[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support to multiple authentication #901

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add support to multiple authentication #901

wants to merge 1 commit into from

Conversation

yomaaf
Copy link
Contributor
@yomaaf yomaaf commented Jul 20, 2024

Description

This PR fixes #708

Hello @sansyrox. This is a split PR for support for multiple authentication, however it does not include support for subrouter. Because, as previously explained. When decorating is called, it registers the route. So the authentication handler is not registered on the subrouter because the subrouter already register the route before the authentication handler is registered. I'll include support for the subrouter in the nested router PR. But it will require this PR merge first. So check out this PR first.

@vercel Vercel
Copy link
vercel bot commented Jul 20, 2024

@yomaaf is attempting to deploy a commit to the sparckles Team on Vercel.

A member of the Team first needs to authorize it.

@codspeed-hq CodSpeed HQ
Copy link
codspeed-hq bot commented Jul 20, 2024

CodSpeed Performance Report

Merging #901 will not alter performance

Comparing yomaaf:feature/multiple-authentication (eb30410) with main (1fb2a1f)

Summary

✅ 110 untouched benchmarks

🆕 16 new benchmarks

Benchmarks breakdown

Benchmark main yomaaf:feature/multiple-authentication Change
🆕 test_invalid_authentication_header_basic[async] N/A 4.7 ms N/A
🆕 test_invalid_authentication_header_basic[sync] N/A 4.7 ms N/A
🆕 test_invalid_authentication_header_bearer_2[async] N/A 4.7 ms N/A
🆕 test_invalid_authentication_header_bearer_2[sync] N/A 4.7 ms N/A
🆕 test_invalid_authentication_no_token_basic[async] N/A 4.7 ms N/A
🆕 test_invalid_authentication_no_token_basic[sync] N/A 4.7 ms N/A
🆕 test_invalid_authentication_no_token_bearer_2[async] N/A 4.7 ms N/A
🆕 test_invalid_authentication_no_token_bearer_2[sync] N/A 4.7 ms N/A
🆕 test_invalid_authentication_token_basic[async] N/A 4.7 ms N/A
🆕 test_invalid_authentication_token_basic[sync] N/A 4.7 ms N/A
🆕 test_invalid_authentication_token_bearer_2[async] N/A 4.7 ms N/A
🆕 test_invalid_authentication_token_bearer_2[sync] N/A 4.7 ms N/A
🆕 test_valid_authentication_basic[async] N/A 4.8 ms N/A
🆕 test_valid_authentication_basic[sync] N/A 4.8 ms N/A
🆕 test_valid_authentication_bearer_2[async] N/A 4.8 ms N/A
🆕 test_valid_authentication_bearer_2[sync] N/A 4.8 ms N/A

@sansyrox
Copy link
Member

Hey @yomaaf 👋

Thanks for the PR. However, I do not understand the problem you are addressing here.

What do you mean by "multiple authentication" and why is it needed in Robyn?

@yomaaf
Copy link
Contributor Author
yomaaf commented Jul 20, 2024

Hey @yomaaf 👋

Thanks for the PR. However, I do not understand the problem you are addressing here.

What do you mean by "multiple authentication" and why is it needed in Robyn?

Hi @sansyrox.

"Multiple authentication" refers to the capability of a system to support different methods or mechanisms for verifying the identity of a user. This can include a variety of authentication methods such as:

  • Password-based authentication: The most common method, where users authenticate using a username and password.
  • Multi-factor authentication (MFA): Requires users to provide two or more verification factors (e.g., password and OTP).
  • OAuth: A protocol that allows third-party services to exchange tokens and authenticate users without sharing passwords.

Why is it needed in Robyn?

  1. Role-specific Security Requirements:

    • Certain routes, such as those accessible to superadmins, may require more stringent security measures like JWT bearer tokens to ensure high levels of security.
    • Other routes, which may have less critical data, can use simpler authentication methods like password-based authentication.

  2. Compliance with Access Control Policies:

    • Different routes may have varying compliance requirements. Supporting multiple authentication handlers allows Robyn to meet these diverse requirements effectively.

  3. Flexibility for Different Use Cases:

    • Different applications or user groups may have varying security and usability requirements. Multiple authentication options provide the necessary flexibility to meet these diverse needs.

Addressing fina-joy's Issue #708

While Robyn currently supports middleware for handling authentication at the main router level, there is a growing need for more granular control, specifically at the sub-router level.
This would allow different authentication strategies for different sections of an application, enhancing security and flexibility.

@sansyrox
Copy link
Member

Hey @yomaaf 👋

There is only one authentication handler in Robyn so the users can override the implementation. I believe your PR will serve well as a Robyn Plugin like the following - https://robyn.tech/documentation/plugins

However, I don't know enough about auth and need some time to think about it. I will get back to you after the weekend 😄

Meanwhile, if you have any items to help me with my research, I'd highly appreciate them.

Thanks again for all the hard work :D

user-for-download
user-for-download suggested changes Jul 30, 2024
View reviewed changes
Copy link
@user-for-download user-for-download left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need this functionality)

@JulianDeal
Copy link
JulianDeal commented Sep 24, 2024
edited
Loading

@sansyrox @yomaaf Right now it's not possible to add authentication to a subrouter (as far as I understand).

So why not make the multi-auth functionality a plugin but keep the changes in the Subrouter class where the auth_required attribute gets added to the endpoint handlers?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@user-for-download user-for-download user-for-download requested changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Sub-router Authentication Capabilities
4 participants
@yomaaf @sansyrox @JulianDeal @user-for-download