Closed filwaline closed 2 years ago
For #70
LoginManager now accept single secret still, nothing is broken. But It also accept dict, for asymmetric purpose.
# random string or private-key(pem format)
random_string = ...
private_key_pem_bytes = ...
# algorithm must match secret type
# random string & HS256
LoginManager(secret=random_string, algorithm="HS256", ...)
# private-key & RS256
LoginManager(secret=private_key_pem_bytes, algorithm="RS256", ...)
# dict secret
LoginManager(secret={"private_key":private_key_pem_bytes, "password": ...}, algorithm="RS256", ...)
I am using black as code formatter, lots of changes just formatting.
Yeah I saw that, but I think if the support is there it doesn't hurt to make it available directly.
On the other hand it is probably a good idea to not include it if it isn't needed :thinking: . If so, I think it would be helpful to show a message that cryptography
needs to installed when a key pair is passed as the secret.
On the other hand it is probably a good idea to not include it if it isn't needed 🤔 . If so, I think it would be helpful to show a message that
cryptography
needs to installed when a key pair is passed as the secret.
Current message is a pydantic validation error that algorithm"RS256" is invalid, if user selected "RS256" but not installed cryptography.
Maybe you can add some documents about it, just like FastAPI Form Data
I will add some documentation in the following days explaining the workflow with asymmetric keys and will then merge and publish a new package version. Thanks a lot for your help so far.
I implemented
SymmetricSecret
andAsymmetricSecret
, and drop replace it.New tests all passed, and fully covered.
I am poor in English, so docs remain old.