2022-08-20T16:34:44,214 Created temporary directory: /tmp/pip-ephem-wheel-cache-erwxqbzr
2022-08-20T16:34:44,220 Created temporary directory: /tmp/pip-build-tracker-nd0cv_0a
2022-08-20T16:34:44,221 Initialized build tracking at /tmp/pip-build-tracker-nd0cv_0a
2022-08-20T16:34:44,221 Created build tracker: /tmp/pip-build-tracker-nd0cv_0a
2022-08-20T16:34:44,221 Entered build tracker: /tmp/pip-build-tracker-nd0cv_0a
2022-08-20T16:34:44,222 Created temporary directory: /tmp/pip-wheel-yoar2kbg
2022-08-20T16:34:44,286 Looking in indexes: https://pypi.org/simple, https://www.piwheels.org/simple
2022-08-20T16:34:44,294 2 location(s) to search for versions of fastapi-authz:
2022-08-20T16:34:44,294 * https://pypi.org/simple/fastapi-authz/
2022-08-20T16:34:44,294 * https://www.piwheels.org/simple/fastapi-authz/
2022-08-20T16:34:44,296 Fetching project page and analyzing links: https://pypi.org/simple/fastapi-authz/
2022-08-20T16:34:44,297 Getting page https://pypi.org/simple/fastapi-authz/
2022-08-20T16:34:44,301 Found index url https://pypi.org/simple
2022-08-20T16:34:44,490   Found link https://files.pythonhosted.org/packages/8b/9b/9f6f2758e16a9468b73dffcda68e2e9d32e14a13d772c14cd94a904530fc/fastapi-authz-0.0.2.tar.gz#sha256=d44dd72ba1c9cbf725d44269d1c648e1c46a19a461accd251b4f8dc01b4f7a09 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6), version: 0.0.2
2022-08-20T16:34:44,492   Found link https://files.pythonhosted.org/packages/4f/e3/8ecf3c892289933710e40acbdab5f90c2497fb710b340c827ae8c30882f0/fastapi-authz-0.0.3.tar.gz#sha256=fcfe5ed7f7634dc9d89cfb673e603174eb6da3382bad02dc1c08a51edd2d6474 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6), version: 0.0.3
2022-08-20T16:34:44,493   Skipping link: No binaries permitted for fastapi-authz: https://files.pythonhosted.org/packages/4a/30/1d69c592fa5e35854c0c1cafd2a15fae1ec5fb2e0544c3206b490f1ddc6c/fastapi_authz-0.0.3-py3-none-any.whl#sha256=754216ce9cec748afc138ea225e783425741382bf14644f631b8c469049d28ff (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,494   Found link https://files.pythonhosted.org/packages/b9/f6/1ec5d2b7ef5ee8cd683f68d5bdce8a14385829de8e1b8678cdbba2806519/fastapi-authz-0.0.4.tar.gz#sha256=4158b408d9ab64a25aac88fbeae224d27c52476b08709366917d417df660274d (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6), version: 0.0.4
2022-08-20T16:34:44,495   Skipping link: No binaries permitted for fastapi-authz: https://files.pythonhosted.org/packages/4a/8e/2330010480340763acdcea3e23a42b18c9e67ece8abb09477c52918812aa/fastapi_authz-0.0.4-py3-none-any.whl#sha256=0838320254118b500b6315181195fb1a70ebcbe9f5048a86a766108bbbf948a9 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,496   Found link https://files.pythonhosted.org/packages/6f/bf/8f100730f093857d2d449fda70ab2edd64cdbc81f315351486ce8a5932cb/fastapi-authz-0.0.5.tar.gz#sha256=69759886fdecda882a8ba2263ae98809865c319a2acfd26e939ca5d974bb5723 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6), version: 0.0.5
2022-08-20T16:34:44,497   Skipping link: No binaries permitted for fastapi-authz: https://files.pythonhosted.org/packages/d6/7e/77099c723f9509bdc190adf46a4ba51293e3ae9f7ea0ba6d9939179f18ed/fastapi_authz-0.0.5-py3-none-any.whl#sha256=ea503184efc7dfdf37c08ad7a1e130692810883891a7c76e2865a69482326c35 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,498   Found link https://files.pythonhosted.org/packages/ef/fb/11538a3ff6c41077ceba2eac1c09a22b33a2fd486c0b85d6199537c31f61/fastapi-authz-0.1.0.tar.gz#sha256=52c51184b60bee25501178b419b23c31007b6b4b6ba8940908d7f9a252f669de (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6), version: 0.1.0
