sams.auth – Client Authentication Methods


class PublicAuth

Allow all access to public - No authentication required

To use this method, set SAMS_AUTH_TYPE to 'sams.auth.public' in your


class SamsBasicAuth(api_keys=None)

Basic Auth instance

authorized(allowed_roles, resource, method=None)

Validates the the current request is allowed to pass through.

  • allowed_roles – allowed roles for the current request, can be a string or a list of roles.

  • resource – resource being requested.


Returns a standard 401

check_auth(auth_token, allowed_roles, resource, method)

This function is called to check if the API key in request header exists in the api_keys in app config

  • auth_token – API key in request header

  • allowed_roles – allowed user roles

  • resource – resource being requested

  • method – HTTP method being executed (POST, GET, etc.)