#Eve-TokenAuth
Eve-TokenAuth is a way to add an auth layer on top of your existing eve app.
It is meant to be compatible with the awesome Satellizer project:
It follows this example: Satellizer Python Server Example
To run the example, you will need to have a mongodb setup and change the settings.py to reflect your mongo server's settings. A default.settings.py file is included.
It may require creating a user for the db as well:
db.addUser( { user: "user", pwd: "user", roles: [ "readWrite" ] } )
The tests currently setup a db according to the settings in testsettings.py. You will need to have a mongo server running to run the tests.
This needs better docs. The gist is you:
-
Wrap your Eve with the Eve-TokenAuth Constructor:
apiapp = Eve() evewta = EveWithTokenAuth(apiapp)
This will create an accounts and a token endpoint.
-
Add Authentication to your Resource Configuration
from eve_tokenauth.auth.token import TokenAuthentication ... books = { 'authentication': TokenAuthentication(), ... }
-
Launch your app
-
Register an account
curl -X POST -H "Content-Type: application/json" -d '{ "first_name"="Navin R.", "last_name"="Johnson", "email"="[email protected]", "password"="password", "is_email_confirmed"=true }' http://localhost:5000/api/v1/accounts
-
Get a token with that account
curl -X GET -H "Content-Type: application/json" -u "[email protected]:password" http://localhost:5000/api/v1/tokens
-
Use that token to hit your endpoint
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer TokenTokenTokenTokenToken..." http://localhost:5000/api/v1/books
- Rate Limit / Secure Registration Endpoint
- Store OAuth properly
- Document lol