the37lab-authlib 0.1.1750952955__tar.gz → 0.1.1751369506__tar.gz

{the37lab_authlib-0.1.1750952955 → the37lab_authlib-0.1.1751369506}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: the37lab_authlib
-Version: 0.1.1750952955
+Version: 0.1.1751369506
 Summary: Python SDK for the Authlib
 Author-email: the37lab <info@the37lab.com>
 Classifier: Programming Language :: Python :: 3
@@ -39,6 +39,9 @@ A Python authentication library that provides JWT, OAuth2, and API token authent
     - [Setup](#setup)
     - [Database Setup](#database-setup)
     - [Running Tests](#running-tests)
+  - [API Token Override for Testing](#api-token-override-for-testing)
+    - [Usage](#usage)
+    - [Warning](#warning)
 
 ## Installation
 
@@ -54,6 +57,7 @@ from authlib import AuthManager
 
 app = Flask(__name__)
 
+# Option 1: Explicit configuration
 auth = AuthManager(
     app=app,
     db_dsn="postgresql://user:pass@localhost/dbname",
@@ -66,6 +70,11 @@ auth = AuthManager(
     }
 )
 
+# Option 2: Use environment variables with a prefix (e.g., AMPA_)
+# This will load:
+#   AMPA_DATABASE_URL, AMPA_JWT_SECRET, AMPA_GOOGLE_CLIENT_ID, AMPA_GOOGLE_CLIENT_SECRET
+# auth = AuthManager(app=app, environment_prefix="AMPA")
+
 @app.route("/protected")
 @auth.require_auth(roles=["admin"])
 def protected_route():
@@ -96,6 +105,7 @@ public using the `@auth.public_endpoint` decorator or
 - `oauth_config`: Dictionary of OAuth provider configurations (see below)
 - `token_expiry`: JWT token expiry time in seconds (default: 3600)
 - `refresh_token_expiry`: Refresh token expiry time in seconds (default: 2592000)
+- `environment_prefix`: If set, loads all configuration from environment variables with this prefix (e.g., `AMPA_DATABASE_URL`, `AMPA_JWT_SECRET`, `AMPA_GOOGLE_CLIENT_ID`, `AMPA_GOOGLE_CLIENT_SECRET`). Overrides other config if set.
 
