Sanic-Auth - Simple Authentication for Sanic

pyx, updated 🕥 2022-01-22 14:51:50

============================================ Sanic-Auth - Simple Authentication for Sanic ============================================

Sanic-Auth implements a minimal backend agnostic session-based user authentication mechanism for Sanic_.

.. _Sanic:

Quick Start


.. code-block:: sh

pip install --upgrade Sanic-Auth

How to use it

.. code-block:: python

from sanic_auth import Auth from sanic import Sanic, response

app = Sanic(name) app.config.AUTH_LOGIN_ENDPOINT = 'login'

@app.middleware('request') async def add_session_to_request(request): # setup session

auth = Auth(app)

@app.route('/login', methods=['GET', 'POST']) async def login(request): message = '' if request.method == 'POST': username = request.form.get('username') password = request.form.get('password') # fetch user from database user = some_datastore.get(name=username) if user and user.check_password(password): auth.login_user(request, user) return response.redirect('/profile') return response.html(HTML_LOGIN_FORM)

@app.route('/logout') @auth.login_required async def logout(request): auth.logout_user(request) return response.redirect('/login')

@app.route('/profile') @auth.login_required(user_keyword='user') async def profile(request, user): return response.json({'user': user})

For more details, please see documentation.


BSD New, see LICENSE for details.


  • Documentation <>_

  • Issue Tracker <>_

  • Source Package @ PyPI <>_

  • Git Repository @ Github <>_

  • Git Repository @ Gitlab <>_

  • Development Version <>_


AttributeError: 'list' object has no attribute 'ctx'

opened on 2022-04-25 13:00:17 by beliboba

[2022-04-25 15:58:52 +0300] [8448] [ERROR] Exception occurred while handling uri: '' Traceback (most recent call last): File "handle_request", line 83, in handle_request ) File "C:\Users\Beliboba\PycharmProjects\beliboba\", line 64, in login auth.login_user(request, user=user) File "C:\Users\Beliboba\PycharmProjects\beliboba\venv\lib\site-packages\", line 47, in login_user self.get_session(request)[self.auth_session_key] = self.serialize(user) File "C:\Users\Beliboba\PycharmProjects\beliboba\venv\lib\site-packages\", line 143, in get_session return request.ctx.session AttributeError: 'list' object has no attribute 'ctx'

one client login, every client login. Is this the expected effect of examples?

opened on 2022-01-21 14:35:43 by yurenchen000

1. test case

I use this examples: - ./examples/ // also tried another demo ./examples/blueprint/

2. operation result

one browser ( chrome ) logged in,

then visit '/', found all other clients (firefox or curl) was loged in.

```bash $ curl -sv 'http://localhost:8004' * Connected to localhost ( port 8004 (#0)

GET / HTTP/1.1 Host: localhost:8004 User-Agent: curl/7.68.0 Accept: /

  • Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < Content-Length: 48 < Content-Type: text/html; charset=utf-8 < Connection: keep-alive < Keep-Alive: 5 <
  • Connection #0 to host localhost left intact Logout

    Welcome, demo


Is this the expected effect? Am I miss some thing?

3. versions

tested on ubuntu 20.04 - sanic 20.12.3 + python3.8 - sanic 21.6.2 + python3.9

with - Sanic-Auth 0.3.0

What is the role of user_keyword?

opened on 2019-05-19 13:06:15 by skinhc

I haven't read the role of "user_keyword" for a long time.Can you help me with your answer?

Persist auth tokens after server restart?

opened on 2019-02-22 22:07:35 by mflaxman

Is this easy to do with sanic-auth? The only examples I'm seeing are in-memory dictionaries that get blasted on server restart.


User model not so agnostic...

opened on 2018-10-24 03:07:10 by chromakey-io

The json mechanism you use right now is failing when the objects are BSON encoded python objects from MongoDB.

Ultimately it seems like Pickle would be a better solution and remove any issues with use-cases ...

On top of that it would be great if the entire user object was available on the session, sanic-auth didn't look for specific field names, and went about this in a more generic way since we can't always assume people can or will code their DB/User models to match.


-k. noah

sanic authentication