User Authentication and Authorization

Your project will probably need user authentication and likely need permissions on a by-method basis. Implementation of authentication will vary since Python OpenRPC is transport agnostic, for this example we will be using JWT tokens over HTTP and websockets.

This guide requires passlib, python-jose, Sanic, and Pydantic

We will use Pydantic to define data models, passlib to hash and salt passwords, python-jose to encode/decode user data in JWTs, and Sanic for networking.

Overview:

OpenRPC Security Extension

First we'll cover the OpenRPC security extension provided by this framework.

Depends Arguments

We pass extra Depends arguments to the framework to be accessed and used by RPC methods.

Authentication Overview

Next we create a user and store user data. Then, a sign-in process, will verify user credentials and return a JWT with encoded user data.

Authorization Overview

Then we will write a server that pulls JWTs from request headers, decodes the token, and passes security data to the framework to check permissions.

User Authentication and Authorization

OpenRPC Security Extension​

Depends Arguments​

Authentication Overview​

Authorization Overview​

OpenRPC Security Extension

Depends Arguments

Authentication Overview

Authorization Overview