2022-08-20T16:34:44,499   Skipping link: No binaries permitted for fastapi-authz: https://files.pythonhosted.org/packages/ca/ec/a00a111fbaee811f40b03f77b5630a2035f9637bff3a0c7b9a3b9826db3a/fastapi_authz-0.1.0-py3-none-any.whl#sha256=7dc70d67f97a78fc795a2f62797d9e04aaa7bf8786fbb696d4487dac9cc19b35 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,500   Found link https://files.pythonhosted.org/packages/b2/f8/1a10eb0520e43ca6b8c874ef9e9db559aa51bf3bff7de7a0b9047b76b01c/fastapi-authz-0.2.0.tar.gz#sha256=b07a5a3163bd2f5e57fecae8b7d668bd027acc2bb7d8fcfc1853bddaf27e26ea (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6), version: 0.2.0
2022-08-20T16:34:44,501   Skipping link: No binaries permitted for fastapi-authz: https://files.pythonhosted.org/packages/bb/ba/870732ae5918b3974676df01305c234d880c38a0448fde8d1d6dfac57330/fastapi_authz-0.2.0-py3-none-any.whl#sha256=ca75ecd8b520229e11cc3e783b996a2e88da1848454595c283ff559439c753d4 (from https://pypi.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,502 Fetching project page and analyzing links: https://www.piwheels.org/simple/fastapi-authz/
2022-08-20T16:34:44,502 Getting page https://www.piwheels.org/simple/fastapi-authz/
2022-08-20T16:34:44,504 Found index url https://www.piwheels.org/simple
2022-08-20T16:34:44,716   Skipping link: No binaries permitted for fastapi-authz: https://www.piwheels.org/simple/fastapi-authz/fastapi_authz-0.1.0-py3-none-any.whl#sha256=3748966021c96b4db8a2b5beff8e9e17bc6b0316439aaa0121d8b6ea985bb643 (from https://www.piwheels.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,716   Skipping link: No binaries permitted for fastapi-authz: https://www.piwheels.org/simple/fastapi-authz/fastapi_authz-0.0.5-py3-none-any.whl#sha256=ea503184efc7dfdf37c08ad7a1e130692810883891a7c76e2865a69482326c35 (from https://www.piwheels.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,717   Skipping link: No binaries permitted for fastapi-authz: https://www.piwheels.org/simple/fastapi-authz/fastapi_authz-0.0.4-py3-none-any.whl#sha256=0838320254118b500b6315181195fb1a70ebcbe9f5048a86a766108bbbf948a9 (from https://www.piwheels.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,717   Skipping link: No binaries permitted for fastapi-authz: https://www.piwheels.org/simple/fastapi-authz/fastapi_authz-0.0.3-py3-none-any.whl#sha256=754216ce9cec748afc138ea225e783425741382bf14644f631b8c469049d28ff (from https://www.piwheels.org/simple/fastapi-authz/) (requires-python:>=3.6)
2022-08-20T16:34:44,718 Skipping link: not a file: https://www.piwheels.org/simple/fastapi-authz/
2022-08-20T16:34:44,719 Skipping link: not a file: https://pypi.org/simple/fastapi-authz/
2022-08-20T16:34:44,754 Given no hashes to check 1 links for project 'fastapi-authz': discarding no candidates
2022-08-20T16:34:44,786 Collecting fastapi-authz==0.2.0
2022-08-20T16:34:44,790   Created temporary directory: /tmp/pip-unpack-yh7qfmaq
2022-08-20T16:34:45,019   Downloading fastapi-authz-0.2.0.tar.gz (8.3 kB)
2022-08-20T16:34:45,097   Added fastapi-authz==0.2.0 from https://files.pythonhosted.org/packages/b2/f8/1a10eb0520e43ca6b8c874ef9e9db559aa51bf3bff7de7a0b9047b76b01c/fastapi-authz-0.2.0.tar.gz#sha256=b07a5a3163bd2f5e57fecae8b7d668bd027acc2bb7d8fcfc1853bddaf27e26ea to build tracker '/tmp/pip-build-tracker-nd0cv_0a'
2022-08-20T16:34:45,100   Running setup.py (path:/tmp/pip-wheel-yoar2kbg/fastapi-authz_8b81b46f8c4f4f29b87b3657f1808cca/setup.py) egg_info for package fastapi-authz
2022-08-20T16:34:45,102   Created temporary directory: /tmp/pip-pip-egg-info-pez5nq_g
2022-08-20T16:34:45,102   Preparing metadata (setup.py): started
2022-08-20T16:34:45,104   Running command python setup.py egg_info
2022-08-20T16:34:53,258   # fastapi-authz

