Feat: add auth subroutes capabilities

[IA-PieroCV]

Description

This PR fixes #708

Summary

This PR does handle authentication for subroutes having different levels of precedence:

1. Endpoint decorators have highest precedence.
2. include_router has the second highest precedence.
3. SubRoute instance has the lowest precedence.
4. If None of the above is specified, the default is False.

This PR change auth logic:

• It does add an auth_required parameter for Route objects.
• The authentication middleware is evaluated first and added before starting the server.
  • This ensures that precedence is made correctly.

Several integration tests were provided. MDX documentation was also updated. To be discussed on #1026

PR Checklist

Please ensure that:

• The PR contains a descriptive title
• The PR contains a descriptive summary of the changes
• You build and test your changes before submitting a PR.
• You have added relevant documentation
• You have added relevant tests. We prefer integration tests wherever possible

Pre-Commit Instructions:

• Ensure that you have run the pre-commit hooks on your PR.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
robyn	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Nov 26, 2024 8:00am

[sansyrox]

Hey @IA-PieroCV 👋

Is the PR still a WIP? Or is it up for review?

[IA-PieroCV]

Hey @sansyrox !
I set this PR as draft because I don't really know if the proposal of precedence is correct. I'll change it to "ready for review" in order you to review it. It's functional, but as I said, it changes the way how the authentication register the auth middlewares. Let me know any observation!

[sansyrox]

Hey @IA-PieroCV 👋

Thank you for the PR 😄 Overall I like the theme of the PR but will have to a review of the code.

However, why do we need an auth_required flag in include_router? Is it not the same as the SubRouter Class?

[IA-PieroCV]

Yes, actually it is!
This is just to give developers options for including auth_required due to their own criteria.
Of course we can remove any of the auth_required instance level parameters, from include_router or the SubRoute object instance.

However, include_router have higher precedence. My logic here is because developers face this method more often than the instantiation of the SubRoute. The same logic for endpoint decorators.

[sansyrox]

@IA-PieroCV , apologies for the late revert. But, I think this is a redundancy. If someone wants to allow auth, they can do it the subrouter class. I'd suggest that we remove it from here.

Let me know if you have anymore thoughts 😄

[sansyrox]

I don't think we need this. Right?

[sansyrox]

@IA-PieroCV , I believe auth_required should either be removed from include_router or the SubRouter() class

[thePromger]

@sansyrox @IA-PieroCV
i also think that auth_required should be in SubRouter than in include_router

I was also thinking to create new PR to provide auth_required functionality for all routes under a single router
so user just don't have to set auth_required to every end point, if they want then they can explicitly override the default auth_required setting set by the router, on endpoint itself

[sansyrox]

I really like all the test cases!!

[sansyrox]

Nicee

[sansyrox]

Hey @IA-PieroCV 👋

Thank you for the PR 😄

Overall the changes look great. I just have some suggestions/comments 😄

Merry shipmas! 🎄

[recurseml]

⚠️ Only 5 files will be analyzed due to processing limits.

[recurseml]

⚠️ Only 5 files will be analyzed due to processing limits.

[recurseml]

✨ No issues found! Your code is sparkling clean! ✨