TAHPortal SSO integration for Python web applications (FastAPI and Flask)
Project description
tahportal-sso
TAHPortal SSO integration package for Python web applications. Connects your product to the TAHPortal identity gateway with minimal setup.
Installation
```bash pip install tahportal-sso
with FastAPI support
pip install tahportal-sso[fastapi]
with Flask support
pip install tahportal-sso[flask] ```
Quick start
Set three environment variables in your product:
```bash TAHPORTAL_URL=https://your-tahportal-domain.com TAHPORTAL_PRODUCT_ID= TAHPORTAL_SESSION_SECRET=<random 64-char hex string> TAHPORTAL_SESSION_TTL=3600 # optional, defaults to 3600 seconds ```
FastAPI
```python from fastapi import FastAPI, Depends from tahportal_sso import TahPortalSSO, TahPortalConfig, SSOUser
config = TahPortalConfig.from_env() sso = TahPortalSSO(config)
app = FastAPI() app.include_router(sso.get_fastapi_router())
@app.get("/dashboard") async def dashboard(user: SSOUser = Depends(sso.require_user)): return {"welcome": user.full_name, "role": user.user_role} ```
Flask
```python from flask import Flask from tahportal_sso import TahPortalSSO, TahPortalConfig
config = TahPortalConfig.from_env() sso = TahPortalSSO(config)
app = Flask(name) sso.init_flask(app)
@app.route("/dashboard") @sso.login_required def dashboard(): user = sso.get_current_user() return {"welcome": user.full_name} ```
How it works
- TAHPortal generates a short-lived one-time code when a user launches this product
- This package exchanges the code for the user's identity at TAHPortal's /api/sso/exchange endpoint
- A local session JWT is created and stored in an httpOnly cookie
- All subsequent requests are validated locally — no network call to TAHPortal on every request
- When the session expires the user is redirected back to TAHPortal to re-authenticate
Session expiry and access revocation
Sessions expire after TAHPORTAL_SESSION_TTL seconds. When a session expires, the user is redirected to TAHPortal. If their subscription has been revoked, TAHPortal will deny access at that point.
Set a shorter TTL for higher-security products: ```bash TAHPORTAL_SESSION_TTL=900 # 15 minutes ```
License
MIT — Copyright (c) 2026 STOP THE TRAFFIK / Traffik Analysis Hub
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tahportal_sso-1.0.0.tar.gz.
File metadata
- Download URL: tahportal_sso-1.0.0.tar.gz
- Upload date:
- Size: 5.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
17f0dc10e12298bb6aa2732f65075b09b59e7096d4f7ec5e6efad26846acb16e
|
|
| MD5 |
7e2ee1514c90605d8b44e8d148014955
|
|
| BLAKE2b-256 |
d04e942654cae2719346d82ddad1171fb143e9a17f76da7b552889c19bb44eb9
|
File details
Details for the file tahportal_sso-1.0.0-py3-none-any.whl.
File metadata
- Download URL: tahportal_sso-1.0.0-py3-none-any.whl
- Upload date:
- Size: 7.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
96776b4a94b55d2512d637e9ff3bbe0541eec386361ed6bb93f4e28d40a10dce
|
|
| MD5 |
7681ed3ac66b2e264e8b13bebdb5f57f
|
|
| BLAKE2b-256 |
b4bf565f2b2bda73728cd6877bf84f8d98f5b922654a26e1eb7ec6a3e99edb6c
|
