Skip to content

Release Notes 🎞

1.0.0b0

We are thrilled to announce the release of authx version 1.0.0-beta0, a significant milestone in our journey. This release brings about several important changes and enhancements, including the drop of different features we used to have. Below, we outline the key updates and improvements.

Major Changes πŸš‘οΈ

Dependency Updates ⬆️

What's Changed

For detailed information on the changes introduced in this release, please refer to the Full Changelog

0.9.1

πŸŸ₯ LAST RELEASE FOR AUTHX - 0.x.x

As you may observe, my primary shift has been towards concentrating on the development of the new release, with a strong emphasis on incorporating features that users would appreciate to enhance authentication capabilities.

In doing so, I have intentionally omitted several functions. This is why I strongly believe that having two distinct versions is truly beneficial.

0.x.x

The primary focus will be on addressing bug fixes and improving documentation in the previous version. It appears that the excessive use of dependencies may have been a factor that many people did not appreciate.

You can open a pull request in case you want to fix something related to it πŸ™ŒπŸ»

1.x.x

You can read here what is new until now:

AuthX Revamp - V 1.0.0 will be our authentication system New design. This version comes with several new features and enhancements to improve security, usability, and performance.

Core Functionality
  • JWT encoding/decoding for application authentication
  • Automatic detection of JWTs in requests:
  • JWTs in headers
  • JWTs in cookies
  • JWTs in query strings
  • JWTs in JSON bodies
  • Implicit/explicit token refresh mechanism
  • Tracking the freshness state of tokens
  • Route protection:
  • Protection based on token type (access/refresh)
  • Protection based on token freshness
  • Partial route protection
  • Handling custom user logic for revoked token validation
  • Handling custom logic for token recipient retrieval (ORM, pydantic serialization...)
  • Providing FastAPI-compliant dependency injection API
  • Automatic error handling
External Support
  • Keeping profiler
  • Keeping Redis
  • Keeping Instrument
  • Keeping Metrics
  • Providing OAuth2 support

Fixes πŸ›

Dependencies πŸ“¦

Full Changelog: https://github.com/yezz123/authx/compare/0.9.0...0.9.1

0.9.0

Fixes πŸ›

Dependencies πŸ”¨

Full Changelog: https://github.com/yezz123/authx/compare/0.8.3...0.9.0

0.8.3

Fixes πŸ›

Docs πŸ“

Dependencies πŸ”¨

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.8.2...0.8.3

0.8.2

What's Changed

Full Changelog: https://github.com/yezz123/authx/compare/0.8.1...0.8.2

0.8.1

What's Changed

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.8.0...0.8.1

0.8.0

Implementation in FastAPI applications

Thats Work by adding a Middleware to your FastAPI application, work on collecting prometheus metrics for each request, and then to handle that we need a function get_metrics work on handling exposing the prometheus metrics into /metrics endpoint.

from fastapi import FastAPI
from authx.middleware import MetricsMiddleware, get_metrics

app = FastAPI()
app.add_middleware(MetricsMiddleware)
app.add_route("/metrics", get_metrics)

What's Changed

Full Changelog: https://github.com/yezz123/authx/compare/0.7.0...0.8.0

0.7.0

  • πŸ”§ Update package metadata and move build internals from Flit to Hatch.

What's Changed

Full Changelog: https://github.com/yezz123/authx/compare/0.6.1...0.7.0

0.6.1

Fix Client issue for launching both the client and database_name in MongoDBBackend.

from authx import Authentication
from authx.database import MongoDBBackend
from motor.motor_asyncio import AsyncIOMotorClient


authx = Authentication(
     database_backend=MongoDBBackend(
          client=AsyncIOMotorClient("mongodb://localhost:27017"),
          database_name="test",
     )
)

What's Changed

  • πŸ›  chore(refactor): Improve Errors by @yezz123 in #257
  • πŸ”Š Update Dependencies by @yezz123 in #259
  • :bug: [WIP] fix client issue by @yezz123 in #260

Full Changelog: https://github.com/yezz123/authx/compare/0.6.0...0.6.1

0.6.0

Idea

Profiling is a technique to figure out how time is spent in a program. With these statistics, we can find the β€œhot spot” of a program and think about ways of improvement. Sometimes, a hot spot in an unexpected location may also hint at a bug in the program.

