Secure Native SDK for python
Project description
A Cloud-Native Security Monitoring and Protection for Modern Applications
Documentation | Quick Start | Blog | Chat with us on Slack!
SecureNative performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
Install the SDK
When using PyPi, run the following:
pip install securenative
Initialize the SDK
To get your API KEY, login to your SecureNative account and go to project settings page:
Option 1: Initialize via Config file
SecureNative can automatically load your config from securenative.ini file or from the file that is specified in your SECURENATIVE_CONFIG_FILE env variable:
from securenative.securenative import SecureNative
# 1. Config file path is given by environment variable
securenative = SecureNative.init()
# 2. Config file path is specified directly
securenative = SecureNative.init('path/to/securenative.ini')
Option 2: Initialize via API Key
from securenative.securenative import SecureNative
securenative = SecureNative.init_with_api_key("YOUR_API_KEY")
Option 3: Initialize via ConfigurationBuilder
from securenative.securenative import SecureNative
from securenative.config.securenative_options import SecureNativeOptions
options = SecureNativeOptions(api_key="YOUR_API_KEY", max_events=10, log_level="ERROR")
securenative = SecureNative.init_with_options(options)
Getting SecureNative instance
Once initialized, sdk will create a singleton instance which you can get:
from securenative.securenative import SecureNative
securenative = SecureNative.get_instance()
Tracking events
Once the SDK has been initialized, tracking requests sent through the SDK instance. Make sure you build event with the EventBuilder:
from securenative.securenative import SecureNative
from securenative.context.securenative_context import SecureNativeContext
from securenative.models.event_options import EventOptions
from securenative.enums.event_types import EventTypes
from securenative.models.user_traits import UserTraits
securenative = SecureNative.get_instance()
context = SecureNativeContext(client_token="SECURE_CLIENT_TOKEN",
ip="127.0.0.1",
headers={"user-agent": "Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"})
event_options = EventOptions(event=EventTypes.LOG_IN,
user_id="1234",
user_traits=UserTraits("Your Name", "name@gmail.com", "+1234567890"),
context=context,
properties={"custom_param1": "CUSTOM_PARAM_VALUE", "custom_param2": True, "custom_param3": 3})
securenative.track(event_options)
You can also create request context from requests:
from securenative.securenative import SecureNative
from securenative.models.event_options import EventOptions
from securenative.enums.event_types import EventTypes
from securenative.models.user_traits import UserTraits
def track(request):
securenative = SecureNative.get_instance()
context = securenative.from_http_request(request)
event_options = EventOptions(event=EventTypes.LOG_IN,
user_id="1234",
user_traits=UserTraits("Your Name", "name@gmail.com", "+1234567890"),
context=context,
properties={"custom_param1": "CUSTOM_PARAM_VALUE", "custom_param2": True, "custom_param3": 3})
securenative.track(event_options)
Verify events
Example
from securenative.securenative import SecureNative
from securenative.models.event_options import EventOptions
from securenative.enums.event_types import EventTypes
from securenative.models.user_traits import UserTraits
def verify(request):
securenative = SecureNative.get_instance()
context = securenative.from_http_request(request)
event_options = EventOptions(event=EventTypes.LOG_IN,
user_id="1234",
user_traits=UserTraits("Your Name", "name@gmail.com", "+1234567890"),
context=context,
properties={"custom_param1": "CUSTOM_PARAM_VALUE", "custom_param2": True, "custom_param3": 3})
verify_result = securenative.verify(event_options)
verify_result.risk_level # Low, Medium, High
verify_result.score # Risk score: 0 -1 (0 - Very Low, 1 - Very High)
verify_result.triggers # ["TOR", "New IP", "New City"]
Webhook signature verification
Apply our filter to verify the request is from us, for example:
from securenative.securenative import SecureNative
def webhook_endpoint(request):
securenative = SecureNative.get_instance()
# Checks if request is verified
is_verified = securenative.verify_request_payload(request)
Extract proxy headers from cloud providers
You can specify custom header keys to allow extraction of client ip from different providers. This example demonstrates the usage of proxy headers for ip extraction from Cloudflare.
Option 1: Using config file
SECURENATIVE_API_KEY: "YOUR_API_KEY"
SECURENATIVE_PROXY_HEADERS: ["CF-Connecting-IP"]
Initialize sdk as shown above.
Options 2: Using ConfigurationBuilder
from securenative.securenative import SecureNative
from securenative.config.securenative_options import SecureNativeOptions
options = SecureNativeOptions(api_key="YOUR_API_KEY", max_events=10, log_level="ERROR", proxy_headers=['CF-Connecting-IP'])
securenative = SecureNative.init_with_options(options)
Remove PII Data From Headers
By default, SecureNative SDK remove any known pii headers from the received request. We also support using custom pii headers and regex matching via configuration, for example:
Option 1: Using config file
SECURENATIVE_API_KEY: "YOUR_API_KEY"
SECURENATIVE_PII_HEADERS: ["apiKey"]
Initialize sdk as shown above.
Options 2: Using ConfigurationBuilder
from securenative.securenative import SecureNative
from securenative.config.securenative_options import SecureNativeOptions
options = SecureNativeOptions(api_key="YOUR_API_KEY", max_events=10, log_level="ERROR", pii_regex_pattern='((?i)(http_auth_)(\w+)?)')
securenative = SecureNative.init_with_options(options)
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file securenative-0.3.7.tar.gz.
File metadata
- Download URL: securenative-0.3.7.tar.gz
- Upload date:
- Size: 20.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.25.0 setuptools/40.6.2 requests-toolbelt/0.9.1 tqdm/4.54.0 CPython/3.6.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 91662903c505e34f3486127f13b2428c3af1ac93e31e05786442d7701cfe06e3 |
|
| MD5 | 65e2284ffbd5fa8406a2b3f3dce1229c |
|
| BLAKE2b-256 | a1c6b453eec2289e2e472e4a03ae4890b310b7fc2feb651271873dd9f8f0c39b |
File details
Details for the file securenative-0.3.7-py3-none-any.whl.
File metadata
- Download URL: securenative-0.3.7-py3-none-any.whl
- Upload date:
- Size: 34.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.6.1 requests/2.25.0 setuptools/40.6.2 requests-toolbelt/0.9.1 tqdm/4.54.0 CPython/3.6.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 65aadb9bd5d9614f9f3dbbac75a40ab7a3605981bed27fb1e02ccfd4668a8521 |
|
| MD5 | e0c3cba926d4c193463f727269666b0d |
|
| BLAKE2b-256 | 70050ac3d3b435cc2c3386e4e1736133c23a8a797cf8004ccb13aa357e43220f |
