Sub-router Authentication Capabilities

fina-joy commented 10 months ago

This feature request proposes the implementation of authentication capabilities for sub-routers in the Robyn web framework.

While Robyn currently supports middleware for handling authentication at the main router level, there is a growing need for more granular control, specifically at the sub-router level.
This would allow different authentication strategies for different sections of an application, enhancing security and flexibility. Currently Adding
```
frontend = SubRouter(__name__, prefix="/frontend")
```

frontend = SubRouter(__name__, prefix="/frontend",auth_required=True)

Use Case Sub-router authentication simplifies the process of defining authentication strategies for private routes in a web application with public and private sections.

sansyrox commented 10 months ago

That's a great suggestion @fina-joy 😄 I am not certain about the syntax tho.

How will you add an Auth handler here?

fina-joy commented 10 months ago

To implement authentication capabilities for sub-routers in the Robyn web framework, you'll want to extend the existing authentication framework to be usable at the sub-router level. The goal is to enable different authentication strategies for different sub-routers, enhancing the flexibility and security of the application.

Here's a step-by-step guide to modifying the SubRouter class and the main Robyn class to achieve this:

1. Modify the `SubRouter` Constructor

First, update the SubRouter class to accept an authentication handler or flag. This allows you to specify if and how each sub-router should handle authentication.

class SubRouter(Robyn):
    def __init__(self, file_object: str, prefix: str = "", config: Config = Config(), authentication_handler: Optional[AuthenticationHandler] = None) -> None:
        super().__init__(file_object, config)
        self.prefix = prefix
        self.authentication_handler = authentication_handler

2. Update Route Methods in `SubRouter`

Next, modify the route methods in SubRouter to consider the authentication_handler. You'll need to adjust methods like get, post, put, etc., to check if self.authentication_handler is set and apply it to the routes.

def get(self, endpoint: str, const: bool = False):
    if self.authentication_handler:
        # Add logic to apply authentication handler to the route
    return super().get(self.__add_prefix(endpoint), const)

3. Enhance `add_route` in `Robyn` Class

In the Robyn class, enhance the add_route method to handle the authentication for routes. You can do this by checking if auth_required is True and applying the appropriate authentication logic.

def add_route(self, route_type: Union[HttpMethod, str], endpoint: str, handler: Callable, is_const: bool = False, auth_required: bool = False):
    # Existing code...

    if auth_required and self.authentication_handler:
        # Apply the authentication handler to the route

4. Consider Global vs. Local Authentication Strategies

Decide how global and local (specific to sub-routers) authentication strategies will interact. For instance, if a global authentication strategy is set, should it override local strategies, or should local strategies have priority?

sparckles / Robyn