Flask-Cognito


NameFlask-Cognito JSON
Version 1.21 PyPI version JSON
download
home_pagehttps://github.com/jetbridge/flask_cognito
SummaryAuthenticate users to Cognito user pool via JWT.
upload_time2024-04-13 19:28:37
maintainerNone
docs_urlNone
authorMischa Spiegelmock
requires_pythonNone
licenseMIT
keywords flask aws cognito jwt authentication auth serverless
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            Flask-Cognito
-------------

Authenticate users based on AWS Cognito JWT.


# Initialization
```python3
# configuration
app.config.update({
    'COGNITO_REGION': 'eu-central-1',
    'COGNITO_USERPOOL_ID': 'eu-central-1c3fea2',

    # optional
    'COGNITO_APP_CLIENT_ID': 'abcdef123456',  # client ID you wish to verify user is authenticated against
    'COGNITO_CHECK_TOKEN_EXPIRATION': False,  # disable token expiration checking for testing purposes
    'COGNITO_JWT_HEADER_NAME': 'X-MyApp-Authorization',
    'COGNITO_JWT_HEADER_PREFIX': 'Bearer',
})


# initialize extension
from flask_cognito import CognitoAuth
cogauth = CognitoAuth(app)

@cogauth.identity_handler
def lookup_cognito_user(payload):
    """Look up user in our database from Cognito JWT payload."""
    return User.query.filter(User.cognito_username == payload['username']).one_or_none()
```

# Check Authentication
```python3
from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt

@route('/api/private')
@cognito_auth_required
def api_private():
    # user must have valid cognito access or ID token in header
    # (accessToken is recommended - not as much personal information contained inside as with idToken)
    return jsonify({
        'cognito_username': current_cognito_jwt['username'],   # from cognito pool
        'user_id': current_user.id,   # from your database
    })
```

# Restrict access by Cognito Group
```python3
from flask_cognito import cognito_auth_required, current_user, current_cognito_jwt

@route('/api/foo')
@cognito_auth_required
@cognito_group_permissions(['admin','developer'])
def api_private():
    # user must belongs to "admin" or "developer" groups
    return jsonify({
        'foo': "bar"
    })
```

### Acknowledgements
* Uses [cognitojwt](https://github.com/borisrozumnuk/cognitojwt) at its core.
* Based on [flask-jwt](https://github.com/mattupstate/flask-jwt/).

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/jetbridge/flask_cognito",
    "name": "Flask-Cognito",
    "maintainer": null,
    "docs_url": null,
    "requires_python": null,
    "maintainer_email": null,
    "keywords": "flask aws cognito jwt authentication auth serverless",
    "author": "Mischa Spiegelmock",
    "author_email": "mischa@mvstg.biz",
    "download_url": "https://files.pythonhosted.org/packages/21/df/4ef5d89340665d9bfe6206c263efecb1d0ac4c8b43fc8febe428292ade6f/Flask-Cognito-1.21.tar.gz",
    "platform": "any",
    "description": "Flask-Cognito\n-------------\n\nAuthenticate users based on AWS Cognito JWT.\n\n\n# Initialization\n```python3\n# configuration\napp.config.update({\n    'COGNITO_REGION': 'eu-central-1',\n    'COGNITO_USERPOOL_ID': 'eu-central-1c3fea2',\n\n    # optional\n    'COGNITO_APP_CLIENT_ID': 'abcdef123456',  # client ID you wish to verify user is authenticated against\n    'COGNITO_CHECK_TOKEN_EXPIRATION': False,  # disable token expiration checking for testing purposes\n    'COGNITO_JWT_HEADER_NAME': 'X-MyApp-Authorization',\n    'COGNITO_JWT_HEADER_PREFIX': 'Bearer',\n})\n\n\n# initialize extension\nfrom flask_cognito import CognitoAuth\ncogauth = CognitoAuth(app)\n\n@cogauth.identity_handler\ndef lookup_cognito_user(payload):\n    \"\"\"Look up user in our database from Cognito JWT payload.\"\"\"\n    return User.query.filter(User.cognito_username == payload['username']).one_or_none()\n```\n\n# Check Authentication\n```python3\nfrom flask_cognito import cognito_auth_required, current_user, current_cognito_jwt\n\n@route('/api/private')\n@cognito_auth_required\ndef api_private():\n    # user must have valid cognito access or ID token in header\n    # (accessToken is recommended - not as much personal information contained inside as with idToken)\n    return jsonify({\n        'cognito_username': current_cognito_jwt['username'],   # from cognito pool\n        'user_id': current_user.id,   # from your database\n    })\n```\n\n# Restrict access by Cognito Group\n```python3\nfrom flask_cognito import cognito_auth_required, current_user, current_cognito_jwt\n\n@route('/api/foo')\n@cognito_auth_required\n@cognito_group_permissions(['admin','developer'])\ndef api_private():\n    # user must belongs to \"admin\" or \"developer\" groups\n    return jsonify({\n        'foo': \"bar\"\n    })\n```\n\n### Acknowledgements\n* Uses [cognitojwt](https://github.com/borisrozumnuk/cognitojwt) at its core.\n* Based on [flask-jwt](https://github.com/mattupstate/flask-jwt/).\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Authenticate users to Cognito user pool via JWT.",
    "version": "1.21",
    "project_urls": {
        "Homepage": "https://github.com/jetbridge/flask_cognito"
    },
    "split_keywords": [
        "flask",
        "aws",
        "cognito",
        "jwt",
        "authentication",
        "auth",
        "serverless"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "21df4ef5d89340665d9bfe6206c263efecb1d0ac4c8b43fc8febe428292ade6f",
                "md5": "4787b136f53e9eaec80c6570dd8e5be3",
                "sha256": "8daf0a7dd8978c089a55b98e681a6ecab276d19c39828079214f6cb72a508fb5"
            },
            "downloads": -1,
            "filename": "Flask-Cognito-1.21.tar.gz",
            "has_sig": false,
            "md5_digest": "4787b136f53e9eaec80c6570dd8e5be3",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 4969,
            "upload_time": "2024-04-13T19:28:37",
            "upload_time_iso_8601": "2024-04-13T19:28:37.039887Z",
            "url": "https://files.pythonhosted.org/packages/21/df/4ef5d89340665d9bfe6206c263efecb1d0ac4c8b43fc8febe428292ade6f/Flask-Cognito-1.21.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-04-13 19:28:37",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "jetbridge",
    "github_project": "flask_cognito",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": false,
    "lcname": "flask-cognito"
}
        
Elapsed time: 1.72740s