logto 0.2.1

Logto Python SDK.

Logto Python SDK

Prerequisites

• Python 3.8 or higher
• A Logto Cloud account or a self-hosted Logto
• A Logto traditional web application created

If you don't have the Logto application created, please follow the ⚡ Get started guide to create one.

Installation

pip install logto # or `poetry add logto` or whatever you use

Tutorial

See tutorial for a quick start.

API reference

See API reference for more details.

Run the sample

There's a Flask sample in the samples directory. The sample has been tested with Python 3.8.17.

Install dependencies

This repo uses PDM as the package manager. To install the dependencies, run the following command in the root directory of the repo (not in the samples directory):

pdm install

Configure environment variables

To run the sample, you need to set the following environment variables:

APP_SECRET_KEY=your-secret-key # This is for Flask
LOGTO_ENDPOINT=http://your-logto-endpoint.com
LOGTO_APP_ID=your-logto-app-id
LOGTO_APP_SECRET=your-logto-app-secret
LOGTO_REDIRECT_URI=http://127.0.0.1:5000/sign-in-callback
LOGTO_POST_LOGOUT_REDIRECT_URI=http://127.0.0.1:5000/

Replace the values with your own.

For LOGTO_REDIRECT_URI and LOGTO_POST_LOGOUT_REDIRECT_URI, you should:

1. Go to your Logto Console and add the URIs to the application's settings accordingly.
2. Update the domain and port to match your local environment if necessary.

[!Note] The sample project also support dotenv. You can create a .env file in the root directory of the sample project and add the environment variables there.

Run the sample

In the root directory of the repo, run the following command:

pdm run flask

The script can be found in the pyproject.toml file.

Fetch user information

Call client.getIdTokenClaims() to get the basic user info. For a more detailed user info, you can call client.fetchUserInfo().

For details on fetching user info, see the Get user information.

Route protection

You have many ways to accomplish this.

Directly check the user's authentication status

You can call client.isAuthenticated() to check if the user is authenticated and can proceed with the request.

Use a decorator

You can create a decorator like @authenticated() to protect your routes. A sample decorator can be found at samples/authenticated.py.

For instance, an API may throw a 401 error if the user is not authenticated:

from flask import g, jsonify

@app.route("/api/protected")
@authenticated()
def protected():
    print(g.user) # The `@authenticated()` decorator sets the user object in the `g` object
    return jsonify({"message": "This is a protected route"})

Or, you can redirect the user to the sign-in page:

from flask import g, jsonify

@app.route("/protected")
@authenticated(shouldRedirect=True)
def protected():
    return "This is a protected route"

See the flask.py file for more details.

Resources

• Logto website
• Logto documentation
• Join Discord