Pyinstrument is a Python profiler. A profiler is a tool to help you optimize your code - make it faster.

Profile a web request in FastAPI

To profile call stacks in FastAPI, you can write a middleware extension for pyinstrument.

Create an async function and decorate it with app.middleware('http') where the app is the name of your FastAPI application instance.

Make sure you configure a setting to only make this available when required.

from pyinstrument import Profiler
PROFILING = True  # Set this from a settings model
if PROFILING:
    @app.middleware("http")
    async def profile_request(request: Request, call_next):
        profiling = request.query_params.get("profile", False)
        if profiling:
            profiler = Profiler(interval=settings.profiling_interval, async_mode="enabled")
            profiler.start()
            await call_next(request)
            profiler.stop()
            return HTMLResponse(profiler.output_html())
        else:
            return await call_next(request)

To invoke, make any request to your application with the GET parameter profile=1 and it will print the HTML result from pyinstrument.

AuthX's Support

With AuthX the abstract of profiling is easy, it's just about calling the ProfilerMiddleware 's class and calling it in add_middleware(ProfilerMiddleware) func that FastAPI provides.

Example

import os
import uvicorn
from fastapi import FastAPI
from fastapi.responses import JSONResponse
from authx import ProfilerMiddleware
app = FastAPI()
app.add_middleware(ProfilerMiddleware)
@app.get("/test")
async def normal_request():
    return JSONResponse({"retMsg": "Hello World!"})
if __name__ == '__main__':
    app_name = os.path.basename(__file__).replace(".py", "")
    uvicorn.run(app=f"{app_name}:app", host="0.0.0.0", port=8080, workers=1)

References

What's Changed

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.5.1...0.6.0

0.5.1

Fix Wrong username validation UserInRegister model #237, Thanks to @YogeshUpdhyay πŸ™πŸ»

What's Changed

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.5.0...0.5.1

0.5.0

Supporting SocketIO that's allows bi-directional communication between client and server. Bi-directional communications are enabled when a client has Socket.IO in the browser, and a server has also integrated the Socket.IO package. While data can be sent in a number of forms, JSON is the simplest.

Usage

To add SocketIO support to FastAPI all you need to do is import AuthXSocket and pass it FastAPI object.

from fastapi import FastAPI
from authx import AuthXSocket

app = FastAPI()
socket = AuthXSocket(app=app)

you can import AuthXSocket object that exposes most of the SocketIO functionality.

@AuthXSocket.on('leave')
async def handle_leave(sid, *args, **kwargs):
    await AuthXSocket.emit('lobby', 'User left')

Working with distributed applications

When working with distributed applications, it is often necessary to access the functionality of the Socket.IO from multiple processes. As a solution to the above problems, the Socket.IO server can be configured to connect to a message queue such as Redis or RabbitMQ, to communicate with other related Socket.IO servers or auxiliary workers.

Refer this link for more details using-a-message-queue

import socketio
from fastapi import FastAPI
from authx import AuthXSocket

app = FastAPI()

redis_manager = socketio.AsyncRedisManager('redis://')

socket_manager = AuthXSocket(app=app, client_manager=redis_manager)

What's Changed

Full Changelog: https://github.com/yezz123/authx/compare/0.4.0...0.5.0

0.4.0

HTTPCache

Overview

HTTP caching occurs when the browser stores local copies of web resources for faster retrieval the next time the resource is required. As your application serves resources it can attach cache headers to the response specifying the desired cache behavior.

