Skip to content

AuthenticationMiddleware class

This is the reference for the main object AuthenticationMiddleware that contains all the parameters, attributes and functions.

This is also the newest way of performing authentication in Ravyn, and it is recommended to use this class instead of BaseAuthMiddleware for new projects.

ravyn.middleware.authentication.AuthenticationMiddleware 

AuthenticationMiddleware(app, backend=None, on_error=None)

Bases: AuthenticationMiddleware

PARAMETER DESCRIPTION
app

The ASGI application callable wrapped by this middleware.

TYPE: ASGIApp

backend

One or more authentication backends used to authenticate the connection. If multiple backends are provided, they are tried in order.

TYPE: AuthenticationBackend | Sequence[AuthenticationBackend] | None DEFAULT: None

on_error

An optional error handler function called when authentication fails. It receives the Connection and AuthenticationError and must return an ASGI-compatible Response object.

TYPE: Callable[[Connection, AuthenticationError], Response] | None DEFAULT: None

Source code in ravyn/middleware/authentication.py 
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
def __init__(
    self,
    app: Annotated[
        ASGIApp,
        Doc(
            """
            The ASGI application callable wrapped by this middleware.
            """
        ),
    ],
    backend: Annotated[
        AuthenticationBackend | Sequence[AuthenticationBackend] | None,
        Doc(
            """
            One or more authentication backends used to authenticate the connection.
            If multiple backends are provided, they are tried in order.
            """
        ),
    ] = None,
    on_error: Annotated[
        Callable[[Connection, AuthenticationError], Response] | None,
        Doc(
            """
            An optional error handler function called when authentication fails.
            It receives the Connection and AuthenticationError and must return an
            ASGI-compatible Response object.
            """
        ),
    ] = None,
) -> None:
    super().__init__(app=app, backend=backend, on_error=on_error)  # type: ignore[arg-type]

app instance-attribute 

app = app

on_error instance-attribute 

on_error = (
    on_error if on_error is not None else default_on_error
)

scopes instance-attribute 

scopes = {HTTP, WEBSOCKET}

backend instance-attribute 

backend

authenticate async 

authenticate(conn)

Authorize users here.

Source code in lilya/middleware/authentication.py 
124
125
126
127
128
129
130
131
132
async def authenticate(self, conn: Connection) -> None | AuthResult:
    """Authorize users here."""

    for backend in self.backend:
        # exceptions are passed through to __call__ and there handled
        auth_result = await backend.authenticate(conn)
        if auth_result is not None:
            return auth_result
    return None

default_on_error staticmethod 

default_on_error(connection, exc)
Source code in lilya/middleware/authentication.py 
 99
100
101
@staticmethod
def default_on_error(connection: Connection, exc: Exception) -> Response:
    return PlainText(str(exc), status_code=400)

ravyn.middleware.authentication.AuthResult

Bases: ArbitraryBaseModel

user instance-attribute 

user

Arbitrary user coming from the authenticate of the BaseAuthMiddleware and can be assigned to the request.user.