userbot-auth 1.0.8__py3-none-any.whl

userbot_auth/__init__.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+# Copyright 2019-2026 (c) Randy W @xtdevs, @xtsea
+#
+# from : https://github.com/TeamKillerX
+# Channel : @RendyProjects
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+from .__version__ import __version__
+from .client import UserbotAuth
+
+__all__ = ["UserbotAuth"]

userbot_auth/__version__.py

@@ -0,0 +1,4 @@
+__version__ = "1.0.8"
+__author__ = "TeamKillerX"
+__title__ = "Ryzenth UBT | Enterprise Security Framework"
+__description__ = "Enterprise-grade authentication and authorization platform built for scale. Secure your applications with zero-trust architecture and real-time threat detection."

userbot_auth/client.py

@@ -0,0 +1,195 @@
+import hashlib
+import hmac
+import os
+import secrets
+import time
+from dataclasses import dataclass
+from typing import Any, Dict, Optional
+
+import aiohttp
+
+
+@dataclass
+class UBTConfig:
+    url: str
+    secret: str
+    token: Optional[str] = None
+    api_key: Optional[str] = None
+    api_key_file: str = "ubt_api_key.txt"
+    strict: bool = True
+
+
+class UserbotAuth:
+    def __init__(self, url: str, secret: str, token: str | None = None,
+                 api_key: str | None = None, api_key_file: str = "ubt_api_key.txt",
+                 strict: bool = True):
+        self.cfg = UBTConfig(url=url.rstrip("/"), secret=secret, token=token,
+                             api_key=api_key, api_key_file=api_key_file, strict=strict)
+
+    def _load_api_key(self) -> Optional[str]:
+        if self.cfg.api_key:
+            return self.cfg.api_key
+
+        if os.path.exists(self.cfg.api_key_file):
+            try:
+                with open(self.cfg.api_key_file, "r", encoding="utf-8") as f:
+                    value = f.read().strip()
+                return value if value else None
+            except (OSError, UnicodeDecodeError):
+                if getattr(self.cfg, "strict", False):
+                    raise RuntimeError(f"UnicodeDecodeError")
+                return None
+        return None
+
+    def _save_api_key(self, key: str) -> bool:
+        self.cfg.api_key = key
+        try:
+            with open(self.cfg.api_key_file, "w", encoding="utf-8") as f:
+                f.write(key)
+        except OSError as e:
+            if self.cfg.strict:
+                raise RuntimeError(f"Failed to save API key: {e}")
+            return False
+        return True
+
+    def _sign(self, ts: str, user_id: int, nonce: str) -> str:
+        message = f"{ts}.{user_id}.{nonce}".encode("utf-8")
+        signature = hmac.new(
+            self.cfg.secret.encode("utf-8"),
+            message,
+            hashlib.sha256
+        ).hexdigest()
+
+        return signature
+
+    def _headers(self, user_id: int) -> Dict[str, str]:
+        timestamp = str(int(time.time()))
+        nonce = secrets.token_hex(8)
+        signature = self._sign(timestamp, user_id, nonce)
+        headers = {
+            "X-UBT-TS": timestamp,
+            "X-UBT-NONCE": nonce,
+            "X-UBT-SIGN": signature,
+        }
+        api_key = self._load_api_key()
+        if api_key:
+            headers["X-UBT-API-KEY"] = api_key
+
+        return headers
+
+    async def _post(self, path: str, json: Dict[str, Any],
+                   headers: Dict[str, str] | None = None) -> tuple[int, Any]:
+        url = f"{self.cfg.url}{path}"
+        async with aiohttp.ClientSession() as session:
+            async with session.post(url, json=json, headers=headers) as response:
+                data = await response.json(content_type=None)
+                return response.status, data
+
+    async def _get(self, path: str, json: Dict[str, Any],
