Api package
This module handels the configuration of the API.
Database related settings are part of mmisp.db of the lib repository.
Modern MISP API - mmisp.api.auth
Handlers to manage authentication and authorization to the modern misp api.
Auth
dataclass
Contains the result of an authentication process.
AuthStrategy
Bases: StrEnum
Possible strategies to use for authentication to the api. Valid values:
- jwt: Use only jwts after login
- api_key: Use only api-key
- jwt/api_key: Either jwt or api_key (Hybrid)
- worker_key: Only accessible for modern misp worker
- all: Use any authentication method
authorize
authorize(
strategy: AuthStrategy,
permissions: list[Permission] | None = None,
is_readonly_route: bool = False,
) -> Callable[[Session, str], Awaitable[Auth]]
Generates a authorizer, which then returns an auth object.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
strategy
|
AuthStrategy
|
the authentication strategy |
required |
permissions
|
list[Permission] | None
|
the required permissions of the action to be authorized |
None
|
is_readonly_route
|
bool
|
wether the route is read only |
False
|
Returns:
| Type | Description |
|---|---|
Callable[[Session, str], Awaitable[Auth]]
|
An authorizer function and a db session |
check_permissions
check_permissions(
auth: Auth, permissions: list[Permission] = []
) -> bool
Checks the permission list against the permissions of the user's auth.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
auth
|
Auth
|
the clients authentication |
required |
permissions
|
list[Permission]
|
the permissions to check against the client's |
[]
|
Returns:
| Type | Description |
|---|---|
bool
|
True if the client has all the requested permissions. |