2022-08-20T16:34:53,260   [![Build Status](https://github.com/pycasbin/fastapi-authz/actions/workflows/release.yml/badge.svg)](https://github.com/pycasbin/fastapi-authz/actions/workflows/release.yml)
2022-08-20T16:34:53,260   [![Coverage Status](https://coveralls.io/repos/github/pycasbin/fastapi-authz/badge.svg)](https://coveralls.io/github/pycasbin/fastapi-authz)
2022-08-20T16:34:53,261   [![Version](https://img.shields.io/pypi/v/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:34:53,261   [![PyPI - Wheel](https://img.shields.io/pypi/wheel/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:34:53,261   [![Pyversions](https://img.shields.io/pypi/pyversions/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:34:53,262   [![Download](https://img.shields.io/pypi/dm/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:34:53,262   [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/casbin/lobby)

2022-08-20T16:34:53,263   fastapi-authz is an authorization middleware for [FastAPI](https://fastapi.tiangolo.com/), it's based
2022-08-20T16:34:53,264   on [PyCasbin](https://github.com/casbin/pycasbin).

2022-08-20T16:34:53,264   ## Installation

2022-08-20T16:34:53,265   Install from pip

2022-08-20T16:34:53,266   ```bash
2022-08-20T16:34:53,266   pip install fastapi-authz
2022-08-20T16:34:53,267   ```

2022-08-20T16:34:53,267   Clone this repo

2022-08-20T16:34:53,268   ```bash
2022-08-20T16:34:53,268   git clone https://github.com/pycasbin/fastapi-authz.git
2022-08-20T16:34:53,268   python setup.py install
2022-08-20T16:34:53,269   ```

2022-08-20T16:34:53,269   ## Quickstart

2022-08-20T16:34:53,270   This middleware is designed to work with another middleware which implement `AuthenticationMiddleware` interface.

2022-08-20T16:34:53,271   ```python
2022-08-20T16:34:53,271   import base64
2022-08-20T16:34:53,271   import binascii

2022-08-20T16:34:53,272   import casbin

2022-08-20T16:34:53,272   from fastapi import FastAPI
2022-08-20T16:34:53,273   from starlette.authentication import AuthenticationBackend, AuthenticationError, SimpleUser, AuthCredentials
2022-08-20T16:34:53,273   from starlette.middleware.authentication import AuthenticationMiddleware

2022-08-20T16:34:53,274   from fastapi_authz import CasbinMiddleware

2022-08-20T16:34:53,275   app = FastAPI()


2022-08-20T16:34:53,276   class BasicAuth(AuthenticationBackend):
2022-08-20T16:34:53,276       async def authenticate(self, request):
2022-08-20T16:34:53,276           if "Authorization" not in request.headers:
2022-08-20T16:34:53,277               return None

2022-08-20T16:34:53,277           auth = request.headers["Authorization"]
2022-08-20T16:34:53,278           try:
2022-08-20T16:34:53,278               scheme, credentials = auth.split()
2022-08-20T16:34:53,279               decoded = base64.b64decode(credentials).decode("ascii")
2022-08-20T16:34:53,279           except (ValueError, UnicodeDecodeError, binascii.Error):
2022-08-20T16:34:53,279               raise AuthenticationError("Invalid basic auth credentials")

2022-08-20T16:34:53,280           username, _, password = decoded.partition(":")
2022-08-20T16:34:53,280           return AuthCredentials(["authenticated"]), SimpleUser(username)


2022-08-20T16:34:53,281   enforcer = casbin.Enforcer('../examples/rbac_model.conf', '../examples/rbac_policy.csv')

2022-08-20T16:34:53,282   app.add_middleware(CasbinMiddleware, enforcer=enforcer)
2022-08-20T16:34:53,282   app.add_middleware(AuthenticationMiddleware, backend=BasicAuth())


2022-08-20T16:34:53,283   @app.get('/')
2022-08-20T16:34:53,283   async def index():
2022-08-20T16:34:53,284       return "If you see this, you have been authenticated."


