{"id":47628020,"url":"https://github.com/apache/casbin-python-sanic-authz","last_synced_at":"2026-04-01T23:00:41.197Z","repository":{"id":315092150,"uuid":"996201982","full_name":"apache/casbin-python-sanic-authz","owner":"apache","description":"Sanic authorization middleware based on Casbin","archived":false,"fork":false,"pushed_at":"2026-03-14T00:42:57.000Z","size":16,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"master","last_synced_at":"2026-03-27T13:57:25.935Z","etag":null,"topics":["abac","acl","auth","authorization","authz","casbin","middleware","plugin","py","pycasbin","python","rbac","sanic"],"latest_commit_sha":null,"homepage":"https://sanic.dev","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/apache.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-06-04T15:48:55.000Z","updated_at":"2026-03-11T13:34:39.000Z","dependencies_parsed_at":"2025-09-16T18:08:31.538Z","dependency_job_id":"01798a88-592a-4411-8246-a258b839d3ba","html_url":"https://github.com/apache/casbin-python-sanic-authz","commit_stats":null,"previous_names":["officialpycasbin/sanic-authz"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/apache/casbin-python-sanic-authz","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcasbin-python-sanic-authz","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcasbin-python-sanic-authz/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcasbin-python-sanic-authz/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcasbin-python-sanic-authz/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/apache","download_url":"https://codeload.github.com/apache/casbin-python-sanic-authz/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Fcasbin-python-sanic-authz/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31292780,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-01T21:15:39.731Z","status":"ssl_error","status_checked_at":"2026-04-01T21:15:34.046Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["abac","acl","auth","authorization","authz","casbin","middleware","plugin","py","pycasbin","python","rbac","sanic"],"created_at":"2026-04-01T23:00:19.877Z","updated_at":"2026-04-01T23:00:41.183Z","avatar_url":"https://github.com/apache.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# sanic-authz\n\n[![build](https://github.com/officialpycasbin/sanic-authz/actions/workflows/build.yml/badge.svg)](https://github.com/officialpycasbin/sanic-authz/actions/workflows/build.yml)\n[![Coverage Status](https://coveralls.io/repos/github/officialpycasbin/sanic-authz/badge.svg)](https://coveralls.io/github/officialpycasbin/sanic-authz)\n[![Version](https://img.shields.io/pypi/v/sanic-authz.svg)](https://pypi.org/project/sanic-authz/)\n[![PyPI - Wheel](https://img.shields.io/pypi/wheel/sanic-authz.svg)](https://pypi.org/project/sanic-authz/)\n[![Pyversions](https://img.shields.io/pypi/pyversions/sanic-authz.svg)](https://pypi.org/project/sanic-authz/)\n[![Download](https://static.pepy.tech/badge/sanic-authz)](https://pypi.org/project/sanic-authz/)\n[![Discord](https://img.shields.io/discord/1022748306096537660?logo=discord\u0026label=discord\u0026color=5865F2)](https://discord.gg/S5UjpzGZjN)\n\nsanic-authz is an authorization middleware for [Sanic](https://sanic.dev/en/). It is based on [PyCasbin](https://github.com/casbin/pycasbin).\n\n## Installation\n```\npip install sanic-authz\n```\n\n## Module Usage:\n```python\nimport casbin\nfrom sanic import Sanic, response\nfrom sanic.request import Request\nfrom sanic_authz.middleware import CasbinAuthMiddleware\n\napp = Sanic(\"SanicAuthzExample\")\nenforcer = casbin.Enforcer(\"rbac_model.conf\", \"policy.csv\")\n\n# Registration middleware\nCasbinAuthMiddleware(sanic_app, enforcer)\n\n# CasbinAuthMiddleware is a global middleware.\n# The authorization check will be performed automatically on each request.\n# You don't need to manually invoke the middleware in your route handlers.\n@app.route(\"/\")\nasync def homepage(request):\n    return response.text(\"Hello, world!\")\n```\n\nCustom subject_getter:\n\nBy default, the middleware extracts user identity from the `X-User` header field. Client requests need to include the X-User header:\n```\ncurl -H \"X-User: alice\" http://localhost:8000/data\n```\nYou can customize the subject_getter to adapt to different authentication mechanisms. For example, JWT authentication:\n```python\ndef jwt_subject_getter(request: Request) -\u003e str:\n    token = request.headers.get(\"Authorization\", \"\").replace(\"Bearer \", \"\")\n    payload = decode_jwt(token)\n    return payload.get(\"user_id\", \"anonymous\")\n\nCasbinAuthMiddleware(app, enforcer, subject_getter=jwt_subject_getter)\n```\nsession authentication:\n```python\ndef session_subject_getter(request: Request) -\u003e str:\n    return request.ctx.session.get(\"user_id\", \"anonymous\")\n\nCasbinAuthMiddleware(app, enforcer, subject_getter=session_subject_getter)\n```\n\n## Documentation\n\nThe authorization determines a request based on ``{subject, object, action}``, which means what ``subject`` can perform what ``action`` on what ``object``. In this plugin, the meanings are:\n\n1. ``subject``: the logged-in user name\n2. ``object``: the URL path for the web resource like \"dataset1/item1\"\n3. ``action``: HTTP method like GET, POST, PUT, DELETE, or the high-level actions you defined like \"read-file\", \"write-blog\"\n\nFor how to write authorization policy and other details, please refer to [the PyCasbin's documentation](https://github.com/casbin/pycasbin).\n\n### Getting Help\n\n- [PyCasbin](https://github.com/casbin/pycasbin)\n\n### License\n\nThis project is licensed under the [Apache 2.0 license](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fcasbin-python-sanic-authz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fapache%2Fcasbin-python-sanic-authz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fapache%2Fcasbin-python-sanic-authz/lists"}