Datasette-auth-github

Latest version: v0.13.1

Safety actively analyzes 613568 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 5

0.13.1

- Deployments that are configured to check organization membership now use `read:org` scope instead of the more permissive `user` scope. [73](https://github.com/simonw/datasette-auth-github/issues/73)

0.13

This plugin now builds on the [Authentication and permissions](https://docs.datasette.io/en/stable/authentication.html) mechanism introduced in [Datasette 0.44](https://docs.datasette.io/en/stable/changelog.html#v0-44). This means it can be used in combination with other authentication plugins such as [datasette-auth-tokens](https://datasette.io/plugins/datasette-auth-tokens). #62

When a user signs in with GitHub, a signed [ds_actor cookie](https://docs.datasette.io/en/stable/authentication.html#the-ds-actor-cookie) is set with details of their GitHub profile. Fields from this dictionary can be used with Datasette [allow blocks](https://docs.datasette.io/en/stable/authentication.html#defining-permissions-with-allow-blocks) to control access to individual databases, tables and queries.

The new `load_orgs` and `load_teams` options can be used to check the user's membership of different organization and teams when they first sign in. These memberships will be encoded in the cookie and can be used to control access.

Other changes:

- The ASGI middleware version of this plugin has been split off into a separate [asgi-auth-github](https://github.com/simonw/asgi-auth-github) package. #63
- Error messages are now rendered using a `datasette_auth_github_error.html` template, which can be customized by including a template of the same name in a [custom templates directory](https://docs.datasette.io/en/stable/custom_templates.html#custom-templates). 36
- The `/-/auth-callback` path is now `/-/github-auth-callback` - you will need to update this in your GitHub OAuth application settings. 66

0.13a2

- Renamed `/-/auth-callback` to `/-/github-auth-callback`. 66

0.13a1

- Removed custom base template - Datasette provides a "logout" link in the default interface now.
- Added "Sign in with GitHub" menu action. 65
- Use `datasette_datasette_auth_github_error.html` template for error messages. 36

0.13a0

Alpha release. This is a big change - it switches the plugin over to using the authentication plugin mechanism introduced in [Datasette 0.44](https://simonwillison.net/2020/Jun/12/annotated-release-notes/).

0.12

* Respects `scope["auth"]` if it has already been populated by another authentication plugin - 59
* Fixed bug where `require_auth` setting was not respected - thanks, Harrison Tsai! - 57

Page 1 of 5

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.