orthauth user guide

An example auth-config.yaml file. The content of the auth config file should be static information or sane defaults that should be available regardless of any user configuration. Values defined in this file should rarely change, especially since auth variables are referred to directly in source code.

config-search-paths:
  - user-config.yaml
auth-variables:
  service-api-key:
    environment-variables: SERVICE_API_KEY
  service-port:
    environment-variables: SERVICE_PORT
    default: 808080
  service-host:
    environment-variables: SERVICE_HOST
    default: localhost

An example user-config.yaml file whose name and location is defined by auth-config.yaml. The user config provides a level of indirection between the static names of auth variables that are used in the code and their value and the location where they are stored or managed.

auth-stores:
  secrets:
    path: secrets.yaml
auth-variables:
  service-api-key:
    path: service specific-user
  service-host: 0.0.0.0
  service-port: 80

An example secrets.yaml file whose location is specified by user-config.yaml.

service:
  specific-user: oh look an api key!

Include the following in config.py, utils.py, or similar.

import pathlib
import orthauth as oa
auth = oa.configure(pathlib.Path(__file__).parent / 'auth-config.yaml')
has_api_key = auth.tangential('api_key', 'service-api-key')

Use the decorator to inject the value into the class.

from config import auth, has_api_key

@has_api_key(atInit=True)
class MyClassThatMakesApiCalls:
    def leak_api_key(self):
        print(f'exfiltrating ... {self.api_key!r}')

instance = MyClassThatMakesApiCalls()
instance.leak_api_key()

Add the environment variables to your user config and ask the maintainer to add some in the next version. In the mean time if you need to test using the variables install a user config with only the variables you need to add. This allows development to continue as if upstream already provided them, and prevents having to make other changes in the future.