Logto Python SDK.
Project description
Logto Python SDK
Prerequisites
- Python 3.8 or higher
- A Logto Cloud account or a self-hosted Logto
- A Logto traditional web application created
If you don't have the Logto application created, please follow the ⚡ Get started guide to create one.
Installation
pip install logto # or `poetry add logto` or whatever you use
Tutorial
See tutorial for a quick start.
API reference
See API reference for more details.
Run the sample
There's a Flask sample in the samples directory. The sample has been tested with Python 3.8.17.
Install dependencies
This repo uses PDM as the package manager. To install the dependencies, run the following command in the root directory of the repo (not in the samples directory):
pdm install
Configure environment variables
To run the sample, you need to set the following environment variables:
APP_SECRET_KEY=your-secret-key # This is for Flask
LOGTO_ENDPOINT=http://your-logto-endpoint.com
LOGTO_APP_ID=your-logto-app-id
LOGTO_APP_SECRET=your-logto-app-secret
LOGTO_REDIRECT_URI=http://127.0.0.1:5000/sign-in-callback
LOGTO_POST_LOGOUT_REDIRECT_URI=http://127.0.0.1:5000/
Replace the values with your own.
For LOGTO_REDIRECT_URI and LOGTO_POST_LOGOUT_REDIRECT_URI, you should:
- Go to your Logto Console and add the URIs to the application's settings accordingly.
- Update the domain and port to match your local environment if necessary.
[!Note] The sample project also support dotenv. You can create a
.envfile in the root directory of the sample project and add the environment variables there.
Run the sample
In the root directory of the repo, run the following command:
pdm run flask
The script can be found in the pyproject.toml file.
Fetch user information
Call client.getIdTokenClaims() to get the basic user info. For a more detailed user info, you can call client.fetchUserInfo().
For details on fetching user info, see the Get user information.
Route protection
You have many ways to accomplish this.
Directly check the user's authentication status
You can call client.isAuthenticated() to check if the user is authenticated and can proceed with the request.
Use a decorator
You can create a decorator like @authenticated() to protect your routes. A sample decorator can be found at samples/authenticated.py.
For instance, an API may throw a 401 error if the user is not authenticated:
from flask import g, jsonify
@app.route("/api/protected")
@authenticated()
def protected():
print(g.user) # The `@authenticated()` decorator sets the user object in the `g` object
return jsonify({"message": "This is a protected route"})
Or, you can redirect the user to the sign-in page:
from flask import g, jsonify
@app.route("/protected")
@authenticated(shouldRedirect=True)
def protected():
return "This is a protected route"
See the flask.py file for more details.
Resources
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
