Security API
Security API endpoints and authentication system for RecoAgent applications.
Overview
The security API system provides comprehensive security endpoints for authentication, authorization, and security management.
Core Features
- Authentication: User authentication and session management
- Authorization: Role-based access control
- API Security: Rate limiting and request validation
- Audit Logging: Security event logging
- Token Management: JWT and session token handling
Usage Examples
Basic Authentication
from recoagent.security.api import SecurityAPI
# Create security API
security_api = SecurityAPI()
# Authenticate user
auth_result = security_api.authenticate(
username="user@example.com",
password="password123"
)
if auth_result.success:
print(f"Authentication successful: {auth_result.token}")
else:
print(f"Authentication failed: {auth_result.error}")
Advanced Security Management
# Create user session
session = security_api.create_session(
user_id="user_123",
permissions=["read", "write"],
expires_in=3600 # 1 hour
)
# Validate API request
validation_result = security_api.validate_request(
request=request,
required_permissions=["read"]
)
# Log security event
security_api.log_security_event(
event_type="authentication",
user_id="user_123",
details={"ip": "192.168.1.1", "success": True}
)
API Reference
SecurityAPI Methods
authenticate(username: str, password: str) -> AuthResult
Authenticate user
Parameters:
username(str): Username or emailpassword(str): User password
Returns: Authentication result
create_session(user_id: str, permissions: List[str], expires_in: int) -> Session
Create user session
Parameters:
user_id(str): User identifierpermissions(List[str]): User permissionsexpires_in(int): Session expiration in seconds
Returns: Session object
See Also
- Security Core - Core security features
- Security Guardrails - NeMo Guardrails integration