hawat.blueprints.auth_api package

This pluggable module provides API key based authentication service. When this module is enabled, users may generate and use API keys to authenticate themselves when accessing various API application endpoints.

Currently, the API key may be provided via one of the following methods:

  • The Authorization HTTP header.

    You may provide your API key by adding Authorization HTTP header to your requests. Following forms are accepted:

    Authorization: abcd1234
    Authorization: key abcd1234
    Authorization: token abcd1234
    
  • The api_key or api_token parameter of the HTTP POST request.

    You may provide your API key as additional HTTP parameter api_key or api_token of your POST request to particular application endpoint. Using GET requests is forbidden due to the fact that request URLs are getting logged on various places and your keys could thus be easily compromised.

Provided endpoints

/auth_api/<user_id>/key-generate

Page enabling generation of new API key.

  • Authentication: login required

  • Authorization: admin

  • Methods: GET, POST

/auth_api/<user_id>/key-delete

Page enabling deletion of existing API key.

  • Authentication: login required

  • Authorization: admin

  • Methods: GET, POST

class hawat.blueprints.auth_api.APIAuthBlueprint(name, import_name, **kwargs)[source]

Bases: HawatBlueprint

Pluggable module - API key authentication service (auth_api).

classmethod get_module_title()[source]

Get human readable name for this blueprint/module.

Returns

Name (short summary) of the blueprint/module.

Return type

str

register_app(app)[source]

Hook method: Custom callback, which will be called from hawat.app.Hawat.register_blueprint() method and which can perform additional tweaking of Hawat application object.

Parameters

app (hawat.app.Hawat) – Application object.

hawat.blueprints.auth_api.BLUEPRINT_NAME = 'auth_api'

Name of the blueprint as module global constant.

class hawat.blueprints.auth_api.DeleteKeyView[source]

Bases: HTMLMixin, SQLAlchemyMixin, ItemChangeView

View for deleting API keys from user accounts.

authentication = True

Similar to the decorators mechanism in Flask pluggable views, you may use this class variable to specify, that the view is protected by authentication. During the process of registering the view into the blueprint in hawat.app.hawatBlueprint.register_view_class() the view will be automatically decorated with flask_login.login_required() decorator.

The advantage of using this in favor of decorators is that the application menu can automatically hide/show items inaccessible to current user.

This is a scalar variable that must contain boolean True or False.

classmethod authorize_item_action(**kwargs)[source]

Perform access authorization for current user to particular item.

classmethod change_item(**kwargs)[source]

Hook method: Change given item in any desired way.

Parameters

item – Item to be changed/modified.

property dbchlogmodel

This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

property dbmodel

This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

static get_message_cancel(**kwargs)[source]

Hook method. Must return text for flash message in case of action cancel. The text may contain HTML characters and will be passed to flask.Markup before being used, so to certain extend you may emphasize and customize the output.

static get_message_failure(**kwargs)[source]

Hook method. Must return text for flash message in case of action failure. The text may contain HTML characters and will be passed to flask.Markup before being used, so to certain extend you may emphasize and customize the output.

static get_message_success(**kwargs)[source]

Hook method. Must return text for flash message in case of action success. The text may contain HTML characters and will be passed to flask.Markup before being used, so to certain extend you may emphasize and customize the output.

classmethod get_view_icon()[source]

Implementation of hawat.view.BaseView.get_view_icon().

classmethod get_view_name()[source]

Return unique name for the view. Name must be unique in the namespace of parent blueprint/module and should contain only characters [a-z0-9]. It will be used for generating endpoint name for the view.

This method does not have any default implementation and must be overridden by a subclass.

Returns

Name for the view.

Return type

str

classmethod get_view_template()[source]

Implementation of hawat.view.RenderableView.get_view_template().

classmethod get_view_title(**kwargs)[source]

Return title for the view, that will be displayed in the title tag of HTML head element and also as the content of page header in h2 tag.

Default implementation returns the return value of hawat.view.BaseView.get_menu_title() method by default.

Parameters

kwargs (dict) – Optional parameters.

Returns

Title for the view.

Return type

str

methods: ClassVar[Optional[Collection[str]]] = ['GET', 'POST']

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

class hawat.blueprints.auth_api.GenerateKeyView[source]

Bases: HTMLMixin, SQLAlchemyMixin, ItemChangeView

View for generating API keys for user accounts.

authentication = True

Similar to the decorators mechanism in Flask pluggable views, you may use this class variable to specify, that the view is protected by authentication. During the process of registering the view into the blueprint in hawat.app.hawatBlueprint.register_view_class() the view will be automatically decorated with flask_login.login_required() decorator.

The advantage of using this in favor of decorators is that the application menu can automatically hide/show items inaccessible to current user.

This is a scalar variable that must contain boolean True or False.

classmethod authorize_item_action(**kwargs)[source]

Perform access authorization for current user to particular item.

classmethod change_item(**kwargs)[source]

Hook method: Change given item in any desired way.

Parameters

item – Item to be changed/modified.

property dbchlogmodel

This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

property dbmodel

This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.

static get_message_cancel(**kwargs)[source]

Hook method. Must return text for flash message in case of action cancel. The text may contain HTML characters and will be passed to flask.Markup before being used, so to certain extend you may emphasize and customize the output.

static get_message_failure(**kwargs)[source]

Hook method. Must return text for flash message in case of action failure. The text may contain HTML characters and will be passed to flask.Markup before being used, so to certain extend you may emphasize and customize the output.

static get_message_success(**kwargs)[source]

Hook method. Must return text for flash message in case of action success. The text may contain HTML characters and will be passed to flask.Markup before being used, so to certain extend you may emphasize and customize the output.

classmethod get_view_icon()[source]

Implementation of hawat.view.BaseView.get_view_icon().

classmethod get_view_name()[source]

Return unique name for the view. Name must be unique in the namespace of parent blueprint/module and should contain only characters [a-z0-9]. It will be used for generating endpoint name for the view.

This method does not have any default implementation and must be overridden by a subclass.

Returns

Name for the view.

Return type

str

classmethod get_view_template()[source]

Implementation of hawat.view.RenderableView.get_view_template().

classmethod get_view_title(**kwargs)[source]

Return title for the view, that will be displayed in the title tag of HTML head element and also as the content of page header in h2 tag.

Default implementation returns the return value of hawat.view.BaseView.get_menu_title() method by default.

Parameters

kwargs (dict) – Optional parameters.

Returns

Title for the view.

Return type

str

methods: ClassVar[Optional[Collection[str]]] = ['GET', 'POST']

The methods this view is registered for. Uses the same default (["GET", "HEAD", "OPTIONS"]) as route and add_url_rule by default.

hawat.blueprints.auth_api.get_blueprint()[source]

Mandatory interface for hawat.Hawat and factory function. This function must return a valid instance of hawat.app.HawatBlueprint or flask.Blueprint.