Refs #75: move JWTProcessor to starlette_web.common

docs/common/authorization_permissions.md

@@ -1,6 +1,7 @@
-## Authorization and permissions
+## Authentication and permissions
 
-`starlette_web.common` contains definitions for base user, authentication backend and permission class.
+`starlette_web.common.authorization` contains definitions for base user, 
+authentication backend and permission classes.
 
 **BaseUserMixin** is designed to fit any model, that can represent a user.
 It does not define database methods and does not inherit SQLAlchemy orm `declarative_base`.
@@ -9,7 +10,7 @@ An **AnonymousUser** is a special version of `BaseUserMixin`, that always return
 **Authentication backend** accepts HttpConnection instance (Request/Websocket) 
 and returns an instance of user or an AnonymousUser. 
 It also seeds request scope with user instance. 
-It is a shallow copy of authentication backend from DRF. 
+It is a shallow copy of authentication backend from Django Rest Framework. 
 As to the latest version of starlette_web, you may only set a single backend on an endpoint.
 
 **Permission class** accepts request and determines, whether user have respective permissions.
@@ -22,6 +23,23 @@ and you may combine them with boolean operations in the same way, as in DRF.
 - By default, any endpoint has `NoAuthenticationBackend` and empty list of permission classes.
 - Authentication backends and permission classes work the same for BaseHttpEndpoint and BaseWSEndpoint alike.
 
+### JWT utils
+
+`encode_jwt` and `decode_jwt` (implemented with `PyJWT`) are provided in `starlette_web.common.authorization`.  
+
+Syntax:  
+- `encode_jwt(payload: dict, expires_in: int, **kwargs) -> str`
+- `decode_jwt(token: str, **kwargs) -> dict`  
+
+Default encoding algorithm is set as `settings.AUTH_JWT_ALGORITHM`.
+
+### Contrib auth module
+
+`starlette_web.contrib.auth` module provides additional 
+utilities, endpoints and models for authorization and authentication.
+
+*TODO: refactoring of starlette_web.contrib.auth is planned* 
+
 ### Examples
 
 See `starlette_web.contrib.auth` and `starlette_web.tests.api.test_auth` for examples of usage.

docs/howto/README.md

@@ -11,7 +11,6 @@ pip install starlette-web[all]
 starlette-web has a lot of extra dependencies, most of which correspond to contrib modules:
 - apispec
 - admin
-- auth
 - mqtt
 - postgres
 - redis

pyproject.toml

@@ -39,6 +39,7 @@ dependencies = [
     "filelock>=3.13.1,<3.14",
     "marshmallow>=3.20.1,<3.21",
     "chardet>=5.2.0,<5.3",
+    "PyJWT[crypto]>=2.8,<2.9",
 ]
 
 [project.urls]
@@ -58,7 +59,6 @@ apispec = [
     "openapi-spec-validator>=0.7.1,<0.8",
 ]
 admin = ["starlette-admin>=0.11.2,<0.12"]
-auth = ["PyJWT[crypto]>=2.8,<2.9"]
 mqtt = ["gmqtt>=0.6.13,<0.7"]
 postgres = ["asyncpg>=0.29,<0.30"]
 redis = ["redis>=5.0.1,<5.1"]

starlette_web/common/authorization/__init__.py

@@ -0,0 +1,3 @@
+# flake8: noqa
+
+from starlette_web.common.authorization.jwt_utils import encode_jwt, decode_jwt

starlette_web/contrib/auth/jwt_utils.py → starlette_web/common/authorization/jwt_utils.py

@@ -5,6 +5,8 @@
 
 import jwt
 
+from starlette_web.common.conf import settings
+from starlette_web.common.utils.json import StarletteJSONEncoder
 from starlette_web.common.utils.inspect import get_available_options
 
 
@@ -51,13 +53,16 @@ def decode_jwt(self, encoded_jwt: str, **kwargs):
 
     @cached_property
     def _get_encode_secret_key(self):
-        raise NotImplementedError()
+        return str(settings.SECRET_KEY)
 
     @cached_property
     def _get_decode_secret_key(self):
-        raise NotImplementedError()
+        return str(settings.SECRET_KEY)
 
     def _get_expires_at(self, expires_in: int = None, **kwargs) -> datetime.datetime:
+        if expires_in is None and kwargs.get("expires_in"):
+            expires_in = kwargs["expires_in"]
+
         return datetime.datetime.utcnow() + datetime.timedelta(seconds=expires_in)
 
     def _enhance_payload_for_encode(self, payload: dict, **kwargs) -> None:
@@ -88,3 +93,12 @@ def _get_decode_options(self, **kwargs) -> dict:
             res["options"] = options
 
         return res
+
+
+jwt_processor = JWTProcessor(
+    algorithm=settings.AUTH_JWT_ALGORITHM,
+    verify_signature=True,
+    json_encoder=StarletteJSONEncoder,
+)
+encode_jwt = jwt_processor.encode_jwt
+decode_jwt = jwt_processor.decode_jwt

starlette_web/contrib/auth/utils.py

@@ -1,10 +1,9 @@
 import datetime
 from dataclasses import dataclass
-from functools import cached_property
 
 from starlette_web.common.conf import settings
 from starlette_web.common.utils.json import StarletteJSONEncoder
-from starlette_web.contrib.auth.jwt_utils import JWTProcessor
+from starlette_web.common.authorization.jwt_utils import JWTProcessor
 
 
 TOKEN_TYPE_ACCESS = "access"
@@ -21,14 +20,6 @@ class TokenCollection:
 
 
 class AuthJWTProcessor(JWTProcessor):
-    @cached_property
-    def _get_encode_secret_key(self):
-        return str(settings.SECRET_KEY)
-
-    @cached_property
-    def _get_decode_secret_key(self):
-        return str(settings.SECRET_KEY)
-
     def _get_expires_at(self, expires_in: int = None, **kwargs) -> datetime.datetime:
         token_type: str = kwargs.get("token_type", TOKEN_TYPE_ACCESS)