auth
SQLAlchemy
auth | SQLAlchemy | |
---|---|---|
45 | 124 | |
1,183 | 8,841 | |
4.8% | 2.6% | |
9.4 | 9.7 | |
2 days ago | 4 days ago | |
Go | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
auth
-
Supabase Auth now supports Anonymous Sign-ins
Supabase Auth now supports anonymous sign-ins, one of our most-requested features by the community.
-
Supabase โ General Availability Week
People keep writing this, doesn't Supabase rely on spinning up additional services to leave, meaning you can't leave to another managed offering?
Off the top of my mind, PostgREST and go-true? https://github.com/supabase/auth
-
If you use Postgres you're "locked" into Postgres: a technology with a laundry list of providers.
If you leave Supabase, you'll lose the fully managed aspect of 99% of the Postgres providers out there, which confirms the pain the parent comment is describing.
-
Ask HN: Microsoft crawls private links โ how can this be legal?
> Microsoft scans to check the website contains malware. IMHO the security blunder is a self-implemented magic link.
It's not self-implemented, you can check it out here: https://github.com/supabase/gotrue
> Not password protected if the password is part of the URL.
It's a token that's valid for a couple of minutes โ just like a password reset token. Indeed, in the given implementation, it's the very same as the password reset token. If you consider this implementation as "not password protected", any website with a password reset functionality is "not password protected".
-
Supabase Local Dev: migrations, branching, and observability
I hate to be this guy, really. I would like to adopt Supabase in company, but I cannot yet.
I commented on a HN post almost a year ago about how hard is to do custom Auth with Supabase. I still haven't find a good solution about it. For example, LDAP Auth is quite crucial in most enterprise settings, yet I have no idea how to do it with Supabase. I can find a workaround for PostgREST by putting a secondary API written in some other language and fiddling with reverse proxies. But how to do with Supabase, such that all other services (realtime,...) works nicely? Is it so hard to provide a function that accept a custom strategy given the HTTP request data?
I created an issue[0] almost a year ago on Supabase, which was transferred to Gotrue. I even provided some code examples from Laravel. Even if it is not specifically for LDAP, make some API available to do so, please.
[0] https://github.com/supabase/gotrue/issues/904
- T3 Stack Template : Supabase (w/ Auth + DB) and Shadcn-UI Basic Setup
-
Is there complete documentation of the auth REST API anywhere?
Yes there is, it's just not pretty yet: https://github.com/supabase/gotrue/blob/master/openapi.yaml
- How do you implement authentication with nextjs frontend and golang backend?
-
Use base gotrue api instead of auth helper
The gotrue api: https://github.com/supabase/gotrue
-
Securing a nextjs api with supabase auth
Validation happen inside of the GoTrue: https://github.com/supabase/gotrue... but you don't need it on your own, non supabase, server side resources... that's the beauty of JWT. You can validate JWT in any back-end / language, by simply checking the signature against HS256 key.
-
Junior dev. Struggling to understand how the out-of-box Auth component works.
Supabase use gotrue for Auth, you can poke around in the code & read more about it here: https://github.com/supabase/gotrue
SQLAlchemy
-
Python: A SQLAlchemy Wrapper Component That Works With Both Flask and FastAPI Frameworks
In SQLAlchemy, models representing database tables typically subclass sqlalchemy.orm.DeclarativeBase (this class supersedes the sqlalchemy.orm.declarative_base function). Accordingly, the abstract base class in this database wrapper component is a sqlalchemy.orm.DeclarativeBase subclass, accompanied by another custom base class providing additional dunder methods.
-
Xz/liblzma: Bash-stage Obfuscation Explained
OK -
can we start considering binary files committed to a repo, even as data for tests, to be a huge red flag, and that the binary files themselves should instead be generated at testing time by source code that's stated as reviewable cleartext. This would make it much harder (though of course we can never really say "impossible") to embed a substantial payload in this way.
when binary files are part of a test suite, they are typically trying to illustrate some element of the program being tested, in this case a file that was incorrectly xz-encoded. Binary files like these weren't typed by hand, they will always ultimately come from something plaintext source.
