apicrud.auth

class apicrud.auth.AuthTOTP

TOTP for Session Authorization

Functions for generating, registering and validating Time-based One Time Password tokens

class apicrud.auth.LocalUser(func_send=None)

Manage local user accounts

Parameters

func_send (function) – name of function for sending message

change_password(uid, new_password, reset_token, old_password=None, verify_password=None)

Update a user’s password, applying complexity rules; must specify either the old password or a reset token

Parameters
  • uid (str) – User ID

  • new_password (str) – the new passphrase

  • reset_token (str) – a token retrieved from Confirmation.request

  • old_password (str) – the old passphrase

Returns

dict with account_id/uid/username, http response

Return type

tuple

forgot_password(identity, username, template='password_reset')

Trigger Confirmation.request; specify either the username or email address

Parameters
  • identity (str) – account’s primary identity, usually an email

  • username (str) – account’s username

  • template (str) – template for message (confirming new user)

Returns

the Confirmation.request dict and http response

Return type

tuple

register(identity, username, name, template='confirm_new', picture=None)

Register a new account: create related records in database and send confirmation token to new user

TODO caller still has to invoke account-create function to generate record in accounts table

Parameters
  • identity (str) – account’s primary identity, usually an email

  • username (str) – account’s username

  • name (str) – name

  • picture (url) – URL of an avatar / photo

  • template (str) – template for message (confirming new user)

Returns

the Confirmation.request dict and http response

Return type

tuple

class apicrud.auth.OAuth2(func_send=None, roles_from=None)

OAuth2 for Session Authorization

Parameters
  • func_send (function) – name of function for sending message

  • roles_from (obj) – model for which to look up authorizations

callback(method, code=None, state=None)

Callback from 3rd-party OAuth2 provider auth

Parse the response, look up the account based on email address, and pass control to SessionAuth._login_accepted

Parameters
  • method (str) – provider name, such as google

  • code (str) – validation code from provider

  • state (str) – provider state

Modules

apicrud.auth.local_func

local_func

apicrud.auth.local_user

local_user

apicrud.auth.oauth2

oauth2

apicrud.auth.oauth2_func

oauth2_func

apicrud.auth.totp

totp

apicrud.auth.totp_func

totp_func