{"id":28925909,"url":"https://github.com/devpi/devpi-lockdown","last_synced_at":"2025-08-18T01:34:22.981Z","repository":{"id":46506911,"uuid":"84588745","full_name":"devpi/devpi-lockdown","owner":"devpi","description":"tools to enable authentication for read access","archived":false,"fork":false,"pushed_at":"2025-05-08T20:15:03.000Z","size":48,"stargazers_count":13,"open_issues_count":3,"forks_count":6,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-07-26T07:38:25.275Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devpi.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG.rst","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2017-03-10T18:21:51.000Z","updated_at":"2025-05-08T20:15:07.000Z","dependencies_parsed_at":"2022-07-19T22:03:47.484Z","dependency_job_id":"96aaa266-bee7-43e9-9fb4-0d0f38b107a4","html_url":"https://github.com/devpi/devpi-lockdown","commit_stats":{"total_commits":34,"total_committers":4,"mean_commits":8.5,"dds":"0.17647058823529416","last_synced_commit":"594deb116139d5103cd611abfd3ff8b2adda0c65"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/devpi/devpi-lockdown","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devpi%2Fdevpi-lockdown","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devpi%2Fdevpi-lockdown/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devpi%2Fdevpi-lockdown/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devpi%2Fdevpi-lockdown/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devpi","download_url":"https://codeload.github.com/devpi/devpi-lockdown/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devpi%2Fdevpi-lockdown/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270932576,"owners_count":24670240,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-17T02:00:09.016Z","response_time":129,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-06-22T11:11:08.350Z","updated_at":"2025-08-18T01:34:22.972Z","avatar_url":"https://github.com/devpi.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"devpi-lockdown: tools to enable authentication for read access\n==============================================================\n\nThis plugin adds some views to allow locking down read access to devpi.\n\nOnly tested with nginx so far.\n\n\nInstallation\n------------\n\n``devpi-lockdown`` needs to be installed alongside ``devpi-server``.\n\nYou can install it with::\n\n    pip install devpi-lockdown\n\n\nUsage\n-----\n\nTo lock down read access to devpi, you need a proxy in front of devpi which can use the provided views to limit access.\n\n\nThe views are:\n\n/+authcheck\n\n  This returns ``200`` when the user is authenticated or ``401`` if not.\n  It uses the regular devpi credential checks and an additional credential check using a cookie provided by ``devpi-lockdown`` to allow login with a browser.\n\n/+login\n\n  A plain login form to allow access via browsers for use with ``devpi-web``.\n\n/+logout\n\n  Drops the authentication cookie.\n\n\nFor nginx the `auth_request`_ module is required.\nYou should use the ``devpi-genconfig`` script to generate your nginx configuration.\nWith devpi-server 6.0.0 or newer an ``nginx-devpi-lockdown.conf`` should have been generated.\nIf not, then you need to add the following to your server block before the first location block:\n\n.. code-block:: nginx\n\n        # this redirects to the login view when not logged in\n        recursive_error_pages on;\n        error_page 401 = @error401;\n        location @error401 {\n            return 302 /+login?goto_url=$request_uri;\n        }\n\n        # lock down everything by default\n        auth_request /+authcheck;\n\n        # the location to check whether the provided infos authenticate the user\n        location = /+authcheck {\n            internal;\n\n            proxy_pass_request_body off;\n            proxy_set_header Content-Length \"\";\n            proxy_set_header X-Original-URI $request_uri;\n            proxy_set_header X-outside-url $scheme://$http_host;  # copy the value from your existing configuration\n            proxy_set_header X-Real-IP $remote_addr;  # copy the value from your existing configuration\n            proxy_pass http://localhost:3141;  # copy the value from your existing configuration\n        }\n\n.. _auth_request: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevpi%2Fdevpi-lockdown","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevpi%2Fdevpi-lockdown","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevpi%2Fdevpi-lockdown/lists"}