from plain.auth.views import AuthViewMixin
+from plain.urls import Router, path
+from plain.views import View
+
+
+class LoginView(View):
+    def get(self):
+        return "login"
+
+
+class ProtectedView(AuthViewMixin, View):
+    def get(self):
+        return "protected"
+
+
+class OpenView(AuthViewMixin, View):
+    login_required = False
+
+    def get(self):
+        return "open"
+
+
+class AdminView(AuthViewMixin, View):
+    admin_required = True
+
+    def get(self):
+        return "admin"
+
+
+class NoLoginUrlView(AuthViewMixin, View):
+    login_url = None
+
+    def get(self):
+        return "none"
+
+
+class AppRouter(Router):
+    namespace = ""
+    urls = [
+        path("login/", LoginView, name="login"),
+        path("protected/", ProtectedView, name="protected"),
+        path("open/", OpenView, name="open"),
+        path("admin/", AdminView, name="admin"),
+        path("nolink/", NoLoginUrlView, name="nolink"),
+    ]

plain_auth-0.14.0/tests/app/users/migrations/0001_initial.py

@@ -0,0 +1,21 @@
+# Generated by Plain 0.21.5 on 2025-02-17 04:12
+
+from plain import models
+from plain.models import migrations
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = []
+
+    operations = [
+        migrations.CreateModel(
+            name="User",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True)),
+                ("username", models.CharField(max_length=255)),
+                ("is_admin", models.BooleanField(default=False)),
+            ],
+        ),
+    ]

plain_auth-0.14.0/tests/app/users/models.py

@@ -0,0 +1,7 @@
+from plain import models
+
+
+@models.register_model
+class User(models.Model):
+    username = models.CharField(max_length=255)
+    is_admin = models.BooleanField(default=False)

plain_auth-0.14.0/tests/test_views.py

@@ -0,0 +1,41 @@
+from plain.auth import get_user_model
+from plain.test import Client
+
+
+def test_login_required_redirect(db):
+    client = Client()
+    response = client.get("/protected/")
+    assert response.status_code == 302
+    assert response.url == "/login/?next=/protected/"
+
+
+def test_view_without_login_required(db):
+    client = Client()
+    response = client.get("/open/")
+    assert response.status_code == 200
+    assert response.content == b"open"
+    assert response.headers["Cache-Control"] == "private"
+
+
+def test_admin_required(db):
+    client = Client()
+    # login required first
+    assert client.get("/admin/").status_code == 302
+
+    user = get_user_model().objects.create(username="user")
+    client.force_login(user)
+    # not admin -> 404
+    assert client.get("/admin/").status_code == 404
+
+    user.is_admin = True
+    user.save()
+    # now admin -> success
+    resp = client.get("/admin/")
+    assert resp.status_code == 200
+    assert resp.content == b"admin"
+
+
+def test_no_login_url_forbidden(db):
+    client = Client()
+    response = client.get("/nolink/")
+    assert response.status_code == 403