Integration — Aquilia Documentation
Comprehensive guide and documentation for Integration in the Aquilia framework. View API reference, examples, and implementation patterns.
Security & Auth Integration & Middleware The aquilia.auth.integration package wires authentication seamlessly into Aquilia's dependency injection container, request-response middleware pipelines, session subsystems, and flow graphs. Integration Components , , , , ].map((s, i) => ( ))} DI Providers Importing aquilia.auth.integration.di_providers exposes all auth services to the DI registry under @service(scope="app"). from aquilia.auth.integration.di_providers import * # Provider → Provides # ───────────────────────────────────────── # PasswordHasherProvider → PasswordHasher (Argon2id) # KeyRingProvider → KeyRing (auto-generates RS256 key) # TokenManagerProvider → TokenManager (15m access, 30d refresh) # RateLimiterProvider → RateLimiter (5 attempts, 15min lockout) # MemoryIdentityStoreProvider → IdentityStore (in-memory) # MemoryCredentialStoreProvider → CredentialStore (in-memory) # MemoryTokenStoreProvider → TokenStore (in-memory) # MemoryOAuthClientStoreProvider → OAuthClientStore (in-memory) # MemoryAuthCodeStoreProvider → AuthorizationCodeStore (in-memory) # MemoryDeviceCodeStoreProvider → DeviceCodeStore (in-memory) # AuthManagerProvider → AuthManager (full auth pipeline) # MFAManagerProvider → MFAManager (TOTP + backup codes) # OAuth2ManagerProvider → OAuth2Manager (all 4 grant types) # AuthzEngineProvider → AuthzEngine (RBAC + ABAC + scopes) # SessionEngineProvider → SessionEngine (auth sessions) # SessionAuthBridgeProvider → SessionAuthBridge (session ↔ auth) Customizing Providers Override standard providers in the container context. Dependent services like AuthManager resolve overrides automatically. from aquilia.di import Container container = Container() # Register custom database/cache storage implementations container.register(IdentityStore, MyDatabaseIdentityStore) container.register(TokenStore, RedisTokenStore(redis_client)) # Other default providers dynamically resolve with the overrides Auth Middleware Pipeline The AquilAuthMiddleware performs request authentication sequentially in 6 structured phases: , , , , , , ].map((step, i) => ( ))} from aquilia.auth.integration.middleware import ( AquilAuthMiddleware, OptionalAuthMiddleware, SessionMiddleware, ) app = Aquilia() # Main authentication middleware app.use(AquilAuthMiddleware( session_engine=session_engine, auth_manager=auth_manager, require_auth=False, # Opt-in manually using decorators )) # Optional Auth — resolves identities, but doesn't block anonymous clients app.use(OptionalAuthMiddleware( session_engine=session_engine, auth_manager=auth_manager, )) # Sessions Only — manages cookies/data context without auth evaluations app.use(SessionMiddleware(session_engine=session_engine)) Flow Guards Compose check constraints visually inside Aquilia flow pipelines using specialized Node implementations. from aquilia.auth.integration.flow_guards import ( RequireAuthGuard, # Verify authenticated identity presence RequireSessionAuthGuard, # Assert session authentication state RequireTokenAuthGuard, # Assert JWT bearer token presence RequireApiKeyGuard, # Verify valid API key credentials RequireScopesGuard, # Verify scopes (any or require_all) RequireRolesGuard, # Verify roles (any or require_all) RequirePolicyGuard, # Execute ABAC/RBAC Policy validation ) Flow Graph Assembly from aquilia.flow import Flow from aquilia.auth.integration.flow_guards import require_auth, require_roles admin_flow = ( Flow("admin_pipeline") .then(require_auth()) .then(require_roles("admin", "superadmin")) .then(execute_admin_logic_node) ) AuthPrincipal & Session Bridge Extract user parameters, roles, and scope permissions dynamically from current session contexts: from aquilia.auth.integration.aquila_sessions import ( bind_identity, bind_token_claims, get_identity_id, get_roles, get_scopes, ) # Set bindings (executed during request intercept) bind_identity(session, identity) bind_token_claims(session, claims) # Resolve attributes inside handler user_id = get_identity_id(session) roles = get_roles(session) scopes = get_scopes(session) )
Go to Homepage