معرفی شرکت ها

edx-drf-extensions-8.7.0

Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر
Card image cap
تبلیغات ما

مشتریان به طور فزاینده ای آنلاین هستند. تبلیغات می تواند به آنها کمک کند تا کسب و کار شما را پیدا کنند.

مشاهده بیشتر

توضیحات

edX extensions of Django REST Framework
ویژگی مقدار
سیستم عامل -
نام فایل edx-drf-extensions-8.7.0
نام edx-drf-extensions
نسخه کتابخانه 8.7.0
نگهدارنده []
ایمیل نگهدارنده []
نویسنده edX
ایمیل نویسنده oscm@edx.org
آدرس صفحه اصلی https://github.com/openedx/edx-drf-extensions
آدرس اینترنتی https://pypi.org/project/edx-drf-extensions/
مجوز Apache 2.0
Part of `edX code`__. __ https://code.edx.org/ edX Django REST Framework Extensions |CI|_ |Codecov|_ ========================================================== .. |CI| image:: https://github.com/openedx/edx-drf-extensions/workflows/Python%20CI/badge.svg?branch=master .. _CI: https://github.com/openedx/edx-drf-extensions/actions?query=workflow%3A%22Python+CI%22 .. |Codecov| image:: https://codecov.io/github/edx/edx-drf-extensions/coverage.svg?branch=master .. _Codecov: https://codecov.io/github/edx/edx-drf-extensions?branch=master This library includes various cross-cutting concerns related to APIs. API functionality added to this library must be required for multiple Open edX applications or multiple repositories. Some of these concerns include extensions of `Django REST Framework <https://www.django-rest-framework.org/>`_ (DRF), which is how the repository initially got its name. Publishing a Release -------------------- After a PR merges, a new version of the package will automatically be released by Travis when the commit is tagged. Use:: git tag -a X.Y.Z -m "Releasing version X.Y.Z" git push origin X.Y.Z Do **not** create a Github Release, or ensure its message points to the CHANGELOG.rst and ADR 0001-use-changelog.rst. JWT Authentication and REST API Endpoints ----------------------------------------- JWT Authentication is the preferred method of authentication for Open edX API endpoints. See `JWT Authentication README`_ for more details. .. _JWT Authentication README: ./edx_rest_framework_extensions/auth/jwt/README.rst CSRF API -------- One feature of this library is a ``csrf`` app containing an API endpoint for retrieving CSRF tokens from the Django service in which it is installed. This is useful for frontend apps attempting to make POST, PUT, and DELETE requests to a Django service with Django's CSRF middleware enabled. To make use of this API endpoint: #. Install edx-drf-extensions in your Django project. #. Add ``csrf.apps.CsrfAppConfig`` to ``INSTALLED_APPS``. #. Add ``'edx_rest_framework_extensions.auth.jwt.middleware.JwtAuthCookieMiddleware'`` to ``MIDDLEWARE``. #. Add ``csrf.urls`` to urls.py. License ------- The code in this repository is licensed under Apache 2.0 unless otherwise noted. Please see ``LICENSE.txt`` for details. How To Contribute ----------------- Contributions are very welcome. Please read `How To Contribute <https://github.com/openedx/edx-platform/blob/master/CONTRIBUTING.rst>`_ for details. Even though they were written with ``edx-platform`` in mind, the guidelines should be followed for Open edX code in general. Reporting Security Issues ------------------------- Please do not report security issues in public. Please email security@edx.org. Change Log ========== .. This file loosely adheres to the structure of https://keepachangelog.com/, but in reStructuredText instead of Markdown. This project adheres to Semantic Versioning (https://semver.org/). .. There should always be an "Unreleased" section for changes pending release. Unreleased ---------- [8.7.0] - 2023-04-14 -------------------- Added ~~~~~ * Add ``edx_drf_extensions_version`` to help with rollout of changes in this library across services. Removed ~~~~~~~ * Removed exception case for ``InvalidTokenError`` that was never invoked. [8.6.0] - 2023-04-12 -------------------- Added ~~~~~ * Added ``jwt_auth_check_symmetric_key``, ``jwt_auth_asymmetric_verified``, ``jwt_auth_symmetric_verified``, and ``jwt_auth_verification_failed`` custom attributes to aid in deprecation and removal of symmetric keys. * Added ``jwt_auth_issuer`` and ``jwt_auth_issuer_verification`` custom attributes. Changed ~~~~~~~ * Changed ``jwt_auth_verify_keys_count`` custom attribute to aid in key rotations, to instead be ``jwt_auth_verify_asymmetric_keys_count`` and ``jwt_auth_verify_all_keys_count``. The latter count is only used in the case that the token can't be verified with the asymmetric keys alone. [8.5.3] - 2023-04-11 -------------------- Fixed ~~~~~ * (Hopefully) fixed the ability to publish edx-drf-extensions, by adding a ``long_description`` to setup.py. There was no real 8.5.1 or 8.5.2. [8.5.0] - 2023-04-05 -------------------- Added ~~~~~ * Added ``jwt_auth_verify_keys_count`` custom attribute to aid in key rotations [8.4.1] - 2022-12-18 -------------------- Added ~~~~~ * Additional logging in `authenticate_credentials` within the JWT authentication middleware for debugging purposes. [8.4.0] - 2022-12-16 -------------------- Added ~~~~~ * Added custom attribute