# smartauthen
***
![GitHub top language](https://img.shields.io/github/languages/top/smartlegionlab/smartauthen)
[![PyPI - Downloads](https://img.shields.io/pypi/dm/smartauthen?label=pypi%20downloads)](https://pypi.org/project/smartauthen/)
[![GitHub release (latest by date)](https://img.shields.io/github/v/release/smartlegionlab/smartauthen)](https://github.com/smartlegionlab/smartauthen/)
[![GitHub](https://img.shields.io/github/license/smartlegionlab/smartauthen)](https://github.com/smartlegionlab/smartauthen/blob/master/LICENSE)
[![PyPI](https://img.shields.io/pypi/v/smartauthen)](https://pypi.org/project/smartauthen)
[![PyPI - Format](https://img.shields.io/pypi/format/smartauthen)](https://pypi.org/project/smartauthen)
[![GitHub Repo stars](https://img.shields.io/github/stars/smartlegionlab/smartauthen?style=social)](https://github.com/smartlegionlab/smartauthen/)
[![GitHub watchers](https://img.shields.io/github/watchers/smartlegionlab/smartauthen?style=social)](https://github.com/smartlegionlab/smartauthen/)
[![GitHub forks](https://img.shields.io/github/forks/smartlegionlab/smartauthen?style=social)](https://github.com/smartlegionlab/smartauthen/)
***
## Short description:
___smartauthen___ - Smart, simple, lightweight, secure cross-platform authentication for any application.
***
Author and developer: ___A.A. Suvorov.___
[![smartlegiondev@gmail.com](https://img.shields.io/static/v1?label=email&message=smartlegiondev@gmail.com&color=blue)](mailto:smartlegiondev@gmail.com)
***
## Supported:
- Linux: All.
- Windows: 7/8/10.
- Termux (Android).
***
## What's new?
___smartauthen v0.2.2___
***
## Description:
___smartauthen___ - Smart, simple, lightweight, secure cross-platform authentication for any application.
- Use simple yet very reliable and secure authentication in any of your applications.
- Avoid passwords when registering and authenticating in your applications. It is difficult for a user to remember passwords,
therefore, users use either short passwords or light passwords, which plays into the hands of cybercriminals.
The secret phrase is difficult to find and easy to remember. At the moment there are no rainbow tables of secret phrases,
since this is unrealistic. For example, I can use when registering as a secret
Quatrain phrases from your favorite song.
- It makes no difference to your authentication system how long the secret phrase is, in any case, you will receive only
fixed-length key as a string.
- Let your users register with an easy-to-remember secret phrase that the user
will be easy to remember, but an attacker will not be able to pick it up.
- Store only login and public key in your databases,
if your database gets compromised,
an attacker will not gain access to user accounts
and will not be able to use public keys for authentication in any way,
after all, by the public key, he will not be able to find out the secret phrase in any way.
Possibilities:
- Generation of a public key linked to a pair of login + secret phrase.
- Checking user data login + secret phrase + public key.
- Regulation of complexity in the generation of a public key.
Attention!
- The public key for the login + secret phrase pair will always be the same.
- With any change in the login or secret phrase, the key will change, therefore
if the user changes his username or passphrase, the key needs to be regenerated.
- If your system can use the same logins for registration and authentication,
use something else, unique, to generate the public key, such as a unique identifier.
- If you change the value of the `_step` attribute in the SmartAuth object, the key for the login + secret phrase pair will also change.
Always use the same value for this attribute. The higher the value of this attribute, the more secure the public key.
Usage:
- When registering, you will receive a login and a secret phrase from the user.
- Based on the data received, generate a public key for further storage, paired with a login.
If your system can use the same logins for registration and authentication,
use something else, unique, to generate the public key, such as a unique identifier.
- When authenticating a user, you are asked to enter a login and a secret phrase.
- Checking the data.
(During verification, a public key is first generated based on the received data,
compared with the stored key, and a boolean value of the key comparison is returned.)
***
## Install and Use:
### Install:
- `pip install smartauthen`
#### Use:
```python
from smartauthen import SmartAuth
smart_auth = SmartAuth()
login = 'login'
secret = 'secret'
key = smart_auth.make_key(login, secret)
# True since the login + secret phrase is correct
assert smart_auth.check(login, secret, key) # True
secret = 'secret2'
# False because the secret phrase is incorrect
assert smart_auth.check(login=login, secret=secret, key=key) # False
```
***
### Test:
For run tests:
- `pip install pytest`
- `pytest -v`
For run tests coverage:
- `pip install pytest-cov`
- `pytest --cov --cov-report=html`
***
#### Test coverage:
Coverage 100% !!!
