Middleware

class falcon_auth2.AuthMiddleware(backend: falcon_auth2.backends.base.AuthBackend, *, exempt_templates: Iterable[str] = (), exempt_methods: Iterable[str] = ('OPTIONS',), context_attr: str = 'auth')[source]

Falcon middleware that can be used to authenticate a request.

The authentication backend returns an authenticated user which is then set by default in request.context.auth["user"]. In case of errors falcon.HTTPUnauthorized is raised. In addition to the "user", the authenticating backend is returned in the "backend" key. A backend may also store additional information in this dict.

This middleware supports a global authentication configuration using provided AuthBackend, as well as per resource configuration. To override the authentication configuration a resource can specify an optional auth attribute the override properties. The auth attribute is a dict that can specify the keys:

  • auth_disabled boolean. True disables the authentication on the resource.

  • exempt_methods iterable that overrides the global exempt_methods for the resource.

  • backend backend instace that overrides the globally configured backend used to handle the authentication of the request.

Parameters

backend (AuthBackend) – The default auth backend to be used to authenticate requests. A resource can override this value by providing a backend key in its auth attribute

Keyword Arguments

  • exempt_templates (Iterable[str], optional) – A list of paths templates to be excluded from the authentication. This value cannot be overridden by a resource. Defaults to ().

  • exempt_methods (Iterable[str], optional) – A list of http methods to be excluded from the authentication. A resource can override this value by providing a exempt_methods key in its auth attribute. Defaults to ("OPTIONS",).

  • context_attr (str, optional) – The attribute of the req.context object that will store the authentication information after a successful precessing. Defaults to "auth".

process_resource(req: falcon.request.Request, resp: falcon.response.Response, resource: Any, params: dict)[source]

Called by falcon when processing a resource.

It will obtain the configuration to use on the resource and, if required, call the provided backend to authenticate the request.

async process_resource_async(req: falcon.request.Request, resp: falcon.response.Response, resource: Any, params: dict)[source]

Called by async falcon when processing a resource.

It will obtain the configuration to use on the resource and, if required, call the provided backend to authenticate the request.