Overview

When an item is fully cached, the browser may choose to not contact the server at all and simply use its cached copy:

Overview

HTTP cache headers

There are two primary cache headers, Cache-Control and Expires.

Cache-Control

The Cache-Control header is the most important header to set as it effectively switches on caching in the browser. With this header in place, and set with a value that enables caching, the browser will cache the file for as long as specified. Without this header, the browser will re-request the file on each subsequent request.

Expires

When accompanying the Cache-Control header, Expires simply sets a date from which the cached resource should no longer be considered valid. From this date forward the browser will request a fresh copy of the resource.

This Introduction to HTTP Caching is based on the HTTP Caching Guide.

AuthX provides a simple HTTP caching model designed to work with FastAPI,

Initialize the cache

from authx import HTTPCache
from pytz import timezone

africa_Casablanca = timezone('Africa/Casablanca')
HTTPCache.init(redis_url=REDIS_URL, namespace='test_namespace', tz=africa_Casablanca)

What's Changed

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.3.1...0.4.0

0.3.1

Session

This is a supported Redis Based Session Storage for your FastAPI Application, you can use it with any Session Backend.

pip install authx[session]

Note: The requirements in authx[redis] are not the same used in Sessions features.

Features


  • Dependency injection to protect routes
  • Compatible with FastAPI's auto-generated docs
  • Pydantic models for verifying session data
  • Abstract session backend so you can build one that fits your needs
  • Abstract frontends to choose how you extract the session ids (cookies, header, etc.)
  • Create verifiers based on the session data.
  • Compatible with any Redis Configuration.
Redis Configuration

Before setting up our Sessions Storage and our CRUD Backend, we need to configure our Redis Instance.

BasicConfig is a function that helps us set up the Instance Information like Redis Link Connection or ID Name or Expiration Time.

Default Config
  • url of Redis: redis://localhost:6379/0
  • name of sessionId: ssid
  • generator function of sessionId: lambda :uuid.uuid4().hex
  • expire time of session in redis: 6 hours
import random
from datetime import timedelta
from authx.cache import basicConfig

basicConfig(
    redisURL="redis://localhost:6379/1",
    sessionIdName="sessionId",
    sessionIdGenerator=lambda: str(random.randint(1000, 9999)),
    expireTime=timedelta(days=1),
)

What's Changed

Full Changelog: https://github.com/yezz123/authx/compare/0.3.0...0.3.1

0.3.0

What's Changed

Release Notes

Finally, we drop the full support from MongoDB Thanks to @stephane That's implemented some functionality under the name of BaseDBBackend and Create some Database Crud Functionality without a database.

  • Database Plugins:

  • MongoDB: Using MongoDB as a Database Backend is now supported as a plugin based on BaseDBBackend.

  • EncodeDB: Databases give you simple asyncio support for a range of databases.

    It allows you to make queries using the powerful SQLAlchemy Core expression language and provides support for PostgreSQL, MySQL, and SQLite.

    We can now provide some SQL queries to the database on the top of BaseDBBackend.

MongoDB

from authx import MongoDBBackend

EncodeDB

from authx import EncodeDBBackend

Note: Don't forget to set up the database connection as a client that will be functioned under pre-built Methods.

  • Improve the package by Switching to flit to build the package.
  • Improve Workflow and integrate codecov.yml.
  • Use the issue of new Functionalities in Github.
  • Create New Directory called scripts to store the shell scripts to run tests or linting.
  • Improve Importing the package https://github.com/yezz123/authx/blob/main/authx/__init__.py.
  • Calling the function or the class directly from the __init__.py file.
  • Improve Documentation, and Describe different new Addons, that AuthX now provide such as new Database Backends or Plugins or the new middleware add-ons, Thanks to @AbderrahimSoubaiElidrissi
  • Update and upgrade Dependencies.
  • Inline and improve IDLE Support.