![coverage img](https://github.com/smartlegionlab/smartauth/raw/master/data/images/smartauthen.png)
***
## Disclaimer of liability:
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
***
## Copyright:
--------------------------------------------------------
Licensed under the terms of the BSD 3-Clause License
(see LICENSE for details).
Copyright © 2018-2024, A.A. Suvorov
All rights reserved.
--------------------------------------------------------
Raw data
{
"_id": null,
"home_page": "https://github.com/smartlegionlab/smartauthen/",
"name": "smartauthen",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": null,
"keywords": "smartlegionlab, smartauthen, authentication, auth, python auth",
"author": "A.A. Suvorov",
"author_email": "smartlegiondev@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/22/39/aad1bb1eb4cff68ec36263694eb3bb6c6d76c9414cd3f318b1049b8e3669/smartauthen-0.2.2.tar.gz",
"platform": null,
"description": "# smartauthen\n\n***\n\n\n![GitHub top language](https://img.shields.io/github/languages/top/smartlegionlab/smartauthen)\n[![PyPI - Downloads](https://img.shields.io/pypi/dm/smartauthen?label=pypi%20downloads)](https://pypi.org/project/smartauthen/)\n[![GitHub release (latest by date)](https://img.shields.io/github/v/release/smartlegionlab/smartauthen)](https://github.com/smartlegionlab/smartauthen/)\n[![GitHub](https://img.shields.io/github/license/smartlegionlab/smartauthen)](https://github.com/smartlegionlab/smartauthen/blob/master/LICENSE)\n[![PyPI](https://img.shields.io/pypi/v/smartauthen)](https://pypi.org/project/smartauthen)\n[![PyPI - Format](https://img.shields.io/pypi/format/smartauthen)](https://pypi.org/project/smartauthen)\n[![GitHub Repo stars](https://img.shields.io/github/stars/smartlegionlab/smartauthen?style=social)](https://github.com/smartlegionlab/smartauthen/)\n[![GitHub watchers](https://img.shields.io/github/watchers/smartlegionlab/smartauthen?style=social)](https://github.com/smartlegionlab/smartauthen/)\n[![GitHub forks](https://img.shields.io/github/forks/smartlegionlab/smartauthen?style=social)](https://github.com/smartlegionlab/smartauthen/)\n\n***\n\n## Short description:\n\n___smartauthen___ - Smart, simple, lightweight, secure cross-platform authentication for any application.\n\n***\n\nAuthor and developer: ___A.A. Suvorov.___\n\n[![smartlegiondev@gmail.com](https://img.shields.io/static/v1?label=email&message=smartlegiondev@gmail.com&color=blue)](mailto:smartlegiondev@gmail.com)\n\n***\n\n## Supported:\n\n- Linux: All.\n- Windows: 7/8/10.\n- Termux (Android).\n\n***\n\n## What's new?\n\n___smartauthen v0.2.2___\n\n***\n\n## Description:\n\n___smartauthen___ - Smart, simple, lightweight, secure cross-platform authentication for any application.\n\n- Use simple yet very reliable and secure authentication in any of your applications. \n- Avoid passwords when registering and authenticating in your applications. It is difficult for a user to remember passwords,\ntherefore, users use either short passwords or light passwords, which plays into the hands of cybercriminals.\nThe secret phrase is difficult to find and easy to remember. At the moment there are no rainbow tables of secret phrases,\nsince this is unrealistic. For example, I can use when registering as a secret\nQuatrain phrases from your favorite song. \n- It makes no difference to your authentication system how long the secret phrase is, in any case, you will receive only\nfixed-length key as a string. \n- Let your users register with an easy-to-remember secret phrase that the user\nwill be easy to remember, but an attacker will not be able to pick it up. \n- Store only login and public key in your databases,\nif your database gets compromised,\nan attacker will not gain access to user accounts\nand will not be able to use public keys for authentication in any way,\nafter all, by the public key, he will not be able to find out the secret phrase in any way. \n\nPossibilities: \n\n- Generation of a public key linked to a pair of login + secret phrase. \n- Checking user data login + secret phrase + public key.\n- Regulation of complexity in the generation of a public key.\n\nAttention! \n\n- The public key for the login + secret phrase pair will always be the same.\n- With any change in the login or secret phrase, the key will change, therefore\nif the user changes his username or passphrase, the key needs to be regenerated.\n- If your system can use the same logins for registration and authentication,\nuse something else, unique, to generate the public key, such as a unique identifier.