Skip to content

Commit

Permalink
Initial files
Browse files Browse the repository at this point in the history
  • Loading branch information
vmesel committed May 26, 2024
0 parents commit cb4f381
Show file tree
Hide file tree
Showing 6 changed files with 297 additions and 0 deletions.
39 changes: 39 additions & 0 deletions .github/workflows/pypi.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: Publish
on:
push:
tags:
- '*'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- uses: actions/setup-python@v3
with:
python-version: 3.11

- run: |
pip install poetry
poetry build
- uses: actions/upload-artifact@v3
with:
path: ./dist

pypi-publish:
needs: ['build']
environment: 'publish'

name: upload release to PyPI
runs-on: ubuntu-latest
permissions:
# IMPORTANT: this permission is mandatory for trusted publishing
id-token: write
steps:
- uses: actions/download-artifact@v3

- name: Publish package distributions to PyPI
uses: pypa/gh-action-pypi-publish@release/v1
with:
packages_dir: artifact/
177 changes: 177 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,177 @@
# Created by https://www.toptal.com/developers/gitignore/api/python
# Edit at https://www.toptal.com/developers/gitignore?templates=python

### Python ###
# Byte-compiled / optimized / DLL files
__pycache__/
*.py[cod]
*$py.class

# C extensions
*.so

# Distribution / packaging
.Python
build/
develop-eggs/
dist/
downloads/
eggs/
.eggs/
lib/
lib64/
parts/
sdist/
var/
wheels/
share/python-wheels/
*.egg-info/
.installed.cfg
*.egg
MANIFEST

# PyInstaller
# Usually these files are written by a python script from a template
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec

# Installer logs
pip-log.txt
pip-delete-this-directory.txt

# Unit test / coverage reports
htmlcov/
.tox/
.nox/
.coverage
.coverage.*
.cache
nosetests.xml
coverage.xml
*.cover
*.py,cover
.hypothesis/
.pytest_cache/
cover/

# Translations
*.mo
*.pot

# Django stuff:
*.log
local_settings.py
db.sqlite3
db.sqlite3-journal

# Flask stuff:
instance/
.webassets-cache

# Scrapy stuff:
.scrapy

# Sphinx documentation
docs/_build/

# PyBuilder
.pybuilder/
target/

# Jupyter Notebook
.ipynb_checkpoints

# IPython
profile_default/
ipython_config.py

# pyenv
# For a library or package, you might want to ignore these files since the code is
# intended to run in multiple environments; otherwise, check them in:
# .python-version

# pipenv
# According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
# However, in case of collaboration, if having platform-specific dependencies or dependencies
# having no cross-platform support, pipenv may install dependencies that don't work, or not
# install all needed dependencies.
#Pipfile.lock

# poetry
# Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
# This is especially recommended for binary packages to ensure reproducibility, and is more
# commonly ignored for libraries.
# https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
#poetry.lock

# pdm
# Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
#pdm.lock
# pdm stores project-wide configurations in .pdm.toml, but it is recommended to not include it
# in version control.
# https://pdm.fming.dev/#use-with-ide
.pdm.toml

# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
__pypackages__/

# Celery stuff
celerybeat-schedule
celerybeat.pid

# SageMath parsed files
*.sage.py

# Environments
.env
.venv
env/
venv/
ENV/
env.bak/
venv.bak/

# Spyder project settings
.spyderproject
.spyproject

# Rope project settings
.ropeproject

# mkdocs documentation
/site

# mypy
.mypy_cache/
.dmypy.json
dmypy.json

# Pyre type checker
.pyre/

# pytype static type analyzer
.pytype/

# Cython debug symbols
cython_debug/

# PyCharm
# JetBrains specific template is maintained in a separate JetBrains.gitignore that can
# be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
# and can be added to the global gitignore or merged into this file. For a more nuclear
# option (not recommended) you can uncomment the following to ignore the entire idea folder.
#.idea/

### Python Patch ###
# Poetry local configuration file - https://python-poetry.org/docs/configuration/#local-configuration
poetry.toml

# ruff
.ruff_cache/

# LSP config files
pyrightconfig.json

# End of https://www.toptal.com/developers/gitignore/api/python
n
33 changes: 33 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
# FastSupabased ACL

This is a simple ACL (Access Control List) implementation for Supabase. It is based on the [FastAPI](https://fastapi.tiangolo.com/) framework.

## Installation

```bash
pip install fastsupabased-acl
```

## Usage

Set the environment variables `SUPABASE_URL` and `SUPABASE_KEY` to your Supabase URL and key.

```bash
export SUPABASE_URL=https://your-supabase-url.com
export SUPABASE_KEY=your-supabase-key
```

Then, on your source code:

```python
from fastapi import FastAPI, Depends
from fastsupabased_acl import FastSupabasedACL

app = FastAPI()

authenticated_acl = FastSupabasedACL(role=["authenticated"])

@app.get("/test", dependencies=[Depends(authenticated_acl)]
def simple_authenticated_route():
return {"message": "Hello, authenticated user!"}
```
1 change: 1 addition & 0 deletions fast_supabased_acl/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
from main import *
31 changes: 31 additions & 0 deletions fast_supabased_acl/main.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
import os
from typing import Annotated, List
from supabase import create_client, Client
from gotrue.errors import AuthApiError
from fastapi import Depends, HTTPException, Header

url: str = os.environ.get("SUPABASE_URL")
key: str = os.environ.get("SUPABASE_KEY")
supabase: Client = create_client(url, key)

async def token_auth(token: str):
if not token:
raise HTTPException(status_code=400, detail="Token header required")

try:
user = supabase.auth.get_user(token)
except AuthApiError as e:
raise HTTPException(status_code=401, detail="Invalid token")

return user


class FastSupabasedACL:
def __init__(self, role: List[str] = ["authenticated"]):
self.role = role

def __call__(self, user = Depends(token_auth)):
if self.role != user.user.role:
raise HTTPException(status_code=403, detail="Unauthorized")

return user
16 changes: 16 additions & 0 deletions pyproject.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
[tool.poetry]
name = "fastsupabased-acl"
version = "0.1.0"
description = "FastAPI Dependency for Supabase-based ACL using Supabase Roles"
authors = ["Vinicius Mesel <4984147+vmesel@users.noreply.github.com>"]
readme = "README.md"

[tool.poetry.dependencies]
python = "^3.11"
supabase = "^2.4.6"
fastapi = "^0.111.0"


[build-system]
requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api"

0 comments on commit cb4f381

Please sign in to comment.