Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sub-router Authentication Capabilities #708

Open
fina-joy opened this issue Dec 4, 2023 · 2 comments · May be fixed by #901 or #1056
Open

Sub-router Authentication Capabilities #708

fina-joy opened this issue Dec 4, 2023 · 2 comments · May be fixed by #901 or #1056
Labels
enhancement New feature or request

Comments

@fina-joy
Copy link

fina-joy commented Dec 4, 2023

This feature request proposes the implementation of authentication capabilities for sub-routers in the Robyn web framework.

  • While Robyn currently supports middleware for handling authentication at the main router level, there is a growing need for more granular control, specifically at the sub-router level.
  • This would allow different authentication strategies for different sections of an application, enhancing security and flexibility.
    Currently Adding
frontend = SubRouter(__name__, prefix="/frontend")
frontend = SubRouter(__name__, prefix="/frontend",auth_required=True)

Use Case
Sub-router authentication simplifies the process of defining authentication strategies for private routes in a web application with public and private sections.

@fina-joy fina-joy added the enhancement New feature or request label Dec 4, 2023
@sansyrox
Copy link
Member

sansyrox commented Dec 4, 2023

That's a great suggestion @fina-joy 😄 I am not certain about the syntax tho.

How will you add an Auth handler here?

@fina-joy
Copy link
Author

fina-joy commented Dec 6, 2023

To implement authentication capabilities for sub-routers in the Robyn web framework, you'll want to extend the existing authentication framework to be usable at the sub-router level. The goal is to enable different authentication strategies for different sub-routers, enhancing the flexibility and security of the application.

Here's a step-by-step guide to modifying the SubRouter class and the main Robyn class to achieve this:

1. Modify the SubRouter Constructor

First, update the SubRouter class to accept an authentication handler or flag. This allows you to specify if and how each sub-router should handle authentication.

class SubRouter(Robyn):
    def __init__(self, file_object: str, prefix: str = "", config: Config = Config(), authentication_handler: Optional[AuthenticationHandler] = None) -> None:
        super().__init__(file_object, config)
        self.prefix = prefix
        self.authentication_handler = authentication_handler

2. Update Route Methods in SubRouter

Next, modify the route methods in SubRouter to consider the authentication_handler. You'll need to adjust methods like get, post, put, etc., to check if self.authentication_handler is set and apply it to the routes.

def get(self, endpoint: str, const: bool = False):
    if self.authentication_handler:
        # Add logic to apply authentication handler to the route
    return super().get(self.__add_prefix(endpoint), const)

3. Enhance add_route in Robyn Class

In the Robyn class, enhance the add_route method to handle the authentication for routes. You can do this by checking if auth_required is True and applying the appropriate authentication logic.

def add_route(self, route_type: Union[HttpMethod, str], endpoint: str, handler: Callable, is_const: bool = False, auth_required: bool = False):
    # Existing code...

    if auth_required and self.authentication_handler:
        # Apply the authentication handler to the route

4. Consider Global vs. Local Authentication Strategies

Decide how global and local (specific to sub-routers) authentication strategies will interact. For instance, if a global authentication strategy is set, should it override local strategies, or should local strategies have priority?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
2 participants