Metadata-Version: 2.1
Name: harmony-auth
Version: 0.1.4
Summary: Discord OAuth2 Implicit Grant Dependency for FastAPI
Home-page: https://github.com/williamhatcher/harmonyAuth
License: MIT
Author: William Hatcher
Author-email: william@hatcher.work
Requires-Python: >=3.9,<4.0
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Requires-Dist: fastapi (>=0.79.0,<0.80.0)
Requires-Dist: httpx (>=0.23.0,<0.24.0)
Requires-Dist: python-dateutil (>=2.8.2,<3.0.0)
Requires-Dist: redis[hiredis] (>=4.3.4,<5.0.0)
Requires-Dist: uvicorn (>=0.18.2,<0.19.0)
Project-URL: Repository, https://github.com/williamhatcher/harmonyAuth
Description-Content-Type: text/markdown

# Harmony Auth

Discord OAuth2 Implicit Grant thingy for FastAPI.

Tokens are cached in Redis with the user's information & guilds (if enabled)

Yes. I know this is a mess. :)

## Server Usage

```python
from harmony_auth import HarmonyAuth
from fastapi import FastAPI, Depends

auth = HarmonyAuth()
app = FastAPI()


@app.get('/secure')
async def secure_route(user=Depends(auth)):
    return user

```

## Client Usage
1. [Request an implicit grant access token from Discord](https://discord.com/developers/docs/topics/oauth2#implicit-grant)
2. Pass received `access_token` to any endpoint with the Harmony Auth dependency to login and access resources.

```sh
curl -X GET --location "http://127.0.0.1:8000/secure" \
    -H "Accept: application/json" \
    -H "Authorization: Bearer {{access_token}}"
```

### Reload User Data
If you need to reload the user's data in the cache (if they joined a guild, for example), call `get_user(token, force_fetch=True)`

Example:
```python
@app.get("/refresh")
async def refresh_user_data(token: str = Depends(auth.token)):
    user = await auth.get_user(token, force_fetch=True)
    ...
```
This will update the cache and return the user.

### Log Out / Revoke token
Use `revoke_token(token)` to remove user data from the cache. This removes all the cached user information.

If you specify a `client_id` and `client_secret`, _Harmony Auth_ will request that Discord revokes the token.

### Q: How do I log in?
A: You don't need to log in. Just provide a valid access token.

## Rate limit protections
I personally don't want to handle this, so I am using [twilight-http-proxy](https://github.com/twilight-rs/http-proxy).

TODO: Create fork to add OAuth2 routes to twilight http proxy.