Here's an example! My own SQLAlchemy repository has a few binary files in it! https://github.com/sqlalchemy/sqlalchemy/blob/main/test/bina... oh noes. Why are those files there? well in this case I just wanted to test that I can send large binary BLOBs into the database driver and I was lazy. This is actually pretty dumb, the two binary files here add 35K of useless crap to the source, and I could just as easily generate this binary data on the fly using a two liner that spits out random bytes. Anyone could see that two liner and know that it isn't embedding a malicious payload.
If I wanted to generate a poorly formed .xz file, I'd illustrate source code that generates random data, runs it through .xz, then applies "corruption" to it, like zeroing out the high bit of every byte. The process by which this occurs would be all reviewable in source code.
-
Introducing Flama for Robust Machine Learning APIs
Besides, flama also provides support for SQL databases via SQLAlchemy, an SQL toolkit and Object Relational Mapper that gives application developers the full power and flexibility of SQL. Finally, flama also provides support for HTTP clients to perform requests via httpx, a next generation HTTP client for Python.
-
Alembic with Async SQLAlchemy
Alembic is a lightweight database migration tool for usage with SQLAlchemy. The term migration can be a little misleading, because in this context it doesn't mean to migrate to a different database in the sense of using a different version or a different type of database. In this context, migration refers to changes to the database schema: add a new column to a table, modify the type of an existing column, create a new index, etc..
- Imperative vs. Declarative mapping style in Domain Driven Design project
-
Unlocking efficient authZ with Cerbosโ Query Plan
To simplify this process, Cerbos developers have come up with adapters for popular Object-Relational Mapping (ORM) frameworks. You can check out for more details on the query plan repo - which also contains adapters for Prisma and SQLAlchemy - as well as a fully functioning application using Mongoose as its ORM.
-
Python: Just Write SQL
That above pattern is one I've seen people do even recently, using the "select().c" attribute which from very early versions of SQLAlchemy is defined as "the columns from a subquery of the SELECT" ; this usage began raising deprecation warnings in 1.4 and is fully removed in 2.0 as it was a remnant of a much earlier version of SQLAlchemy. it will do exactly as you say, "make a subquery for each filter condition".
the moment you see SQLAlchemy doing something you see that seems "asinine", send an example to https://github.com/sqlalchemy/sqlalchemy/discussions and I will clarify what's going on, correct the usage so that the query you have is what you expect, and quite often we will add new warnings or documentation when we see people doing things we didn't anticipate.
-
A steering council note about making the global
The creator and lead maintainer of SQLAlchemy, one of the most popular and most used Python library for accessing databases (who doesn't?) gave a rather interesting response to PEP703.
If this doesn't ring any alarm bells I don't know what will.
> Basically for the moment the GIL-less idea would likely be burdensome for us and the fact that it's only an "option" seems to strongly imply major compatibility issues that we would not prefer.
https://github.com/sqlalchemy/sqlalchemy/discussions/10002#d...
-
More public SQL-queryable databases?
Recently I discovered BigQuery public datasets - just over 200 datasets available for directly querying via SQL. I think this is a great thing! I can connect these direct to an analytics platform (we use Apache Superset which uses Python SQLAlchemy under the hood) for example and just start dashboarding.
-
How useful is Python in accounting and auditing?
When using python with sql databases like postgres or mariadb or SQLite you would use SQLAlchemy or another ORM of if you're feeling brave, you code it by hand. With ORMs you provide the address of your database and it connects for you, letting you use abstractions instead of writing all the SQL yourself (kind of analogous to using vlookups or index match instead of manually entering data).
What are some alternatives?
supabase-nextjs-auth - Example project implementing authentication, authorization, and routing with Next.js and Supabase
tortoise-orm - Familiar asyncio ORM for python, built with relations in mind
frank_jwt - JSON Web Token implementation in Rust.
PonyORM - Pony Object Relational Mapper
jwt - Community maintained clone of https://github.com/dgrijalva/jwt-go
Peewee - a small, expressive orm -- supports postgresql, mysql, sqlite and cockroachdb
supabase - The open source Firebase alternative.
Orator - The Orator ORM provides a simple yet beautiful ActiveRecord implementation.
core - ๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
prisma-client-py - Prisma Client Python is an auto-generated and fully type-safe database client designed for ease of use
supabase-js - An isomorphic Javascript client for Supabase. Query your Supabase database, subscribe to realtime events, upload and download files, browse typescript examples, invoke postgres functions via rpc, invoke supabase edge functions, query pgvector.
pyDAL - A pure Python Database Abstraction Layer