You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

aiohttp-security

Package Overview
Dependencies
Maintainers
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

aiohttp-security

security for aiohttp.web

0.5.0
pipPyPI
Maintainers
2

aiohttp_security

.. image:: https://travis-ci.com/aio-libs/aiohttp-security.svg?branch=master :target: https://travis-ci.com/aio-libs/aiohttp-security .. image:: https://codecov.io/github/aio-libs/aiohttp-security/coverage.svg?branch=master :target: https://codecov.io/github/aio-libs/aiohttp-security .. image:: https://readthedocs.org/projects/aiohttp-security/badge/?version=latest :target: https://aiohttp-security.readthedocs.io/ .. image:: https://img.shields.io/pypi/v/aiohttp-security.svg :target: https://pypi.python.org/pypi/aiohttp-security

The library provides identity and authorization for aiohttp.web__.

.. _aiohttp_web: http://aiohttp.readthedocs.org/en/latest/web.html

__ aiohttp_web_

Installation

Simplest case (authorization via cookies) ::

$ pip install aiohttp_security

With aiohttp-session support ::

$ pip install aiohttp_security[session]

Examples

Take a look at examples:

Basic example_

Example with DB auth_

.. _Basic example: docs/example.rst .. _Example with db auth: docs/example_db_auth.rst

and demos at demo directory.

Documentation

https://aiohttp-security.readthedocs.io/

Develop

pip install -r requirements-dev.txt

License

aiohttp_security is offered under the Apache 2 license.

======= CHANGES

.. towncrier release notes start

0.5.0 (2023-11-18)

  • Added type annotations.
  • Added a reason message when permission is rejected.
  • Switched to aiohttp.web.AppKey.
  • Reverted change in JWTIdentityPolicy so identity returns str.

0.4.0 (2018-09-27)

  • Bump minimal supported aiohttp version to 3.2.
  • Use request.config_dict for accessing jinja2 environment. It allows to reuse jinja rendering engine from parent application.

0.3.0 (2018-09-06)

  • Deprecate login_required and has_permission decorators. Use check_authorized and check_permission helper functions instead.
  • Bump supported aiohttp version to 3.0+.
  • Enable strong warnings mode for test suite, clean-up all deprecation warnings.
  • Polish documentation

0.2.0 (2017-11-17)

  • Add is_anonymous, login_required, has_permission helpers. (#114)

0.1.2 (2017-10-17)

  • Make aiohttp-session optional dependency. (#107)

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape

Research

/

Security News

Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape

A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).

By Jonathan Leitschuh  -  Aug 01, 2025
Introducing Rust Support in Socket

Product

Introducing Rust Support in Socket

Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.

By Trevor Norris  -  Jul 31, 2025