Api package
This module handels the configuration of the API.
Database related settings are part of mmisp.db of the lib repository.
Modern MISP API - mmisp.api.auth
Handlers to manage authentication and authorization to the modern misp api.
            Auth
  
      dataclass
  
    Contains the result of an authentication process.
AuthStrategy
              Bases: StrEnum
Possible strategies to use for authentication to the api. Valid values:
- jwt: Use only jwts after login
- api_key: Use only api-key
- jwt/api_key: Either jwt or api_key (Hybrid)
- worker_key: Only accessible for modern misp worker
- all: Use any authentication method
authorize
authorize(strategy: AuthStrategy, permissions: list[Permission] | None = None, is_readonly_route: bool = False) -> Callable[[Session, str], Awaitable[Auth]]
Generates a authorizer, which then returns an auth object.
Parameters:
| Name | Type | Description | Default | 
|---|---|---|---|
| strategy | AuthStrategy | the authentication strategy | required | 
| permissions | list[Permission] | None | the required permissions of the action to be authorized | None | 
| is_readonly_route | bool | wether the route is read only | False | 
Returns:
| Type | Description | 
|---|---|
| Callable[[Session, str], Awaitable[Auth]] | An authorizer function and a db session | 
check_permissions
check_permissions(auth: Auth, permissions: list[Permission] = []) -> bool
Checks the permission list against the permissions of the user’s auth.
Parameters:
| Name | Type | Description | Default | 
|---|---|---|---|
| auth | Auth | the clients authentication | required | 
| permissions | list[Permission] | the permissions to check against the client’s | [] | 
Returns:
| Type | Description | 
|---|---|
| bool | True if the client has all the requested permissions. |