plain.auth 0.22.0__py3-none-any.whl → 0.23.0__py3-none-any.whl

plain/auth/CHANGELOG.md

@@ -1,5 +1,18 @@
 # plain-auth changelog
 
+## [0.23.0](https://github.com/dropseed/plain/releases/plain-auth@0.23.0) (2026-01-13)
+
+### What's changed
+
+- HTTP exception classes renamed to include `Error` suffix and status code: `PermissionDenied` → `ForbiddenError403`, `Http404` → `NotFoundError404` ([5a1f020](https://github.com/dropseed/plain/commit/5a1f020f52))
+- Response classes renamed: `ResponseRedirect` → `RedirectResponse` ([fad5bf2](https://github.com/dropseed/plain/commit/fad5bf28b0))
+
+### Upgrade instructions
+
+- Replace `PermissionDenied` with `ForbiddenError403` in any custom auth logic (e.g., `raise PermissionDenied("message")` becomes `raise ForbiddenError403("message")`)
+- Replace `Http404` with `NotFoundError404` if used in auth-related code
+- Replace `ResponseRedirect` with `RedirectResponse` if imported from `plain.http`
+
 ## [0.22.0](https://github.com/dropseed/plain/releases/plain-auth@0.22.0) (2025-11-24)
 
 ### What's changed

plain/auth/README.md

@@ -139,7 +139,7 @@ Use the [`AuthViewMixin`](./views.py#AuthViewMixin) to restrict views to logged-
 
 ```python
 from plain.auth.views import AuthViewMixin
-from plain.exceptions import PermissionDenied
+from plain.exceptions import ForbiddenError403
 from plain.views import View
 
 
@@ -156,7 +156,7 @@ class CustomPermissionView(AuthViewMixin, View):
     def check_auth(self):
         super().check_auth()
         if not self.user.is_special:
-            raise PermissionDenied("You're not special!")
+            raise ForbiddenError403("You're not special!")
 ```
 
 The [`AuthViewMixin`](./views.py#AuthViewMixin) provides:

plain/auth/views.py

@@ -4,12 +4,11 @@ from functools import cached_property
 from typing import Any
 from urllib.parse import urlparse, urlunparse
 
-from plain.exceptions import PermissionDenied
+from plain.exceptions import ForbiddenError403, NotFoundError404
 from plain.http import (
-    Http404,
     QueryDict,
+    RedirectResponse,
     ResponseBase,
-    ResponseRedirect,
 )
 from plain.runtime import settings
 from plain.sessions.views import SessionView
@@ -52,9 +51,9 @@ class AuthView(SessionView):
 
     def check_auth(self) -> None:
         """
-        Raises either LoginRequired or PermissionDenied.
+        Raises either LoginRequired or ForbiddenError403.
         - LoginRequired can specify a login_url and redirect_field_name
-        - PermissionDenied can specify a message
+        - ForbiddenError403 can specify a message
         """
         if not self.login_required and not self.admin_required:
             return None
@@ -70,14 +69,14 @@ class AuthView(SessionView):
                     # Impersonators should be able to view admin pages while impersonating.
                     # There's probably never a case where an impersonator isn't admin, but it can be configured.
                     if not impersonator.is_admin:
-                        raise PermissionDenied(
+                        raise ForbiddenError403(
                             "You do not have permission to access this page."
                         )
                     return
 
             if not self.user.is_admin:
                 # Show a 404 so we don't expose admin urls to non-admin users
-                raise Http404()
+                raise NotFoundError404()
 
     def get_response(self) -> ResponseBase:
         try:
@@ -103,7 +102,7 @@ class AuthView(SessionView):
                     e.redirect_field_name,
                 )
             else:
-                raise PermissionDenied("Login required")
+                raise ForbiddenError403("Login required")
 
         response = super().get_response()
 
@@ -115,14 +114,14 @@ class AuthView(SessionView):
 
 
 class LogoutView(View):
-    def post(self) -> ResponseRedirect:
+    def post(self) -> RedirectResponse:
         logout(self.request)
-        return ResponseRedirect("/")
+        return RedirectResponse("/")
 
 
 def redirect_to_login(
     next: str, login_url: str | None = None, redirect_field_name: str = "next"
-) -> ResponseRedirect:
+) -> RedirectResponse:
     """
     Redirect the user to the login page, passing the given 'next' page.
     """
@@ -134,4 +133,4 @@ def redirect_to_login(
         querystring[redirect_field_name] = next
         login_url_parts[4] = querystring.urlencode(safe="/")
 
