PyPI - plain.auth - Versions diffs - 0.22.0__tar.gz → 0.24.0__tar.gz - Mend

plain.auth 0.22.0tar.gz → 0.24.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (21) hide show

{plain_auth-0.22.0 → plain_auth-0.24.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plain.auth
-Version: 0.22.0
+Version: 0.24.0
 Summary: Add users to your app and decide what they can access.
 Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
 License-Expression: BSD-3-Clause
@@ -152,7 +152,7 @@ Use the [`AuthViewMixin`](./views.py#AuthViewMixin) to restrict views to logged-
 ```python
 from plain.auth.views import AuthViewMixin
-from plain.exceptions import PermissionDenied
+from plain.http import ForbiddenError403
 from plain.views import View
@@ -169,7 +169,7 @@ class CustomPermissionView(AuthViewMixin, View):
     def check_auth(self):
         super().check_auth()
         if not self.user.is_special:
-            raise PermissionDenied("You're not special!")
+            raise ForbiddenError403("You're not special!")
 ```
 The [`AuthViewMixin`](./views.py#AuthViewMixin) provides:

{plain_auth-0.22.0 → plain_auth-0.24.0}/plain/auth/CHANGELOG.md RENAMED Viewed

@@ -1,5 +1,28 @@
 # plain-auth changelog
+## [0.24.0](https://github.com/dropseed/plain/releases/plain-auth@0.24.0) (2026-01-13)
+### What's changed
+- HTTP exceptions moved from `plain.exceptions` to `plain.http.exceptions` (exported via `plain.http`) ([b61f909](https://github.com/dropseed/plain/commit/b61f909e29))
+### Upgrade instructions
+- Update imports of HTTP exceptions from `plain.exceptions` to `plain.http` (e.g., `from plain.exceptions import ForbiddenError403` becomes `from plain.http import ForbiddenError403`)
+## [0.23.0](https://github.com/dropseed/plain/releases/plain-auth@0.23.0) (2026-01-13)
+### What's changed
+- HTTP exception classes renamed to include `Error` suffix and status code: `PermissionDenied` → `ForbiddenError403`, `Http404` → `NotFoundError404` ([5a1f020](https://github.com/dropseed/plain/commit/5a1f020f52))
+- Response classes renamed: `ResponseRedirect` → `RedirectResponse` ([fad5bf2](https://github.com/dropseed/plain/commit/fad5bf28b0))
+### Upgrade instructions
+- Replace `PermissionDenied` with `ForbiddenError403` in any custom auth logic (e.g., `raise PermissionDenied("message")` becomes `raise ForbiddenError403("message")`)
+- Replace `Http404` with `NotFoundError404` if used in auth-related code
+- Replace `ResponseRedirect` with `RedirectResponse` if imported from `plain.http`
 ## [0.22.0](https://github.com/dropseed/plain/releases/plain-auth@0.22.0) (2025-11-24)
 ### What's changed

{plain_auth-0.22.0 → plain_auth-0.24.0}/plain/auth/README.md RENAMED Viewed

@@ -139,7 +139,7 @@ Use the [`AuthViewMixin`](./views.py#AuthViewMixin) to restrict views to logged-
 ```python
 from plain.auth.views import AuthViewMixin
-from plain.exceptions import PermissionDenied
+from plain.http import ForbiddenError403
 from plain.views import View
@@ -156,7 +156,7 @@ class CustomPermissionView(AuthViewMixin, View):
     def check_auth(self):
         super().check_auth()
         if not self.user.is_special:
-            raise PermissionDenied("You're not special!")
+            raise ForbiddenError403("You're not special!")
 ```
 The [`AuthViewMixin`](./views.py#AuthViewMixin) provides:

{plain_auth-0.22.0 → plain_auth-0.24.0}/plain/auth/views.py RENAMED Viewed

@@ -4,12 +4,12 @@ from functools import cached_property
 from typing import Any
 from urllib.parse import urlparse, urlunparse
-from plain.exceptions import PermissionDenied
 from plain.http import (
-    Http404,
+    ForbiddenError403,
+    NotFoundError404,
     QueryDict,
+    RedirectResponse,
     ResponseBase,
-    ResponseRedirect,
 )
 from plain.runtime import settings
 from plain.sessions.views import SessionView
@@ -52,9 +52,9 @@ class AuthView(SessionView):
     def check_auth(self) -> None:
         """
-        Raises either LoginRequired or PermissionDenied.
+        Raises either LoginRequired or ForbiddenError403.
         - LoginRequired can specify a login_url and redirect_field_name
-        - PermissionDenied can specify a message
+        - ForbiddenError403 can specify a message
         """
         if not self.login_required and not self.admin_required:
             return None
@@ -70,14 +70,14 @@ class AuthView(SessionView):
                     # Impersonators should be able to view admin pages while impersonating.
                     # There's probably never a case where an impersonator isn't admin, but it can be configured.
                     if not impersonator.is_admin:
-                        raise PermissionDenied(
+                        raise ForbiddenError403(
                             "You do not have permission to access this page."
                         )
                     return
             if not self.user.is_admin:
                 # Show a 404 so we don't expose admin urls to non-admin users
-                raise Http404()
+                raise NotFoundError404()
     def get_response(self) -> ResponseBase:
         try:
@@ -103,7 +103,7 @@ class AuthView(SessionView):
                     e.redirect_field_name,
                 )
             else:
-                raise PermissionDenied("Login required")
+                raise ForbiddenError403("Login required")
         response = super().get_response()
@@ -115,14 +115,14 @@ class AuthView(SessionView):
 class LogoutView(View):
-    def post(self) -> ResponseRedirect:
+    def post(self) -> RedirectResponse:
         logout(self.request)
-        return ResponseRedirect("/")
+        return RedirectResponse("/")
 def redirect_to_login(
     next: str, login_url: str | None = None, redirect_field_name: str = "next"
-) -> ResponseRedirect:
+) -> RedirectResponse:
     """
     Redirect the user to the login page, passing the given 'next' page.
     """
@@ -134,4 +134,4 @@ def redirect_to_login(
         querystring[redirect_field_name] = next
         login_url_parts[4] = querystring.urlencode(safe="/")
-    return ResponseRedirect(str(urlunparse(login_url_parts)))
+    return RedirectResponse(str(urlunparse(login_url_parts)))

{plain_auth-0.22.0 → plain_auth-0.24.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "plain.auth"
-version = "0.22.0"
+version = "0.24.0"
 description = "Add users to your app and decide what they can access."
 authors = [{name = "Dave Gaeddert", email = "dave.gaeddert@dropseed.dev"}]
 readme = "README.md"