Full Changelog: https://github.com/yezz123/authx/compare/0.2.0...0.3.0

0.2.0

What's Changed

Middleware - Oauth2

The OAuth 2.0 authorization framework is a protocol that allows a user to grant a third-party website or application access to the user's protected resources, without necessarily revealing their long-term credentials or even their identity.

Starlette middleware for authentication through oauth2's via a secret key, which is often used to add authentication and authorization to a web application that interacts with an API on behalf of the user.

That's why AuthX provides a Configuration MiddlewareOauth2 to configure the OAuth2 middleware.

from authx import MiddlewareOauth2

class AuthenticateMiddleware(MiddlewareOauth2):
    PUBLIC_PATHS = {"/public"}

Code Enhancement

Full Changelog: https://github.com/yezz123/authx/compare/0.1.4...0.2.0

0.1.4

What's Changed

Full Changelog: https://github.com/yezz123/authx/compare/0.1.3...0.1.4

0.1.3

  • Fix the issue relate to PyJWT (Bumping version #151 )
  • Add sameSite to Cookies metadata ( #134)

What's Changed

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.1.2...0.1.3

0.1.2

After this discussion #124 with @stephane we need to change the package name that what pep's rules provide.

Modules should have short, all-lowercase names. Underscores can be used in the module name if it improves readability. Python packages should also have short, all-lowercase names, although the use of underscores is discouraged.

carbon

What's Changed

New Contributors

Full Changelog: https://github.com/yezz123/authx/compare/0.1.1...0.1.2

0.1.1

  • Kuddos to @AbderrahimSoubaiElidrissi for fixing multiple issues in docs ✨
  • Fix Database partial router.
  • Now we can call the cache or mongo only from a partial router.

Example

main py

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.1.0...0.1.1

0.1.0

  • Provide a full support for python 3.10 after adding a testcase (workflow), and fix the version of pytest.
  • Provide a full requirements for Setup.py with all the dependencies and classifiers.

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.9...0.1.0

0.0.9

  • Add Code coverage and local testing for AuthenticationX.
  • Add DocString to Some Functions relate to Services.
  • Bump multiple packages to last release.

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.8...0.0.9

0.0.8

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.7...0.0.8

0.0.7

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.6...0.0.7

0.0.6

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.5...0.0.6

0.0.5

All this is based on This PR #45 :

  • here I fix issues related to documentation.
  • Generate a docstring for the main file.

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.4...0.0.5

0.0.4

During the work on this PR #44 :

  • I generate a docstring to improve the project & clear some parts of the code.
  • Add an Issue Template (Pre-public).
  • Create a simple Readme For the whole users.
  • Adding New Commands relate to the bumpversion package in the Makefile.

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.3...0.0.4

0.0.3

  • Create a simple Readme.
  • Create a Build to release the package.
  • Fix Test Issues

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.2...0.0.3

0.0.2

Create a Testable Core for Email and work on Users and JWT. work on a PR to test the Services and Provide more Routers tests

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/compare/0.0.1...0.0.2

0.0.1

  • Create Authentication Routes ex. Register, login, logout, and Reset.
  • Add The Social Authentication Routes, Connecting using Google and Facebook.
  • Give the Admin the Permission of Adding a User to the Blacklist or Ban a User from The API.
  • Done with Setup of Multiple Routes and Fix The Crud Issues.
  • Use the JWT package For Creating tokens and checking, also the Email Provider works with booths aiosmtplib and email-validator.
  • Provide the Common Models ex. Users Models and Social Models.
  • Create a Multiple Errors Support for Route and Models Validation or also if the Social Authentication CallBack got Errors.
  • Add A Recaptcha Bypass using Httpx Library and Create A String and Signature Generator using Passlib.
  • Using passlib to Verify the Password and Hash it under sha256.
  • Set up a workflow to Test The Project in a Docker environment.

What's Changed

Full Changelog: https://github.com/yezz123/AuthX/commits/0.0.1