你项目的安全界面
security-interface的Python项目详细描述
安全接口
这个库为身份验证和授权提供了简单的api。
安装
使用以下命令安装:
$ pip install security_interface
使用量
首先需要实现IdentityPolicyInterface 以及AuthorizationPolicyInterface接口。例如,我们可以实现jwt安全性:
import jwt from security_interface import IdentityPolicyInterface, AuthorizationPolicyInterface class JwtIdentityPolicy(IdentityPolicyInterface): def __init__(self, secret, algorithm="HS256"): self.algorithm = algorithm self.secret = secret async def identify(self, identity): if jwt is None: raise TypeError("Please install PyJWT") try: return jwt.decode( identity, self.secret, algorithms=[self.algorithm], options={"verify_exp": True, "verify_iat": True}, ) except Exception as e: return None class JwtAuthPolicy(AuthorizationPolicyInterface): async def can(self, identity, permission): return permission in identity["scope"]
使用我们的实现创建安全实例
from security_interface.api import Security
jwt_identity = JwtIdentityPolicy("SECRET")
jwt_auth_policy = JwtAuthPolicy()
security = Security(jwt_identity, jwt_auth_policy)
# Checking claim
security.identify(CLAIM)
# Checking permission
security.can(CLAIM, "read")
security.can(CLAIM, "write")
有关完整实现,请参见DEMO