enduser.id, following OpenTelemetry convention. This works with some New Relic automatic tooling around users. The old custom attribute request_user_id should be considered deprecated. [8.3.1] - 2022-09-09 -------------------- Fixed ~~~~~~~ * Fixed disabled user error by reverting change to JwtAuthentication. [8.3.0] - 2022-09-07 -------------------- Changed ~~~~~~~ * JwtAuthentication will fail for disabled users (with unusable password). [8.2.0] - 2022-08-24 -------------------- Added ~~~~~ * Added only asymmetric jwt decoding functionality in decoder Changed ~~~~~~~ * Rename toggle_warnings to toggle_warning for consistency with setting_warning. [8.1.0] - 2022-01-28 -------------------- Dropped ~~~~~~~ * Dropped Support for Django22, 30, 31 [8.0.1] - 2021-11-01 -------------------- Changed ~~~~~~~ * Resolve RemovedInDjango4.0 warnings. [8.0.0] - 2021-09-30 -------------------- Changed ~~~~~~~ * **BREAKING CHANGE:** Updated ``EnsureJWTAuthSettingsMiddleware`` to understand and work with permissions combined using DRF's in-built support. This allows switching away from ``rest_condition``. Any view that still uses ``rest_condition`` will cause the middleware to throw an error. [7.0.1] - 2021-08-10 -------------------- Fixed ~~~~~ * Removed dropped ``require_exp`` and ``require_iat`` options from jwt.decode and instead used ``require`` option with both ``exp`` and ``iat``. For more info visit this: https://pyjwt.readthedocs.io/en/stable/changelog.html#dropped-deprecated-require-options-in-jwt-decode * This fixes an error in previous release which had a multiple breaking changes [7.0.0] - 2021-08-03 -------------------- Changed ~~~~~~~ * **BREAKING CHANGE:** ``generate_jwt_token``: Now returns string (instead of bytes), and no longer requires decoding. This was to keep consistent with change to ``jwt.encode`` in `pyjwt` upgrade (see below). * **BREAKING CHANGE:** Upgraded dependency ``pyjwt[crypto]`` to 2.1.0, which introduces its own breaking changes that may affect consumers of this library. Pay careful attention to the 2.0.0 breaking changes documented in https://pyjwt.readthedocs.io/en/stable/changelog.html#v2-0-0. [6.6.0] - 2021-07-13 -------------------- Added ~~~~~ * Added support for django3.1 and 3.2 [6.5.0] - 2021-02-12 -------------------- Added ~~~~~ * Added a new custom attribute `jwt_auth_failed` to both monitor failures, and to help prepare for future refactors. [6.4.0] - 2021-01-19 -------------------- Added ~~~~~ * Added a new custom attribute `request_is_staff_or_superuser` [6.3.0] - 2021-01-12 -------------------- Removed ~~~~~~~ * Drop support for Python 3.5 [6.2.0] - 2020-08-24 -------------------- Updated ~~~~~~~ * Renamed "custom metric" to "custom attribute" throughout the repo. This was based on a `decision (ADR) captured in edx-django-utils`_. * Deprecated RequestMetricsMiddleware due to rename. Use RequestCustomAttributesMiddleware instead. .. _`decision (ADR) captured in edx-django-utils`: https://github.com/openedx/edx-django-utils/blob/master/edx_django_utils/monitoring/docs/decisions/0002-custom-monitoring-language.rst [6.1.2] - 2020-07-19 -------------------- Fixed ~~~~~~~ * `_get_user_from_jwt` no longer throws an `UnsupportedMediaType` error for failing to parse "new user" requests. [6.1.1] - 2020-07-19 -------------------- Fixed ~~~~~~~ * Latest `drf-jwt` is throwing error in case of any other Authorization Header. Fixing that issue in `JwtAuthentication` class. [6.1.0] - 2020-06-26 -------------------- Changed ~~~~~~~ * Update `drf-jwt` to pull in new allow-list(they called it blacklist) feature. Added ~~~~~ Fixed ~~~~~ [6.0.0] - 2020-05-05 -------------------- Changed ~~~~~~~ * **BREAKING CHANGE**: Renamed 'request_auth_type' to 'request_auth_type_guess'. This makes it more clear that this metric could report the wrong value in certain cases. This could break dashboards or alerts that relied on this metric. * **BREAKING CHANGE**: Renamed value `session-or-unknown` to `session-or-other`. This name makes it more clear that it is the method of authentication that is in question, not whether or not the user is authenticated. This could break dashboards or alerts that relied on this metric. Added ~~~~~ * Added 'jwt-cookie' as new value for 'request_auth_type_guess'. * Added new 'request_authenticated_user_found_in_middleware' metric. Helps identify for what middleware step the request user was set, if it was set. Example values: 'process_request', 'process_view', 'process_response', or 'process_exception'. Fixed ~~~~~ * Fixed/Added setting of authentication metrics for exceptions as well. * Fixed 'request_auth_type_guess' to be more accurate when recording values of 'unauthenticated' and 'no-user'.


نیازمندی

مقدار نام
>=2.2 Django
- django-waffle
>=3.9.0 djangorestframework
- drf-jwt
>=3.8.0 edx-django-utils
- edx-opaque-keys
- pyjwkest
>=2.1.0 pyjwt[crypto]
>=2.0 python-dateutil
>=2.7.0 requests
- semantic-version
- six


نحوه نصب


نصب پکیج whl edx-drf-extensions-8.7.0:

    pip install edx-drf-extensions-8.7.0.whl


نصب پکیج tar.gz edx-drf-extensions-8.7.0:

    pip install edx-drf-extensions-8.7.0.tar.gz