-    return ResponseRedirect(str(urlunparse(login_url_parts)))
+    return RedirectResponse(str(urlunparse(login_url_parts)))

{plain_auth-0.22.0.dist-info → plain_auth-0.23.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plain.auth
-Version: 0.22.0
+Version: 0.23.0
 Summary: Add users to your app and decide what they can access.
 Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
 License-Expression: BSD-3-Clause
@@ -152,7 +152,7 @@ Use the [`AuthViewMixin`](./views.py#AuthViewMixin) to restrict views to logged-
 
 ```python
 from plain.auth.views import AuthViewMixin
-from plain.exceptions import PermissionDenied
+from plain.exceptions import ForbiddenError403
 from plain.views import View
 
 
@@ -169,7 +169,7 @@ class CustomPermissionView(AuthViewMixin, View):
     def check_auth(self):
         super().check_auth()
         if not self.user.is_special:
-            raise PermissionDenied("You're not special!")
+            raise ForbiddenError403("You're not special!")
 ```
 
 The [`AuthViewMixin`](./views.py#AuthViewMixin) provides:

{plain_auth-0.22.0.dist-info → plain_auth-0.23.0.dist-info}/RECORD

@@ -1,5 +1,5 @@
-plain/auth/CHANGELOG.md,sha256=exRD-vtzfuTTesjNgJuLkh0RO6XtDV1pMv-To_f_Yas,7600
-plain/auth/README.md,sha256=I1SeOyrBnF0GAjD7T0k5OlZ2bSHz9---nElinaobewc,4030
+plain/auth/CHANGELOG.md,sha256=5Qmh-kOTzUDAuT7ncQs2L6PGsmGh7ToBlwZQE1ZBlUg,8413
+plain/auth/README.md,sha256=397DaiamLW8JHoVwNrrIO8NAgRS9jWOdeAZB_Oq135A,4032
 plain/auth/__init__.py,sha256=CrOsS74CPGN1nPTTfie13mPgdyVLRyZ1YwDPIA77uaA,179
 plain/auth/default_settings.py,sha256=65VzDn3j61OMn78Lg6Zuds4A8QKzJJ_0G9KoFqAOIRo,466
 plain/auth/requests.py,sha256=jUlMTOWFt0qfDF_uVkOqaP9rZiCLrAofsmirCwyRGEE,880
@@ -7,8 +7,8 @@ plain/auth/sessions.py,sha256=xDp1EiB0cV5w3L5XioqO8vs77wnF8cvreExms3-e744,6015
 plain/auth/templates.py,sha256=CVtuIdBgOgYB2o61zpOPJb6nMx_gU61i_3PDQx8FjVs,770
 plain/auth/test.py,sha256=SHawhwarJEMVfaLkjpiuFVSWZoGIMwhzXreU_T1zvCE,1599
 plain/auth/utils.py,sha256=9kKWh1QqxA8Esct-jBvTCdjBYOHpO_Tg1YeV9WxYmxg,1362
-plain/auth/views.py,sha256=5R3DxMil3j7iStomFH4GcJNG-m-YZzYgCS6UMdi2YjY,4924
-plain_auth-0.22.0.dist-info/METADATA,sha256=j3q9wOhxWj9yxMk4qTHOv18HtYRN97lOIJngoq-dy74,4423
-plain_auth-0.22.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-plain_auth-0.22.0.dist-info/licenses/LICENSE,sha256=m0D5O7QoH9l5Vz_rrX_9r-C8d9UNr_ciK6Qwac7o6yo,3175
-plain_auth-0.22.0.dist-info/RECORD,,
+plain/auth/views.py,sha256=zQO0LFioYIv35xXe1RBx77MLIJjog1neuX7aIT0wLhE,4943
+plain_auth-0.23.0.dist-info/METADATA,sha256=8CCcWoKfBjxlFTsykBTgexSgSqDSvoUR8ZnHONQBdwg,4425
+plain_auth-0.23.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+plain_auth-0.23.0.dist-info/licenses/LICENSE,sha256=m0D5O7QoH9l5Vz_rrX_9r-C8d9UNr_ciK6Qwac7o6yo,3175
+plain_auth-0.23.0.dist-info/RECORD,,

{plain_auth-0.22.0.dist-info → plain_auth-0.23.0.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: hatchling 1.27.0
+Generator: hatchling 1.28.0
 Root-Is-Purelib: true
 Tag: py3-none-any