Implement proper graphspace-scoped auth routing in Python client (without PathFilter dependency)

[Muawiya-contact]

Search before asking

• I had searched in the feature and found no similar feature requirement.

Feature Description (功能描述)

Description

Currently, auth endpoints in the Python client use absolute paths (/auth/users, /auth/groups, etc.) with @router.http decorators. This approach works in HugeGraph 1.7.0 only because a temporary PathFilter compatibility layer whitelists these paths and passes them through.

However, PathFilter is a temporary measure that will be removed in future HugeGraph versions. Once removed, these absolute paths will break because they don't use proper graphspace-scoped routing.

Problem

• Auth endpoints currently rely on PathFilter (temporary compatibility layer)
• PathFilter will be removed in future versions, breaking these endpoints
• Server expects graphspace-scoped paths for most auth endpoints in HugeGraph 1.7.0+

Solution

Implement a dual-path strategy (similar to the Java Client's AuthAPI.java):

Graphspace-scoped endpoints (HugeGraph 1.7.0+):

• graphspaces/{graphspace}/auth/users
• graphspaces/{graphspace}/auth/accesses
• graphspaces/{graphspace}/auth/belongs
• graphspaces/{graphspace}/auth/targets

Server-level endpoints (always):

• /auth/groups (server-level exception)

Implementation Notes

The router framework currently uses decorators evaluated at class definition time, which prevents dynamic path construction. A refactoring is needed to support runtime path resolution for auth endpoints, separate from graph-data endpoint routing (which use graphspaces/{graphspace}/graphs/{graph}/...).

Related

• PR Upgrade HugeGraph Python Client CI from 1.3.0 to 1.7.0 #320 - HugeGraph Python Client upgrade to 1.7.0
• Java Client Reference: AuthAPI.java dual-path strategy

Are you willing to submit a PR?

• Yes I am willing to submit a PR!

Code of Conduct

• I agree to follow this project's Code of Conduct

[Muawiya-contact]

@imbajin Should I start working on it?