Skip to main content

Secure Native SDK for python

Project description

Python SDK for Secure Native

How to get it?

the python SDK is published to PyPi so you can just use pip to install it:

pip install securenative

Initialize the SDK

Go to the settings page of your SecureNative account and find your API key, afterwards add this line on your application main module.

import securenative

# Many lines of code ...

if __name__=='__main__':
    # Your bootstrap code
    securenative.init('API_KEY') # Should be called before any other call to secure native

Tracking Events (async)

Once the SDK has been initialized, you can start sending new events with the track function:

import securenative
from securenative.event_options import Event, User

def my_login_function():
    # Many lines of code ...
    
    event = Event( # Build the event from the request's context
        event_type=securenative.event_types.login,
        ip='35.199.23.1',
        remote_ip='35.199.23.2',
        user_agent='Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36',
        sn_cookie_value='eyJjaWQiOiJkYzgyYjdhZS00ODFkLTQyODItYTMyZC0xZTU1Njk2ZjNmZTQiLCJmcCI6Ijk5NGYzZjVjZTRiYWUwODQzMTRhOTFkNzgyN2I1MWYuMjQ3MDBmOWYxOTg2ODAwYWI0ZmNjODgwNTMwZGQwZWQifQ',
        user=User(
            user_id='1',
            user_email='1@example.com',
            user_name='example example'
        )
    )
    
    # Track it:
    securenative.track(event)
    
    # Many lines of code ...

Verification Events (sync)

Once the SDK has been initialized, you can protect sensitive operation by calling the verify function, this function will return the risk analysis of the current user.

import securenative
from securenative.event_options import Event, User

def my_change_password_function():
    # Many lines of code...
    
    event = Event( # Build the event from the request's context
            event_type=securenative.event_types.verify,
            ip='35.199.23.1',
            remote_ip='35.199.23.2',
            user_agent='Mozilla/5.0 (Linux; U; Android 4.4.2; zh-cn; GT-I9500 Build/KOT49H) AppleWebKit/537.36 (KHTML, like Gecko)Version/4.0 MQQBrowser/5.0 QQ-URL-Manager Mobile Safari/537.36',
            sn_cookie_value='eyJjaWQiOiJkYzgyYjdhZS00ODFkLTQyODItYTMyZC0xZTU1Njk2ZjNmZTQiLCJmcCI6Ijk5NGYzZjVjZTRiYWUwODQzMTRhOTFkNzgyN2I1MWYuMjQ3MDBmOWYxOTg2ODAwYWI0ZmNjODgwNTMwZGQwZWQifQ',
            user=User(
                user_id='1',
                user_email='1@example.com',
                user_name='example example'
            )
        )
     
    result = securenative.verify(event)
    if result['riskLevel'] == 'high':
        return 'Cannot change password'
    elif result['riskLevel'] == 'medium':
        return 'MFA'
     
     # Many lines of code...

Verifying Incoming Webhooks

You can use the SDK to verify incoming webhooks from Secure Native, just call the veriy_webhook function which return a boolean which indicates if the webhook came from Secure Native servers.

import securenative

@post('/sn/webhook')
def sn_webhook_handler(headers, body):
    sig_header = headers["X-SecureNative"]
    if securenative.verify_webhook(sig_header, body):
        # Handle the webhook
        level = body['riskLevel']
        pass
    else:
        # This reqeust wasn't sent from Secure Native servers, you can dismiss/investigate it
        pass
    

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
securenative-0.1.5.tar.gz (7.4 kB) Copy SHA256 hash SHA256 Source None

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page