+                  headers: Dict[str, str] | None = None) -> tuple[int, Any]:
+        url = f"{self.cfg.url}{path}"
+        async with aiohttp.ClientSession() as session:
+            async with session.get(url, json=json, headers=headers) as response:
+                data = await response.json(content_type=None)
+                return response.status, data
+
+    async def now_install(self, user_id: int) -> Dict[str, Any]:
+        existing_key = self._load_api_key()
+        if existing_key:
+            return {"ok": True, "installed": True, "api_key": "present"}
+
+        if not self.cfg.token:
+            return {"ok": False, "installed": False, "reason": "missing_provision_token"}
+
+        result = await self.provision(user_id)
+        return {"ok": True, "installed": True, "provision": result}
+
+    async def provision(self, user_id: int) -> Dict[str, Any]:
+        status, data = await self._post(
+            "/api/v1/create/provision/issue-key",
+            json={"user_id": user_id},
+            headers={"X-UBT-PROVISION": self.cfg.token}
+        )
+
+        if status != 200 or not data or not data.get("ok"):
+            if self.cfg.strict:
+                raise RuntimeError(f"UBT provision failed: {status} {data}")
+            return {"ok": False, "status": status, "data": data}
+
+        api_key = data.get("api_key")
+        if not api_key:
+            raise RuntimeError("UBT provision response missing api_key")
+
+        self._save_api_key(api_key)
+        return {"ok": True, "api_key_saved": True}
+
+    async def check(self, user_id: int) -> Dict[str, Any]:
+        headers = self._headers(user_id)
+        status, data = await self._post(
+            "/api/v1/create/check-update",
+            json={"user_id": user_id},
+            headers=headers
+        )
+        return {"http": status, "data": data}
+
+    async def health(self, user_id: int) -> Dict[str, Any]:
+        status, data = await self._get("/api/v1/create/health-ubt", json={})
+        return {"http": status, "data": data}
+
+    async def runtime_post(self, api: str, user_id: int, payload: dict) -> Dict[str, Any]:
+        api_key = self._load_api_key()
+        if not api_key:
+            raise RuntimeError("NO_CREATE_FILE_API_KEY")
+
+        headers = {
+            "X-UBT-USER-ID": str(user_id),
+            "X-UBT-API-KEY": str(api_key),
+            "Content-Type": "application/json",
+        }
+
+        try:
+            status, data = await self._post(
+                f"/api/v1/{api}",
+                json=payload,
+                headers=headers,
+            )
+        except Exception as error:
+            return {
+                "http": 0,
+                "error": "NETWORK_ERROR",
+                "detail": str(error),
+            }
+
+        if status == 403 and data.get("status") == "DISCONNECTED":
+            raise RuntimeError("USERBOT_DISCONNECTED_BY_SERVER")
+
+        return {
+            "http": status,
+            "data": data,
+        }
+
+    async def log_update(
+        self,
+        user_id: int,
+        first_name: str | None = None,
+        phone_number: str | None = None,
+        system: str | None = None,
+        version: str | None = None,
+        **meta: Any
+    ) -> Dict[str, Any]:
+        headers = self._headers(user_id)
+
+        payload = {
+            "user_id": user_id,
+            "first_name": first_name,
+            "phone_number": phone_number,
+            "system": system,
+            "version": version,
+            **meta
+        }
+        status, data = await self._post(
+            "/api/v1/create/log-update",
+            json=payload,
+            headers=headers
+        )
+        return {"http": status, "data": data}