2022-08-20T16:34:53,285   @app.get('/dataset1/protected')
2022-08-20T16:34:53,285   async def auth_test():
2022-08-20T16:34:53,286       return "You must be alice to see this."
2022-08-20T16:34:53,286   ```

2022-08-20T16:34:53,287   - anonymous request

2022-08-20T16:34:53,287   ```bash
2022-08-20T16:34:53,288   curl -i http://127.0.0.1:8000/dataset1/protected
2022-08-20T16:34:53,288   ```

2022-08-20T16:34:53,289   ```bash
2022-08-20T16:34:53,289   HTTP/1.1 403 Forbidden
2022-08-20T16:34:53,289   date: Mon, 01 Mar 2021 09:00:08 GMT
2022-08-20T16:34:53,290   server: uvicorn
2022-08-20T16:34:53,290   content-length: 11
2022-08-20T16:34:53,290   content-type: application/json

2022-08-20T16:34:53,291   "Forbidden"
2022-08-20T16:34:53,291   ```

2022-08-20T16:34:53,292   - authenticated request

2022-08-20T16:34:53,293   ```bash
2022-08-20T16:34:53,293   curl -i -u alice:password http://127.0.0.1:8000/dataset1/protected
2022-08-20T16:34:53,293   ```

2022-08-20T16:34:53,294   ```bash
2022-08-20T16:34:53,294   HTTP/1.1 200 OK
2022-08-20T16:34:53,295   date: Mon, 01 Mar 2021 09:04:54 GMT
2022-08-20T16:34:53,295   server: uvicorn
2022-08-20T16:34:53,295   content-length: 32
2022-08-20T16:34:53,296   content-type: application/json

2022-08-20T16:34:53,296   "You must be alice to see this."
2022-08-20T16:34:53,297   ```

2022-08-20T16:34:53,297   It used the casbin config from `examples` folder, and you can find this demo in `demo` folder.

2022-08-20T16:34:53,298   You can also view the unit tests to understand this middleware.

2022-08-20T16:34:53,299   Besides, there is another example for `CasbinMiddleware` which is designed to work with JWT authentication. You can find
2022-08-20T16:34:53,299   it in `demo/jwt_test.py`.

2022-08-20T16:34:53,300   ## Development

2022-08-20T16:34:53,300   ### Run unit tests

2022-08-20T16:34:53,301   1. Fork/Clone repository
2022-08-20T16:34:53,301   2. Install fastapi-authz dependencies, and run `pytest`

2022-08-20T16:34:53,302   ```bash
2022-08-20T16:34:53,302   pip install -r dev_requirements.txt
2022-08-20T16:34:53,303   pip install -r requirements.txt
2022-08-20T16:34:53,303   pytest
2022-08-20T16:34:53,303   ```

2022-08-20T16:34:53,304   ### Update requirements with pip-tools

2022-08-20T16:34:53,305   ```bash
2022-08-20T16:34:53,305   # update requirements.txt
2022-08-20T16:34:53,305   pip-compile --no-annotate --no-header --rebuild requirements.in
2022-08-20T16:34:53,306   # sync venv
2022-08-20T16:34:53,306   pip-sync
2022-08-20T16:34:53,306   ```

2022-08-20T16:34:53,307   ### Manually Bump Version

2022-08-20T16:34:53,308   ```
2022-08-20T16:34:53,308   bumpversion major  # major release
2022-08-20T16:34:53,308   or
2022-08-20T16:34:53,309   bumpversion minor  # minor release
2022-08-20T16:34:53,309   or
2022-08-20T16:34:53,309   bumpversion patch  # hotfix release
2022-08-20T16:34:53,310   ```

2022-08-20T16:34:53,310   ## Documentation

2022-08-20T16:34:53,311   The authorization determines a request based on ``{subject, object, action}``, which means what ``subject`` can perform
2022-08-20T16:34:53,311   what ``action`` on what ``object``. In this plugin, the meanings are:

2022-08-20T16:34:53,312   1. ``subject``: the logged-in user name
2022-08-20T16:34:53,312   2. ``object``: the URL path for the web resource like `dataset1/item1`
2022-08-20T16:34:53,313   3. ``action``: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like "read-file", "
2022-08-20T16:34:53,313      write-blog" (currently no official support in this middleware)

2022-08-20T16:34:53,314   For how to write authorization policy and other details, please refer
2022-08-20T16:34:53,314   to [the Casbin's documentation](https://casbin.org).