 #### Example `oauth_config`:
 ```python
@@ -204,3 +214,22 @@ python -m authlib.cli db init
 ```bash
 pytest
 ```
+
+## API Token Override for Testing
+
+For testing purposes, you can bypass the database and provide a static mapping of API tokens to usernames using the `api_tokens` argument to `AuthManager` or the `{PREFIX}API_TOKENS` environment variable.
+
+### Usage
+
+- **Constructor argument:**
+  ```python
+  AuthManager(api_tokens={"token1": "user1", "token2": "user2"})
+  ```
+- **Environment variable:**
+  Set `{PREFIX}API_TOKENS` to a comma-separated list of `token:username` pairs, e.g.:
+  ```
+  export MYAPP_API_TOKENS="token1:user1,token2:user2"
+  ```
+  Replace `MYAPP` with your environment prefix.
+
+**Warning:** This method is intended only for testing and development. Do not use this approach in production environments.

{the37lab_authlib-0.1.1750952955 → the37lab_authlib-0.1.1751369506}/README.md

@@ -22,6 +22,9 @@ A Python authentication library that provides JWT, OAuth2, and API token authent
     - [Setup](#setup)
     - [Database Setup](#database-setup)
     - [Running Tests](#running-tests)
+  - [API Token Override for Testing](#api-token-override-for-testing)
+    - [Usage](#usage)
+    - [Warning](#warning)
 
 ## Installation
 
@@ -37,6 +40,7 @@ from authlib import AuthManager
 
 app = Flask(__name__)
 
+# Option 1: Explicit configuration
 auth = AuthManager(
     app=app,
     db_dsn="postgresql://user:pass@localhost/dbname",
@@ -49,6 +53,11 @@ auth = AuthManager(
     }
 )
 
+# Option 2: Use environment variables with a prefix (e.g., AMPA_)
+# This will load:
+#   AMPA_DATABASE_URL, AMPA_JWT_SECRET, AMPA_GOOGLE_CLIENT_ID, AMPA_GOOGLE_CLIENT_SECRET
+# auth = AuthManager(app=app, environment_prefix="AMPA")
+
 @app.route("/protected")
 @auth.require_auth(roles=["admin"])
 def protected_route():
@@ -79,6 +88,7 @@ public using the `@auth.public_endpoint` decorator or
 - `oauth_config`: Dictionary of OAuth provider configurations (see below)
 - `token_expiry`: JWT token expiry time in seconds (default: 3600)
 - `refresh_token_expiry`: Refresh token expiry time in seconds (default: 2592000)
+- `environment_prefix`: If set, loads all configuration from environment variables with this prefix (e.g., `AMPA_DATABASE_URL`, `AMPA_JWT_SECRET`, `AMPA_GOOGLE_CLIENT_ID`, `AMPA_GOOGLE_CLIENT_SECRET`). Overrides other config if set.
 
 #### Example `oauth_config`:
 ```python
@@ -187,3 +197,22 @@ python -m authlib.cli db init
 ```bash
 pytest
 ```
+
+## API Token Override for Testing
+
+For testing purposes, you can bypass the database and provide a static mapping of API tokens to usernames using the `api_tokens` argument to `AuthManager` or the `{PREFIX}API_TOKENS` environment variable.
+
+### Usage
+
+- **Constructor argument:**
+  ```python
+  AuthManager(api_tokens={"token1": "user1", "token2": "user2"})
+  ```
+- **Environment variable:**
+  Set `{PREFIX}API_TOKENS` to a comma-separated list of `token:username` pairs, e.g.:
+  ```
+  export MYAPP_API_TOKENS="token1:user1,token2:user2"
+  ```
+  Replace `MYAPP` with your environment prefix.
+
+**Warning:** This method is intended only for testing and development. Do not use this approach in production environments.

{the37lab_authlib-0.1.1750952955 → the37lab_authlib-0.1.1751369506}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "the37lab_authlib"
-version = "0.1.1750952955"
+version = "0.1.1751369506"
 description = "Python SDK for the Authlib"
 authors = [{name = "the37lab", email = "info@the37lab.com"}]
 dependencies = ["flask", "psycopg2-binary", "pyjwt", "python-dotenv", "requests", "authlib", "bcrypt"]

{the37lab_authlib-0.1.1750952955 → the37lab_authlib-0.1.1751369506}/src/the37lab_authlib/auth.py

@@ -16,7 +16,29 @@ logging.basicConfig(level=logging.DEBUG)
 logger = logging.getLogger(__name__)
 
 class AuthManager:
-    def __init__(self, app=None, db_dsn=None, jwt_secret=None, oauth_config=None, id_type='integer'):
+    def __init__(self, app=None, db_dsn=None, jwt_secret=None, oauth_config=None, id_type='integer', environment_prefix=None, api_tokens=None):
+        if environment_prefix:
+            prefix = environment_prefix.upper() + '_'
+            db_dsn = os.getenv(f'{prefix}DATABASE_URL')
+            jwt_secret = os.getenv(f'{prefix}JWT_SECRET')
+            google_client_id = os.getenv(f'{prefix}GOOGLE_CLIENT_ID')
+            google_client_secret = os.getenv(f'{prefix}GOOGLE_CLIENT_SECRET')
+            oauth_config = {}
+            if google_client_id and google_client_secret:
+                oauth_config['google'] = {
+                    'client_id': google_client_id,
+                    'client_secret': google_client_secret
+                }
+            api_tokens_env = os.getenv(f'{prefix}API_TOKENS')
+            if api_tokens_env:
+                api_tokens = {}
+                for entry in api_tokens_env.split(','):
+                    if ':' in entry:
+                        key, user = entry.split(':', 1)
+                        api_tokens[key.strip()] = user.strip()
+        if api_tokens and db_dsn:
+            raise ValueError('Cannot set both api_tokens and db_dsn')
+        self.api_tokens = api_tokens or None
         self.db = Database(db_dsn, id_type=id_type) if db_dsn else None
         self.jwt_secret = jwt_secret
         self.oauth_config = oauth_config or {}
@@ -49,6 +71,18 @@ class AuthManager:
         return redirect_uri
 
