Farshid's Weblog

Auth is a RBAC lib I started back in 2015, when I badly needed something simple and quick. Since then, developers have download it hundreds of thousands of times, indeed, Pyhton Software Organisation emailed me to notify me that the auth library is now a critical lib as it is a dependency for many other projects and there are just over 800 github projects using the RBAC lib. So I started developing it more, especially in the age of AI which Gemini or similar tools can actually read the code, security check and review it and write a full documentation for that.

Anyway, I added much more features, and I actually now use it for the enterprise workflow engine I am building.

Auth has a clean layered architecutre:

          API Layer (Flask)                  
  - REST endpoints                           
  - Request validation                       
  - Response formatting                      
?,?

 ??
       Service Layer (Business Logic)        
  - Authorization rules                      
  - Permission checking                      
  - Audit logging                            
?,?

 ??
      Data Access Layer (DAL)                
  - SQLAlchemy ORM                           
  - Database abstraction                     
  - Encryption/Decryption                    
?,?

 ??
         Database (SQLite/PostgreSQL)        
  - User data                                
  - Role & Permission mappings               
  - Audit logs  

Read the documentation in the reference and try it ;)