\n- If you change the value of the `_step` attribute in the SmartAuth object, the key for the login + secret phrase pair will also change. \nAlways use the same value for this attribute. The higher the value of this attribute, the more secure the public key. \n\n\nUsage:\n\n- When registering, you will receive a login and a secret phrase from the user.\n- Based on the data received, generate a public key for further storage, paired with a login.\nIf your system can use the same logins for registration and authentication,\nuse something else, unique, to generate the public key, such as a unique identifier. \n- When authenticating a user, you are asked to enter a login and a secret phrase.\n- Checking the data. \n(During verification, a public key is first generated based on the received data, \ncompared with the stored key, and a boolean value of the key comparison is returned.) \n\n***\n\n## Install and Use:\n\n### Install:\n\n- `pip install smartauthen`\n\n#### Use:\n\n```python\nfrom smartauthen import SmartAuth\n\nsmart_auth = SmartAuth()\n\nlogin = 'login'\nsecret = 'secret'\n\nkey = smart_auth.make_key(login, secret)\n\n# True since the login + secret phrase is correct\nassert smart_auth.check(login, secret, key) # True\n\nsecret = 'secret2'\n\n# False because the secret phrase is incorrect\nassert smart_auth.check(login=login, secret=secret, key=key) # False\n\n```\n\n***\n\n### Test:\nFor run tests:\n\n- `pip install pytest`\n- `pytest -v`\n\nFor run tests coverage:\n\n- `pip install pytest-cov`\n- `pytest --cov --cov-report=html`\n\n***\n\n#### Test coverage:\n\nCoverage 100% !!!\n\n![coverage img](https://github.com/smartlegionlab/smartauth/raw/master/data/images/smartauthen.png)\n\n\n***\n\n## Disclaimer of liability:\n\n THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\"\n AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE\n IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\n DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE\n FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL\n DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR\n SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER\n CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,\n OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n\n***\n\n## Copyright:\n --------------------------------------------------------\n Licensed under the terms of the BSD 3-Clause License\n (see LICENSE for details).\n Copyright \u00a9 2018-2024, A.A. Suvorov\n All rights reserved.\n --------------------------------------------------------\n",
"bugtrack_url": null,
"license": "BSD 3-Clause License",
"summary": "Smart, simple, lightweight, secure cross-platform authentication for any application.",
"version": "0.2.2",
"project_urls": {
"Documentation": "https://github.com/smartlegionlab/smartauthen/blob/master/README.md",
"Homepage": "https://github.com/smartlegionlab/smartauthen/",
"Release notes": "https://github.com/smartlegionlab/smartauthen/releases"
},
"split_keywords": [
"smartlegionlab",
" smartauthen",
" authentication",
" auth",
" python auth"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "6ff7859209987f1b313c3c861f26d61e8ec24dfaa8898f3768609d7af9442ace",
"md5": "a4c0907ed27e50f49e0671316220fcd2",
"sha256": "9252965989edbac343db861a64483875a2c83cf22966d43e9bf7757c49887a5f"
},
"downloads": -1,
"filename": "smartauthen-0.2.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "a4c0907ed27e50f49e0671316220fcd2",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 5999,
"upload_time": "2024-06-16T08:53:48",
"upload_time_iso_8601": "2024-06-16T08:53:48.954273Z",
"url": "https://files.pythonhosted.org/packages/6f/f7/859209987f1b313c3c861f26d61e8ec24dfaa8898f3768609d7af9442ace/smartauthen-0.2.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "2239aad1bb1eb4cff68ec36263694eb3bb6c6d76c9414cd3f318b1049b8e3669",
"md5": "cc60e937a2f9d71fcb0b3d0adad2d508",
"sha256": "f89e909be7487b02a0cef47a45448ad56a735e4580788ec6c1b8da79d48ed98f"
},
"downloads": -1,
"filename": "smartauthen-0.2.2.tar.gz",
"has_sig": false,
"md5_digest": "cc60e937a2f9d71fcb0b3d0adad2d508",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 5592,
"upload_time": "2024-06-16T08:53:50",
"upload_time_iso_8601": "2024-06-16T08:53:50.897429Z",
"url": "https://files.pythonhosted.org/packages/22/39/aad1bb1eb4cff68ec36263694eb3bb6c6d76c9414cd3f318b1049b8e3669/smartauthen-0.2.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-06-16 08:53:50",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "smartlegionlab",
"github_project": "smartauthen",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"requirements": [],
"tox": true,
"lcname": "smartauthen"
}