
Product
Announcing Precomputed Reachability Analysis in Socket
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
rivia-cognito-authorizer
Advanced tools
Este projeto fornece uma implementação de um autorizador JWT usando o Amazon Cognito e FastAPI. Ele verifica tokens JWT para autenticação e autorização de usuários.
Certifique-se de que as seguintes variáveis de ambiente estejam configuradas:
REGION
: A região AWS onde seu User Pool do Cognito está localizado.COGNITO_USER_POOL_ID
: O ID do User Pool do Cognito.COGNITO_APP_CLIENT_ID
: O ID do cliente da aplicação do Cognito.Clone o repositório:
git clone <URL_DO_REPOSITORIO>
cd rivia-cognito-fastapi-authorizer
Instale as dependências:
pip install -r requirements.txt
A função verify_token
verifica a validade de um token JWT. Ela realiza várias verificações, incluindo a assinatura do token, a expiração e a audiência.
Exemplo de uso:
from fastapi import FastAPI, Depends
from rivia-cognito-authorizer import verify_token
app = FastAPI()
@app.get("/secure-endpoint")
async def secure_endpoint(token_payload: dict = Depends(verify_token)):
return {"message": "This is a secure endpoint", "user": token_payload}
A função allowed_for_groups
cria uma dependência que verifica se o usuário pertence a um dos grupos especificados.
Exemplo de uso:
from fastapi import FastAPI, Depends
from rivia-cognito-authorizer import allowed_for_groups
app = FastAPI()
@app.get("/admin-endpoint")
async def admin_endpoint(token_payload: dict = Depends(allowed_for_groups(["admin"]))):
return {"message": "This is an admin endpoint", "user": token_payload}
Este projeto está licenciado sob a Licença Apache 2.0. Veja o arquivo LICENSE para mais detalhes.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
Product
Socket is launching experimental protection for Chrome extensions, scanning for malware and risky permissions to prevent silent supply chain attacks.
Product
Add secure dependency scanning to Claude Desktop with Socket MCP, a one-click extension that keeps your coding conversations safe from malicious packages.