.. _aiorest-ws-auth:
Authentication
==============
At this section you will find description about the default user abstraction
and using JSON Web Token as a basic implementation for authentication.
User abstraction
----------------
:class:`User` class provide a very useful user abstraction, which used for
storing information about current online user. Most basic fields are defined
inside his base class – :class:`AbstractUser`.
.. note::
At the current release :class:`User` model used with SQLite database,
however, if necessary, you can write your own implementation for any
other database (MySQL, PostgreSQL, Oracle, DB2, etc).
.. autoclass:: aiorest_ws.auth.user.abstractions.User
:members:
:inherited-members:
:show-inheritance:
JSON Web Token (JWT)
--------------------
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and
self-contained way for securely transmitting information between parties as a
JSON object. This information can be verified and trusted because it is digitally
signed. JWTs can be signed using a secret (with HMAC algorithm) or a public/private
key pair using RSA. (c) jwt.io
For more details about how JSON Web Token works, his advantages and
why necessary to use it, you can read `there `_.
Also you can look on `example `_
which implement simple user registration and log-in/log out mechanism with JSON Web Tokens.
At this package provided middleware and manager classes, which used for add
support JWT inside you application.
.. autoclass:: aiorest_ws.auth.token.middlewares.JSONWebTokenMiddleware
:members:
:inherited-members:
:show-inheritance:
.. autoclass:: aiorest_ws.auth.token.managers.JSONWebTokenManager
:members:
:inherited-members:
:show-inheritance: