authnzerver.autosetup module¶
This contains functions to set up the authnzerver automatically on first-start.
-
authnzerver.autosetup.
autogen_secrets_authdb
(basedir: str, database_url: str = None, interactive: bool = False, generate_envfile: bool = True)[source]¶ This automatically generates secrets files and an authentication DB.
Run this only once on the first start of an authnzerver.
Parameters: - basedir (str) –
The base directory of the authnzerver.
- The authentication database will be written to a file called
.authdb.sqlite
in this directory. - The secret token to authenticate HTTP communications between the
authnzerver and a frontend server will be written to a file called
.authnzerver-secret-key
in this directory. - Credentials for a superuser that can be used to edit various
authnzerver options, and users will be written to
.authnzerver-admin-credentials
in this directory. - A random salt value will be written to
.authnzerver-random-salt
in this directory. This is used to hash user IDs and other PII in logs.
- The authentication database will be written to a file called
- database_url (str or None) – If this is a str, must be a valid SQLAlchemy database URL to use to
connect to a database and make the necessary tables for authentication
info. If this is None, will create a new SQLite database in the
<basedir>/.authdb.sqlite
file. - interactive (bool) – If True, will ask the user for an admin email address and password. Otherwise, will auto-generate both.
- generate_envfile (bool) – If True, generates an .env file in the basedir containing all the required information for the next start up of the server.
Returns: (authdb_path, creds, secret_file, salt_file, env_file) – The names of the files written by this function will be returned as a tuple of strings.
Return type: tuple of str
- basedir (str) –
-
authnzerver.autosetup.
generate_env
(database_path: str, fernet_secret_file: str, salt_file: str, basedir: str) → Optional[str][source]¶ This generates environment variables containing the required items for authnzrv start up after autosetup is complete.
If
write_env_file
is True, will write these to an.env
file in thebasedir
.Parameters: - database_path (str) – The SQLAlchemy URL of the database to use, or the path on disk to an
SQLite database. If
database_path
points to a file on disk, this function will assume it’s an SQLite file and construct the appropriate SQLAlchemy database URL. - fernet_secret_file (str) – The path to the shared secret key needed to secure authnzerver-frontend communications.
- salt_file (str) – The path to the file containing the PII salt to encrypt PII in authnzerver logs.
- basedir (str) – The path to the authnzerver’s basedir.
Returns: Returns the path to the
.env
file generated in thebasedir
as a string.Return type: environ_file
- database_path (str) – The SQLAlchemy URL of the database to use, or the path on disk to an
SQLite database. If