PyPI - the37lab-authlib - Versions diffs - 0.1.1751369506__tar.gz → 0.1.1755164205__tar.gz - Mend

the37lab-authlib 0.1.1751369506tar.gz → 0.1.1755164205tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of the37lab-authlib might be problematic. Click here for more details.

Files changed (15) hide show

{the37lab_authlib-0.1.1751369506 → the37lab_authlib-0.1.1755164205}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: the37lab_authlib
-Version: 0.1.1751369506
+Version: 0.1.1755164205
 Summary: Python SDK for the Authlib
 Author-email: the37lab <info@the37lab.com>
 Classifier: Programming Language :: Python :: 3
@@ -42,6 +42,9 @@ A Python authentication library that provides JWT, OAuth2, and API token authent
   - [API Token Override for Testing](#api-token-override-for-testing)
     - [Usage](#usage)
     - [Warning](#warning)
+  - [User Override for Testing](#user-override-for-testing)
+    - [Usage](#usage-1)
+    - [Warning](#warning-1)
 ## Installation
@@ -233,3 +236,15 @@ For testing purposes, you can bypass the database and provide a static mapping o
   Replace `MYAPP` with your environment prefix.
 **Warning:** This method is intended only for testing and development. Do not use this approach in production environments.
+## User Override for Testing
+For testing purposes, you can force all authentication to return a specific user by setting the `{PREFIX}USER_OVERRIDE` environment variable:
+```bash
+export MYAPP_USER_OVERRIDE="testuser"
+```
+If set, all requests will be authenticated as the specified user, regardless of any tokens or credentials provided. This cannot be combined with `api_tokens` or `db_dsn`.
+**Warning:** This method is intended only for testing and development. Do not use this approach in production environments.

{the37lab_authlib-0.1.1751369506 → the37lab_authlib-0.1.1755164205}/README.md RENAMED Viewed

@@ -25,6 +25,9 @@ A Python authentication library that provides JWT, OAuth2, and API token authent
   - [API Token Override for Testing](#api-token-override-for-testing)
     - [Usage](#usage)
     - [Warning](#warning)
+  - [User Override for Testing](#user-override-for-testing)
+    - [Usage](#usage-1)
+    - [Warning](#warning-1)
 ## Installation
@@ -216,3 +219,15 @@ For testing purposes, you can bypass the database and provide a static mapping o
   Replace `MYAPP` with your environment prefix.
 **Warning:** This method is intended only for testing and development. Do not use this approach in production environments.
+## User Override for Testing
+For testing purposes, you can force all authentication to return a specific user by setting the `{PREFIX}USER_OVERRIDE` environment variable:
+```bash
+export MYAPP_USER_OVERRIDE="testuser"
+```
+If set, all requests will be authenticated as the specified user, regardless of any tokens or credentials provided. This cannot be combined with `api_tokens` or `db_dsn`.
+**Warning:** This method is intended only for testing and development. Do not use this approach in production environments.

{the37lab_authlib-0.1.1751369506 → the37lab_authlib-0.1.1755164205}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "the37lab_authlib"
-version = "0.1.1751369506"
+version = "0.1.1755164205"
 description = "Python SDK for the Authlib"
 authors = [{name = "the37lab", email = "info@the37lab.com"}]
 dependencies = ["flask", "psycopg2-binary", "pyjwt", "python-dotenv", "requests", "authlib", "bcrypt"]

{the37lab_authlib-0.1.1751369506 → the37lab_authlib-0.1.1755164205}/src/the37lab_authlib/auth.py RENAMED Viewed

@@ -11,12 +11,14 @@ import bcrypt
 import logging
 import os
 from functools import wraps
+from isodate import parse_duration
 logging.basicConfig(level=logging.DEBUG)
 logger = logging.getLogger(__name__)
 class AuthManager:
     def __init__(self, app=None, db_dsn=None, jwt_secret=None, oauth_config=None, id_type='integer', environment_prefix=None, api_tokens=None):
+        self.user_override = None
         if environment_prefix:
             prefix = environment_prefix.upper() + '_'
             db_dsn = os.getenv(f'{prefix}DATABASE_URL')
@@ -36,6 +38,15 @@ class AuthManager:
                     if ':' in entry:
                         key, user = entry.split(':', 1)
                         api_tokens[key.strip()] = user.strip()
+            user_override_env = os.getenv(f'{prefix}USER_OVERRIDE')
+            if user_override_env:
+                self.user_override = user_override_env
+        else:
+            prefix = ''
+        self.expiry_time = parse_duration(os.getenv(f'{prefix}JWT_TOKEN_EXPIRY_TIME', 'PT1H'))
+        if self.user_override and (api_tokens or db_dsn):
+            raise ValueError('Cannot set user_override together with api_tokens or db_dsn')
         if api_tokens and db_dsn:
             raise ValueError('Cannot set both api_tokens and db_dsn')
         self.api_tokens = api_tokens or None
@@ -131,6 +142,14 @@ class AuthManager:
             raise AuthError('Invalid token format')
     def _authenticate_request(self):
+        if self.user_override:
+            return {
+                'id': self.user_override,
+                'username': self.user_override,
+                'email': '',
+                'real_name': self.user_override,
+                'roles': []
+            }
         auth_header = request.headers.get('Authorization')
         api_token = request.headers.get('X-API-Token')
@@ -473,12 +492,12 @@ class AuthManager:
     def _create_token(self, user):
         payload = {
             'sub': str(user['id']),
-            'exp': datetime.utcnow() + timedelta(hours=1),
+            'exp': datetime.utcnow() + self.expiry_time,
             'iat': datetime.utcnow()
         }
         logger.debug(f"Creating token with payload: {payload}")
         token = jwt.encode(payload, self.jwt_secret, algorithm='HS256')
-        logger.debug(f"Created token: {token}")
+        logger.info(f"Created token: {token}")
         return token
     def _create_refresh_token(self, user):

{the37lab_authlib-0.1.1751369506 → the37lab_authlib-0.1.1755164205}/src/the37lab_authlib.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: the37lab_authlib
-Version: 0.1.1751369506
+Version: 0.1.1755164205
 Summary: Python SDK for the Authlib
 Author-email: the37lab <info@the37lab.com>
 Classifier: Programming Language :: Python :: 3
@@ -42,6 +42,9 @@ A Python authentication library that provides JWT, OAuth2, and API token authent
   - [API Token Override for Testing](#api-token-override-for-testing)
     - [Usage](#usage)
     - [Warning](#warning)
+  - [User Override for Testing](#user-override-for-testing)
+    - [Usage](#usage-1)
+    - [Warning](#warning-1)
 ## Installation
@@ -233,3 +236,15 @@ For testing purposes, you can bypass the database and provide a static mapping o
   Replace `MYAPP` with your environment prefix.
 **Warning:** This method is intended only for testing and development. Do not use this approach in production environments.
+## User Override for Testing
+For testing purposes, you can force all authentication to return a specific user by setting the `{PREFIX}USER_OVERRIDE` environment variable:
+```bash
+export MYAPP_USER_OVERRIDE="testuser"
+```
+If set, all requests will be authenticated as the specified user, regardless of any tokens or credentials provided. This cannot be combined with `api_tokens` or `db_dsn`.
+**Warning:** This method is intended only for testing and development. Do not use this approach in production environments.