2022-08-20T16:34:53,314   ## Getting Help

2022-08-20T16:34:53,315   - [Casbin](https://casbin.org)

2022-08-20T16:34:53,316   ## License

2022-08-20T16:34:53,317   This project is under Apache 2.0 License. See the [LICENSE](LICENSE) file for the full license text.

2022-08-20T16:34:53,317   running egg_info
2022-08-20T16:34:53,318   creating /tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info
2022-08-20T16:34:54,004   writing /tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/PKG-INFO
2022-08-20T16:34:54,601   writing dependency_links to /tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/dependency_links.txt
2022-08-20T16:34:57,576   writing requirements to /tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/requires.txt
2022-08-20T16:34:58,170   writing top-level names to /tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/top_level.txt
2022-08-20T16:34:58,173   writing manifest file '/tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/SOURCES.txt'
2022-08-20T16:34:59,232   reading manifest file '/tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/SOURCES.txt'
2022-08-20T16:34:59,235   adding license file 'LICENSE'
2022-08-20T16:34:59,241   writing manifest file '/tmp/pip-pip-egg-info-pez5nq_g/fastapi_authz.egg-info/SOURCES.txt'
2022-08-20T16:34:59,464   Preparing metadata (setup.py): finished with status 'done'
2022-08-20T16:34:59,476   Source in /tmp/pip-wheel-yoar2kbg/fastapi-authz_8b81b46f8c4f4f29b87b3657f1808cca has version 0.2.0, which satisfies requirement fastapi-authz==0.2.0 from https://files.pythonhosted.org/packages/b2/f8/1a10eb0520e43ca6b8c874ef9e9db559aa51bf3bff7de7a0b9047b76b01c/fastapi-authz-0.2.0.tar.gz#sha256=b07a5a3163bd2f5e57fecae8b7d668bd027acc2bb7d8fcfc1853bddaf27e26ea
2022-08-20T16:34:59,478   Removed fastapi-authz==0.2.0 from https://files.pythonhosted.org/packages/b2/f8/1a10eb0520e43ca6b8c874ef9e9db559aa51bf3bff7de7a0b9047b76b01c/fastapi-authz-0.2.0.tar.gz#sha256=b07a5a3163bd2f5e57fecae8b7d668bd027acc2bb7d8fcfc1853bddaf27e26ea from build tracker '/tmp/pip-build-tracker-nd0cv_0a'
2022-08-20T16:34:59,493 Created temporary directory: /tmp/pip-unpack-ap4b29zw
2022-08-20T16:34:59,494 Building wheels for collected packages: fastapi-authz
2022-08-20T16:34:59,503   Created temporary directory: /tmp/pip-wheel-0rtxqvfv
2022-08-20T16:34:59,504   Building wheel for fastapi-authz (setup.py): started
2022-08-20T16:34:59,505   Destination directory: /tmp/pip-wheel-0rtxqvfv
2022-08-20T16:34:59,506   Running command python setup.py bdist_wheel
2022-08-20T16:35:02,096   # fastapi-authz

2022-08-20T16:35:02,097   [![Build Status](https://github.com/pycasbin/fastapi-authz/actions/workflows/release.yml/badge.svg)](https://github.com/pycasbin/fastapi-authz/actions/workflows/release.yml)
2022-08-20T16:35:02,098   [![Coverage Status](https://coveralls.io/repos/github/pycasbin/fastapi-authz/badge.svg)](https://coveralls.io/github/pycasbin/fastapi-authz)
2022-08-20T16:35:02,098   [![Version](https://img.shields.io/pypi/v/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:35:02,099   [![PyPI - Wheel](https://img.shields.io/pypi/wheel/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:35:02,099   [![Pyversions](https://img.shields.io/pypi/pyversions/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:35:02,099   [![Download](https://img.shields.io/pypi/dm/fastapi-authz.svg)](https://pypi.org/project/fastapi-authz/)
2022-08-20T16:35:02,100   [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/casbin/lobby)

2022-08-20T16:35:02,100   fastapi-authz is an authorization middleware for [FastAPI](https://fastapi.tiangolo.com/), it's based
2022-08-20T16:35:02,100   on [PyCasbin](https://github.com/casbin/pycasbin).

