authnzerver.autosetup module

This contains functions to set up the authnzerver automatically on first-start.

authnzerver.autosetup.autogen_secrets_authdb(basedir, database_url=None, interactive=False)

This automatically generates secrets files and an authentication DB.

Run this only once on the first start of an authnzerver.

Parameters:

• basedir (str) –

  The base directory of the authnzerver.

  • The authentication database will be written to a file called .authdb.sqlite in this directory.
  • The secret token to authenticate HTTP communications between the authnzerver and a frontend server will be written to a file called .authnzerver-secret-key in this directory.
  • Credentials for a superuser that can be used to edit various authnzerver options, and users will be written to .authnzerver-admin-credentials in this directory.
  • A random salt value will be written to .authnzerver-random-salt in this directory. This is used to hash user IDs and other PII in logs.
• database_url (str or None) – If this is a str, must be a valid SQLAlchemy database URL to use to connect to a database and make the necessary tables for authentication info. If this is None, will create a new SQLite database in the <basedir>/.authdb.sqlite file.
• interactive (bool) – If True, will ask the user for an admin email address and password. Otherwise, will auto-generate both.

Returns:

(authdb_path, creds, secret_file, salt_file) – The names of the files written by this function will be returned as a tuple of strings.

Return type:

tuple of str