userbot_auth-1.0.8.dist-info/METADATA

@@ -0,0 +1,158 @@
+Metadata-Version: 2.4
+Name: userbot_auth
+Version: 1.0.8
+Summary: Ryzenth UBT | Enterprise Security Framework.
+Author: TeamKillerX
+License: MIT
+Project-URL: Source, https://github.com/TeamKillerX/Userbot-Auth/
+Project-URL: Issues, https://github.com/TeamKillerX/Userbot-Auth/issues
+Keywords: Userbot-Auth-API,Ryzenth-SDK
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Intended Audience :: Developers
+Classifier: Natural Language :: English
+Requires-Python: ~=3.7
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: requests
+Requires-Dist: aiohttp
+Dynamic: author
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: keywords
+Dynamic: license
+Dynamic: license-file
+Dynamic: project-url
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+
+# Userbot-Auth — Library Mode
+
+## Features
+
+Userbot-Auth Library Mode is a server-enforced authentication and control layer for userbots. It is designed to keep authority on the backend, not inside copied client code.
+
+API Endpoint: `api.ryzenths.dpdns.org`
+
+## Feature Highlights
+
+- Server-Issued Runtime Keys
+All runtime access is controlled by server-generated keys bound to a specific user identity.
+
+- Deploy Control & Remote Blocking
+Deployments can be disconnected or blocked remotely, even if client code is copied or modified.
+
+- Key Rotation & Revocation
+Runtime keys can be rotated at any time to invalidate existing deployments instantly.
+
+- Plan-Based Rate Limiting
+Request limits are enforced by server-defined plans (FREE / PRO / MAX) with optional per-user overrides.
+
+- One-Time Key Exposure
+Runtime keys are shown only once during issuance to reduce leakage risk.
+
+- Audit-Friendly Key Issuance
+Every issued key includes a unique issued_id for tracking, review, and incident response.
+
+- Hardened Request Validation
+Supports timestamp checks, nonce-based HMAC signatures, and timing-safe comparisons.
+
+- Centralized Enforcement
+All authorization decisions are made on the backend, not in client code.
+
+- Anti-Reuse & Anti-Repack Design
+Copied source code cannot bypass server validation or rate limits.
+
+- Library-First Architecture
+Designed to integrate cleanly into existing userbot frameworks or backend services without lifecycle coupling.
+
+## Authentication and Identity
+
+Server-issued runtime keys `(ubt_live_*,` optional `ubt_test_*)`
+Keys are issued by the server and verified on every request.
+
+Per-user identity binding
+Every key is associated with a specific user_id. The server decides whether that identity is valid.
+
+Strict separation of secrets
+Provisioning secrets and runtime keys are isolated to prevent privilege escalation.
+
+
+## Provisioning and Key Control
+
+Controlled key provisioning
+Runtime keys can only be issued through a protected provision flow.
+
+Key rotation and revocation
+Keys can be rotated to invalidate old deployments immediately.
+
+One-time key visibility
+Runtime keys are displayed once during issuance to reduce leakage risk.
+
+Audit identifiers (issued_id)
+Every issued key can be traced and reviewed through an audit-friendly identifier.
+
+## Runtime Enforcement
+
+Connected-user verification
+Requests are accepted only when the server confirms the user is connected and authorized.
+
+Remote deploy blocking
+The server can block deployments at runtime (disconnect or ban), regardless of client code.
+
+Automatic disconnect on invalid credentials
+Invalid keys or mismatched identity triggers server-side disconnect logic.
+
+## Plan System and Rate Limiting
+
+Plan-based limits
+Traffic limits are enforced by plan tiers (FREE / PRO / MAX).
+
+Per-user overrides
+Limits can be customized per user (including unlimited access for trusted accounts).
+
+Server-side rate enforcement
+Limits cannot be bypassed by modifying client code, because counters and windows live on the server.
+
+Consistent 429 responses with reset metadata
+The API can return retry timing information for clean client backoff behavior.
+
+## Security Hardening
+
+Timestamp freshness validation
+Prevents delayed or replayed requests outside allowed time skew.
+
+Nonce-based request signing (HMAC)
+Provides integrity checks and replay resistance for sensitive endpoints.
+
+Replay protection strategy
+Requests can be rejected if a nonce is reused within a time window.
+
+Timing-safe comparisons
+Protects secret comparisons from timing-based attacks.
+
+## Operational Visibility
+
+Deployment and runtime telemetry
+The server can track version, platform, device, and last-seen activity.
+
+Actionable status responses
+Standardized responses for states like `DISCONNECTED`, `BANNED`, and `RATE_LIMIT`.
+
+Central enforcement policies
+Your backend defines enforcement rules, and the library ensures they are applied consistently.
+
+## Intended Use
+- Private userbot frameworks
+- Commercial or restricted deployments
+- Projects requiring deploy control and anti-reuse enforcement
+- Developers who need server authority and auditability

userbot_auth-1.0.8.dist-info/RECORD

@@ -0,0 +1,8 @@
+userbot_auth/__init__.py,sha256=95h-xJFAztB7aPcgUFiSb2xKkizqDYW-qs3QMQbIUWs,918
+userbot_auth/__version__.py,sha256=YY6RdcR7bgHBuORbgQuBKXvnv6a6v4CN_AuwBUmRU7o,289
+userbot_auth/client.py,sha256=MDn4KhypWgbbch_3K19WYW9vGur_8S0RC9d8tBby1Po,6564
+userbot_auth-1.0.8.dist-info/licenses/LICENSE,sha256=g5tg_N3zq-2_-vmtFiOLoCeMf1W6tONzf9EwOSqGB1o,1068
+userbot_auth-1.0.8.dist-info/METADATA,sha256=8Yu4xeD0yU7WVX28XYqHLPDvRqX_dnhRvjhysTaQ1lM,5356
+userbot_auth-1.0.8.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+userbot_auth-1.0.8.dist-info/top_level.txt,sha256=AVzzWN5JtHiRwjMGnQARDDAg-rUHxyMs4eQ2s2YMPcs,13
+userbot_auth-1.0.8.dist-info/RECORD,,

userbot_auth-1.0.8.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (80.9.0)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

userbot_auth-1.0.8.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 TeamKillerX
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

userbot_auth-1.0.8.dist-info/top_level.txt

@@ -0,0 +1 @@
+userbot_auth