🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

aiohttp-security

Package Overview
Dependencies
Maintainers
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

aiohttp-security

security for aiohttp.web

0.5.0
PyPI
Maintainers
2

aiohttp_security

.. image:: https://travis-ci.com/aio-libs/aiohttp-security.svg?branch=master :target: https://travis-ci.com/aio-libs/aiohttp-security .. image:: https://codecov.io/github/aio-libs/aiohttp-security/coverage.svg?branch=master :target: https://codecov.io/github/aio-libs/aiohttp-security .. image:: https://readthedocs.org/projects/aiohttp-security/badge/?version=latest :target: https://aiohttp-security.readthedocs.io/ .. image:: https://img.shields.io/pypi/v/aiohttp-security.svg :target: https://pypi.python.org/pypi/aiohttp-security

The library provides identity and authorization for aiohttp.web__.

.. _aiohttp_web: http://aiohttp.readthedocs.org/en/latest/web.html

__ aiohttp_web_

Installation

Simplest case (authorization via cookies) ::

$ pip install aiohttp_security

With aiohttp-session support ::

$ pip install aiohttp_security[session]

Examples

Take a look at examples:

Basic example_

Example with DB auth_

.. _Basic example: docs/example.rst .. _Example with db auth: docs/example_db_auth.rst

and demos at demo directory.

Documentation

https://aiohttp-security.readthedocs.io/

Develop

pip install -r requirements-dev.txt

License

aiohttp_security is offered under the Apache 2 license.

======= CHANGES

.. towncrier release notes start

0.5.0 (2023-11-18)

  • Added type annotations.
  • Added a reason message when permission is rejected.
  • Switched to aiohttp.web.AppKey.
  • Reverted change in JWTIdentityPolicy so identity returns str.

0.4.0 (2018-09-27)

  • Bump minimal supported aiohttp version to 3.2.
  • Use request.config_dict for accessing jinja2 environment. It allows to reuse jinja rendering engine from parent application.

0.3.0 (2018-09-06)

  • Deprecate login_required and has_permission decorators. Use check_authorized and check_permission helper functions instead.
  • Bump supported aiohttp version to 3.0+.
  • Enable strong warnings mode for test suite, clean-up all deprecation warnings.
  • Polish documentation

0.2.0 (2017-11-17)

  • Add is_anonymous, login_required, has_permission helpers. (#114)

0.1.2 (2017-10-17)

  • Make aiohttp-session optional dependency. (#107)

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden

Security News

libxml2 Maintainer Ends Embargoed Vulnerability Reports, Citing Unsustainable Burden

Libxml2’s solo maintainer drops embargoed security fixes, highlighting the burden on unpaid volunteers who keep critical open source software secure.

By Sarah Gooding  -  Jun 17, 2025
The Growing Risk of Malicious Browser Extensions

Research

Security News

The Growing Risk of Malicious Browser Extensions

Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.

By Kush Pandya  -  Jun 13, 2025