Metadata-Version: 2.1
Name: macrostrat.auth_system
Version: 0.1.0
Summary: Authentication system for Macrostrat and related apps
Author: Daven Quinn
Author-email: code@davenquinn.com
Requires-Python: >=3.9,<4.0
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Requires-Dist: PyJWT (>=1.7.1,<3.0)
Requires-Dist: bcrypt (>=4.1.1,<5.0.0)
Requires-Dist: fastapi (>=0.104.0,<0.105.0)
Requires-Dist: macrostrat.database (>=3.3.1,<4.0.0)
Requires-Dist: macrostrat.utils (>=1.2.0,<2.0.0)
Requires-Dist: python-jose[cryptography] (>=3.3.0,<4.0.0)
Requires-Dist: starlette (>=0.27.0,<0.28.0)
Requires-Dist: werkzeug (>=2.3.7,<4.0)
Description-Content-Type: text/markdown

# Macrostrat authentication system

This module contains tools to manipulate Macrostrat's user authentication
system. It is divided into two submodules:

- `macrostrat.auth_system.legacy`: A JWT-based authentication system relying on
  local storage of hashed passwords. This system was created as part
  of [Sparrow](https://sparrow-data.org) and is being phased out in favor of a
  more modern system based on ORCID.
- `macrostrat.auth_system.oauth`: An ORCID-based user
  authentication system. This system will become the primary authentication
  system for
  Macrostrat.

We plan to gradually converge the functionality of both versions while phasing
out the legacy system.

## Key planned functionality

- Allow many Macrostrat-hosted services to easily integrate with Macrostrat's
  login and token flow
- Allow APIs to easily validate user credentials and tokens with minimum
  overhead
- Allow access to be checked in multiple ways:
  - Cookies and headers
  - Limited-time JWT tokens and long-duration, cancelable API tokens
  - Verify against Macrostrat "user group" or application-specific criteria (
    e.g., a list of authorized ORCID IDs)