2022-08-20T16:35:02,101   ## Installation

2022-08-20T16:35:02,102   Install from pip

2022-08-20T16:35:02,102   ```bash
2022-08-20T16:35:02,103   pip install fastapi-authz
2022-08-20T16:35:02,103   ```

2022-08-20T16:35:02,104   Clone this repo

2022-08-20T16:35:02,104   ```bash
2022-08-20T16:35:02,105   git clone https://github.com/pycasbin/fastapi-authz.git
2022-08-20T16:35:02,105   python setup.py install
2022-08-20T16:35:02,105   ```

2022-08-20T16:35:02,106   ## Quickstart

2022-08-20T16:35:02,106   This middleware is designed to work with another middleware which implement `AuthenticationMiddleware` interface.

2022-08-20T16:35:02,107   ```python
2022-08-20T16:35:02,107   import base64
2022-08-20T16:35:02,108   import binascii

2022-08-20T16:35:02,108   import casbin

2022-08-20T16:35:02,109   from fastapi import FastAPI
2022-08-20T16:35:02,109   from starlette.authentication import AuthenticationBackend, AuthenticationError, SimpleUser, AuthCredentials
2022-08-20T16:35:02,110   from starlette.middleware.authentication import AuthenticationMiddleware

2022-08-20T16:35:02,110   from fastapi_authz import CasbinMiddleware

2022-08-20T16:35:02,111   app = FastAPI()


2022-08-20T16:35:02,112   class BasicAuth(AuthenticationBackend):
2022-08-20T16:35:02,112       async def authenticate(self, request):
2022-08-20T16:35:02,112           if "Authorization" not in request.headers:
2022-08-20T16:35:02,112               return None

2022-08-20T16:35:02,113           auth = request.headers["Authorization"]
2022-08-20T16:35:02,113           try:
2022-08-20T16:35:02,114               scheme, credentials = auth.split()
2022-08-20T16:35:02,114               decoded = base64.b64decode(credentials).decode("ascii")
2022-08-20T16:35:02,114           except (ValueError, UnicodeDecodeError, binascii.Error):
2022-08-20T16:35:02,114               raise AuthenticationError("Invalid basic auth credentials")

2022-08-20T16:35:02,115           username, _, password = decoded.partition(":")
2022-08-20T16:35:02,115           return AuthCredentials(["authenticated"]), SimpleUser(username)


2022-08-20T16:35:02,116   enforcer = casbin.Enforcer('../examples/rbac_model.conf', '../examples/rbac_policy.csv')

2022-08-20T16:35:02,117   app.add_middleware(CasbinMiddleware, enforcer=enforcer)
2022-08-20T16:35:02,117   app.add_middleware(AuthenticationMiddleware, backend=BasicAuth())


2022-08-20T16:35:02,118   @app.get('/')
2022-08-20T16:35:02,118   async def index():
2022-08-20T16:35:02,118       return "If you see this, you have been authenticated."


2022-08-20T16:35:02,119   @app.get('/dataset1/protected')
2022-08-20T16:35:02,120   async def auth_test():
2022-08-20T16:35:02,120       return "You must be alice to see this."
2022-08-20T16:35:02,120   ```

2022-08-20T16:35:02,121   - anonymous request

2022-08-20T16:35:02,121   ```bash
2022-08-20T16:35:02,122   curl -i http://127.0.0.1:8000/dataset1/protected
2022-08-20T16:35:02,122   ```

2022-08-20T16:35:02,123   ```bash
2022-08-20T16:35:02,123   HTTP/1.1 403 Forbidden
2022-08-20T16:35:02,123   date: Mon, 01 Mar 2021 09:00:08 GMT
2022-08-20T16:35:02,123   server: uvicorn
2022-08-20T16:35:02,124   content-length: 11
2022-08-20T16:35:02,124   content-type: application/json

2022-08-20T16:35:02,125   "Forbidden"
2022-08-20T16:35:02,125   ```

2022-08-20T16:35:02,125   - authenticated request

2022-08-20T16:35:02,126   ```bash
2022-08-20T16:35:02,126   curl -i -u alice:password http://127.0.0.1:8000/dataset1/protected
2022-08-20T16:35:02,126   ```

2022-08-20T16:35:02,127   ```bash
2022-08-20T16:35:02,127   HTTP/1.1 200 OK
2022-08-20T16:35:02,128   date: Mon, 01 Mar 2021 09:04:54 GMT
2022-08-20T16:35:02,128   server: uvicorn
2022-08-20T16:35:02,128   content-length: 32
2022-08-20T16:35:02,129   content-type: application/json

2022-08-20T16:35:02,129   "You must be alice to see this."
2022-08-20T16:35:02,129   ```

2022-08-20T16:35:02,130   It used the casbin config from `examples` folder, and you can find this demo in `demo` folder.

