After Creating a basic version of the app, Batman wanted to restrict the access to the Gotham Police Department. So, he enquired about the Authentication functionalities in Robyn.
Authenticaion
As Batman found out, Robyn provides an easy way to add an authentication middleware to your application. You can then specify auth_required=True
in your routes to make them accessible only to authenticated users.
Request
@app.get("/auth", auth_required=True)
async def auth(request: Request):
# This route method will only be executed if the user is authenticated
# Otherwise, a 401 response will be returned
return "Hello, world"
To add an authentication middleware, you can use the configure_authentication
method. This method requires an AuthenticationHandler
object as an argument. This object specifies how to authenticate a user, and uses a TokenGetter
object to retrieve the token from the request. Robyn does currently provide a BearerGetter
class that gets the token from the Authorization
header, using the Bearer
scheme. Here is an example of a basic authentication handler:
Request
class BasicAuthHandler(AuthenticationHandler):
def authenticate(self, request: Request) -> Optional[Identity]:
token = self.token_getter.get_token(request)
if token == "valid":
return Identity(claims={})
return None
app.configure_authentication(BasicAuthHandler(token_getter=BearerGetter()))
The authenticate method should return an Identity
object if the user is authenticated, or None
otherwise. The Identity object can contain any data you want, and will be accessible in the route methods using the request.identity
attribute.
Note: that this authentication system is basically only using a before request
middleware under the hood. This means you can overlook it and create your own authentication system using middlewares if you want to. However, Robyn still provide this easy to implement solution that should suit most use cases.
What's next?
Now, that Batman has learned about authentication, he wanted to know about certain optimization techniques that he could use to make his application faster. He found out about the following features