Skip to content

Phase 2 — Auth Primitives

Pre-release
Pre-release

Choose a tag to compare

@timihack timihack released this 09 Jun 13:32
ed68f75

What's included

Password Hashing

  • argon2 (default) and bcrypt via pwdlib
  • verify_and_update() for silent rehash on login
  • Configurable policy: min length, uppercase, digit, special character

JWT Management

  • Access + refresh token issuance via PyJWT
  • Per-token revocation via jti blacklist
  • Pluggable blacklist backends: in-memory and Redis

Session Backends

  • SessionData model with device fingerprinting (user_agent, ip_hash)
  • In-memory backend for development and testing
  • Redis backend for production (requires authwarden[redis])

Test Coverage

  • 55 tests — 55 passing
  • Cumulative: 112 tests passing across Phase 1 + Phase 2

Notes

  • No breaking changes to Phase 1 interfaces
  • Redis backends require pip install authwarden[redis]