你项目的安全界面
security-interface的Python项目详细描述
安全接口
这个库为身份验证和授权提供了简单的api。
安装
使用以下命令安装:
$ pip install security_interface
使用量
首先需要实现IdentityPolicyInterface 以及AuthorizationPolicyInterface接口。例如,我们可以实现jwt安全性:
import jwt
from security_interface import IdentityPolicyInterface, AuthorizationPolicyInterface
class JwtIdentityPolicy(IdentityPolicyInterface):
def __init__(self, secret, algorithm="HS256"):
self.algorithm = algorithm
self.secret = secret
async def identify(self, identity):
if jwt is None:
raise TypeError("Please install PyJWT")
try:
return jwt.decode(
identity,
self.secret,
algorithms=[self.algorithm],
options={"verify_exp": True, "verify_iat": True},
)
except Exception as e:
return None
class JwtAuthPolicy(AuthorizationPolicyInterface):
async def can(self, identity, permission):
return permission in identity["scope"]
使用我们的实现创建安全实例
from security_interface.api import Security
jwt_identity = JwtIdentityPolicy("SECRET")
jwt_auth_policy = JwtAuthPolicy()
security = Security(jwt_identity, jwt_auth_policy)
# Checking claim
security.identify(CLAIM)
# Checking permission
security.can(CLAIM, "read")
security.can(CLAIM, "write")
有关完整实现,请参见DEMO
欢迎加入QQ群-->: 979659372
