Middleware
- class falcon_auth2.AuthMiddleware(backend: falcon_auth2.backends.base.AuthBackend, *, exempt_templates: Iterable[str] = (), exempt_methods: Iterable[str] = ('OPTIONS',), context_attr: str = 'auth')[source]
Falcon middleware that can be used to authenticate a request.
The authentication backend returns an authenticated user which is then set by default in
request.context.auth["user"]
. In case of errorsfalcon.HTTPUnauthorized
is raised. In addition to the"user"
, the authenticating backend is returned in the"backend"
key. A backend may also store additional information in this dict.This middleware supports a global authentication configuration using provided
AuthBackend
, as well as per resource configuration. To override the authentication configuration a resource can specify an optionalauth
attribute the override properties. Theauth
attribute is a dict that can specify the keys:auth_disabled
boolean.True
disables the authentication on the resource.exempt_methods
iterable that overrides the globalexempt_methods
for the resource.backend
backend instace that overrides the globally configured backend used to handle the authentication of the request.
- Parameters
backend (AuthBackend) – The default auth backend to be used to authenticate requests. A resource can override this value by providing a
backend
key in itsauth
attribute- Keyword Arguments
exempt_templates (Iterable[str], optional) – A list of paths templates to be excluded from the authentication. This value cannot be overridden by a resource. Defaults to
()
.exempt_methods (Iterable[str], optional) – A list of http methods to be excluded from the authentication. A resource can override this value by providing a
exempt_methods
key in itsauth
attribute. Defaults to("OPTIONS",)
.context_attr (str, optional) – The attribute of the
req.context
object that will store the authentication information after a successful precessing. Defaults to"auth"
.
- process_resource(req: falcon.request.Request, resp: falcon.response.Response, resource: Any, params: dict)[source]
Called by falcon when processing a resource.
It will obtain the configuration to use on the resource and, if required, call the provided backend to authenticate the request.
- async process_resource_async(req: falcon.request.Request, resp: falcon.response.Response, resource: Any, params: dict)[source]
Called by async falcon when processing a resource.
It will obtain the configuration to use on the resource and, if required, call the provided backend to authenticate the request.