2022-08-20T16:35:02,130   You can also view the unit tests to understand this middleware.

2022-08-20T16:35:02,131   Besides, there is another example for `CasbinMiddleware` which is designed to work with JWT authentication. You can find
2022-08-20T16:35:02,131   it in `demo/jwt_test.py`.

2022-08-20T16:35:02,132   ## Development

2022-08-20T16:35:02,132   ### Run unit tests

2022-08-20T16:35:02,133   1. Fork/Clone repository
2022-08-20T16:35:02,133   2. Install fastapi-authz dependencies, and run `pytest`

2022-08-20T16:35:02,134   ```bash
2022-08-20T16:35:02,134   pip install -r dev_requirements.txt
2022-08-20T16:35:02,134   pip install -r requirements.txt
2022-08-20T16:35:02,135   pytest
2022-08-20T16:35:02,135   ```

2022-08-20T16:35:02,136   ### Update requirements with pip-tools

2022-08-20T16:35:02,136   ```bash
2022-08-20T16:35:02,137   # update requirements.txt
2022-08-20T16:35:02,137   pip-compile --no-annotate --no-header --rebuild requirements.in
2022-08-20T16:35:02,137   # sync venv
2022-08-20T16:35:02,137   pip-sync
2022-08-20T16:35:02,138   ```

2022-08-20T16:35:02,138   ### Manually Bump Version

2022-08-20T16:35:02,139   ```
2022-08-20T16:35:02,139   bumpversion major  # major release
2022-08-20T16:35:02,140   or
2022-08-20T16:35:02,140   bumpversion minor  # minor release
2022-08-20T16:35:02,140   or
2022-08-20T16:35:02,140   bumpversion patch  # hotfix release
2022-08-20T16:35:02,141   ```

2022-08-20T16:35:02,141   ## Documentation

2022-08-20T16:35:02,142   The authorization determines a request based on ``{subject, object, action}``, which means what ``subject`` can perform
2022-08-20T16:35:02,142   what ``action`` on what ``object``. In this plugin, the meanings are:

2022-08-20T16:35:02,143   1. ``subject``: the logged-in user name
2022-08-20T16:35:02,143   2. ``object``: the URL path for the web resource like `dataset1/item1`
2022-08-20T16:35:02,144   3. ``action``: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like "read-file", "
2022-08-20T16:35:02,144      write-blog" (currently no official support in this middleware)

2022-08-20T16:35:02,145   For how to write authorization policy and other details, please refer
2022-08-20T16:35:02,145   to [the Casbin's documentation](https://casbin.org).

2022-08-20T16:35:02,145   ## Getting Help

2022-08-20T16:35:02,146   - [Casbin](https://casbin.org)

2022-08-20T16:35:02,147   ## License

2022-08-20T16:35:02,147   This project is under Apache 2.0 License. See the [LICENSE](LICENSE) file for the full license text.