     def _validate_api_token(self, api_token):
+        if self.api_tokens is not None:
+            username = self.api_tokens.get(api_token)
+            if not username:
+                raise AuthError('Invalid API token')
+            # Return a minimal user dict
+            return {
+                'id': username,
+                'username': username,
+                'email': '',
+                'real_name': username,
+                'roles': []
+            }
         try:
             parsed = ApiToken.parse_token(api_token)
             with self.db.get_cursor() as cur:

{the37lab_authlib-0.1.1750952955 → the37lab_authlib-0.1.1751369506}/src/the37lab_authlib.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: the37lab_authlib
-Version: 0.1.1750952955
+Version: 0.1.1751369506
 Summary: Python SDK for the Authlib
 Author-email: the37lab <info@the37lab.com>
 Classifier: Programming Language :: Python :: 3
@@ -39,6 +39,9 @@ A Python authentication library that provides JWT, OAuth2, and API token authent
     - [Setup](#setup)
     - [Database Setup](#database-setup)
     - [Running Tests](#running-tests)
+  - [API Token Override for Testing](#api-token-override-for-testing)
+    - [Usage](#usage)
+    - [Warning](#warning)
 
 ## Installation
 
@@ -54,6 +57,7 @@ from authlib import AuthManager
 
 app = Flask(__name__)
 
+# Option 1: Explicit configuration
 auth = AuthManager(
     app=app,
     db_dsn="postgresql://user:pass@localhost/dbname",
@@ -66,6 +70,11 @@ auth = AuthManager(
     }
 )
 
+# Option 2: Use environment variables with a prefix (e.g., AMPA_)
+# This will load:
+#   AMPA_DATABASE_URL, AMPA_JWT_SECRET, AMPA_GOOGLE_CLIENT_ID, AMPA_GOOGLE_CLIENT_SECRET
+# auth = AuthManager(app=app, environment_prefix="AMPA")
+
 @app.route("/protected")
 @auth.require_auth(roles=["admin"])
 def protected_route():
@@ -96,6 +105,7 @@ public using the `@auth.public_endpoint` decorator or
 - `oauth_config`: Dictionary of OAuth provider configurations (see below)
 - `token_expiry`: JWT token expiry time in seconds (default: 3600)
 - `refresh_token_expiry`: Refresh token expiry time in seconds (default: 2592000)
+- `environment_prefix`: If set, loads all configuration from environment variables with this prefix (e.g., `AMPA_DATABASE_URL`, `AMPA_JWT_SECRET`, `AMPA_GOOGLE_CLIENT_ID`, `AMPA_GOOGLE_CLIENT_SECRET`). Overrides other config if set.
 
 #### Example `oauth_config`:
 ```python
@@ -204,3 +214,22 @@ python -m authlib.cli db init
 ```bash
 pytest
 ```
+
+## API Token Override for Testing
+
+For testing purposes, you can bypass the database and provide a static mapping of API tokens to usernames using the `api_tokens` argument to `AuthManager` or the `{PREFIX}API_TOKENS` environment variable.
+
+### Usage
+
+- **Constructor argument:**
+  ```python
+  AuthManager(api_tokens={"token1": "user1", "token2": "user2"})
+  ```
+- **Environment variable:**
+  Set `{PREFIX}API_TOKENS` to a comma-separated list of `token:username` pairs, e.g.:
+  ```
+  export MYAPP_API_TOKENS="token1:user1,token2:user2"
+  ```
+  Replace `MYAPP` with your environment prefix.
+
+**Warning:** This method is intended only for testing and development. Do not use this approach in production environments.