2022-08-20T16:35:07,157   running bdist_wheel
2022-08-20T16:35:07,837   running build
2022-08-20T16:35:07,838   running build_py
2022-08-20T16:35:08,569   creating build
2022-08-20T16:35:08,570   creating build/lib
2022-08-20T16:35:08,571   creating build/lib/fastapi_authz
2022-08-20T16:35:08,573   copying fastapi_authz/__init__.py -> build/lib/fastapi_authz
2022-08-20T16:35:08,577   copying fastapi_authz/middleware.py -> build/lib/fastapi_authz
2022-08-20T16:35:08,580   running egg_info
2022-08-20T16:35:10,060   writing fastapi_authz.egg-info/PKG-INFO
2022-08-20T16:35:10,654   writing dependency_links to fastapi_authz.egg-info/dependency_links.txt
2022-08-20T16:35:13,613   writing requirements to fastapi_authz.egg-info/requires.txt
2022-08-20T16:35:14,209   writing top-level names to fastapi_authz.egg-info/top_level.txt
2022-08-20T16:35:14,353   reading manifest file 'fastapi_authz.egg-info/SOURCES.txt'
2022-08-20T16:35:14,357   adding license file 'LICENSE'
2022-08-20T16:35:14,361   writing manifest file 'fastapi_authz.egg-info/SOURCES.txt'
2022-08-20T16:35:15,102   /usr/local/lib/python3.7/dist-packages/setuptools/command/install.py:37: SetuptoolsDeprecationWarning: setup.py install is deprecated. Use build and pip and other standards-based tools.
2022-08-20T16:35:15,103     setuptools.SetuptoolsDeprecationWarning,
2022-08-20T16:35:15,837   installing to build/bdist.linux-armv7l/wheel
2022-08-20T16:35:15,838   running install
2022-08-20T16:35:15,898   running install_lib
2022-08-20T16:35:16,636   creating build/bdist.linux-armv7l
2022-08-20T16:35:16,636   creating build/bdist.linux-armv7l/wheel
2022-08-20T16:35:16,640   creating build/bdist.linux-armv7l/wheel/fastapi_authz
2022-08-20T16:35:16,641   copying build/lib/fastapi_authz/__init__.py -> build/bdist.linux-armv7l/wheel/fastapi_authz
2022-08-20T16:35:16,645   copying build/lib/fastapi_authz/middleware.py -> build/bdist.linux-armv7l/wheel/fastapi_authz
2022-08-20T16:35:16,649   running install_data
2022-08-20T16:35:16,789   creating build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.data
2022-08-20T16:35:16,789   creating build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.data/data
2022-08-20T16:35:16,790   warning: install_data: setup script did not provide a directory for 'README.md' -- installing right in 'build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.data/data'

2022-08-20T16:35:16,791   copying README.md -> build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.data/data
2022-08-20T16:35:16,795   warning: install_data: setup script did not provide a directory for 'requirements.txt' -- installing right in 'build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.data/data'

2022-08-20T16:35:16,796   copying requirements.txt -> build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.data/data
2022-08-20T16:35:16,798   running install_egg_info
2022-08-20T16:35:17,590   Copying fastapi_authz.egg-info to build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0-py3.7.egg-info
2022-08-20T16:35:17,612   running install_scripts
2022-08-20T16:35:17,754   adding license file "LICENSE" (matched pattern "LICEN[CS]E*")
2022-08-20T16:35:17,762   creating build/bdist.linux-armv7l/wheel/fastapi_authz-0.2.0.dist-info/WHEEL
2022-08-20T16:35:17,766   creating '/tmp/pip-wheel-0rtxqvfv/fastapi_authz-0.2.0-py3-none-any.whl' and adding 'build/bdist.linux-armv7l/wheel' to it
2022-08-20T16:35:17,771   adding 'fastapi_authz/__init__.py'
2022-08-20T16:35:17,773   adding 'fastapi_authz/middleware.py'
2022-08-20T16:35:17,778   adding 'fastapi_authz-0.2.0.data/data/README.md'
2022-08-20T16:35:17,780   adding 'fastapi_authz-0.2.0.data/data/requirements.txt'
2022-08-20T16:35:17,786   adding 'fastapi_authz-0.2.0.dist-info/LICENSE'
2022-08-20T16:35:17,789   adding 'fastapi_authz-0.2.0.dist-info/METADATA'
2022-08-20T16:35:17,791   adding 'fastapi_authz-0.2.0.dist-info/WHEEL'
2022-08-20T16:35:17,793   adding 'fastapi_authz-0.2.0.dist-info/top_level.txt'
2022-08-20T16:35:17,794   adding 'fastapi_authz-0.2.0.dist-info/RECORD'
2022-08-20T16:35:17,795   removing build/bdist.linux-armv7l/wheel
2022-08-20T16:35:18,042   Building wheel for fastapi-authz (setup.py): finished with status 'done'
2022-08-20T16:35:18,049   Created wheel for fastapi-authz: filename=fastapi_authz-0.2.0-py3-none-any.whl size=10787 sha256=0d6b2ce32da52710888a24358b85be62c99a3b15c17eddc0a45e7a33b18adf16
2022-08-20T16:35:18,052   Stored in directory: /tmp/pip-ephem-wheel-cache-erwxqbzr/wheels/4f/71/64/ce4a0be8f208c90a7faf64ba5ed817fc520e92dda84461e2e1
2022-08-20T16:35:18,075 Successfully built fastapi-authz
2022-08-20T16:35:18,082 Removed build tracker: '/tmp/pip-build-tracker-nd0cv_0a'