Skip to main content

TrianSec API Security SDK

Project description

TrianSec SDK

PyPI version Python versions License

TrianSec SDK is a lightweight Python SDK for integrating the TrianSec API Security Platform into your FastAPI/Starlette applications. It provides behavior-driven API protection without modifying your existing business logic.


✨ Features

  • 🔒 Behavior-Driven Protection - Analyzes request patterns, not just rate limits
  • Fast Decision Path - Sub-15ms latency for security decisions
  • 🛡️ Adaptive Policy Engine - Dynamically applies ALLOW, BLOCK, or THROTTLE decisions
  • 🧠 Stateful Intelligence - Maintains historical behavioral state per identity
  • 📊 Explainable Decisions - Every decision includes a human-readable reason
  • 🔌 Plug-and-Play - Minimal integration with just one line of code
  • 🎯 Multi-Tenant Isolation - Each client's security posture is independent

📦 Installation

pip install triansec

For FastAPI support (optional):

pip install triansec[fastapi]

For development:

pip install triansec[dev]

🚀 Quick Start

1. Get Your API Key

Sign up at TrianSec and generate your API key from the dashboard.

2. Add the Middleware

from fastapi import FastAPI
from triansec import TriAnSec

app = FastAPI()

# Add security middleware
app.add_middleware(
    TriAnSec,
    api_key="ts_live_xxxxxxxxx",
    timeout=5,
    fallback_action="allow",
)

@app.get("/")
async def root():
    return {"message": "Protected by TrianSec"}

📋 Usage Examples

Option 1: Direct Middleware (Simplest)

from fastapi import FastAPI
from triansec import TriAnSec

app = FastAPI()

app.add_middleware(
    TriAnSec,
    api_key="ts_live_xxxxxxxxx",
    timeout=10,
    fallback_action="allow",
)

Option 2: Class-based with Install

from fastapi import FastAPI
from triansec.security import TriAnSec

app = FastAPI()

security = TriAnSec(
    api_key="ts_live_xxxxxxxxx",
    timeout=10,
    fallback_action="allow",
)

security.install(app)

Option 3: One-Line Setup

from fastapi import FastAPI
from triansec.security import setup_security

app = FastAPI()

security = setup_security(
    app,
    api_key="ts_live_xxxxxxxxx",
    timeout=10,
    fallback_action="allow",
    add_health=True,
    add_shutdown=True,
)

With Configuration Object

from fastapi import FastAPI
from triansec import TriAnSec, SecurityConfig

app = FastAPI()

config = SecurityConfig(
    api_key="ts_live_xxxxxxxxx",
    timeout=10,
    fallback_action="block",
    enable_cache=True,
    cache_ttl=600,
)

app.add_middleware(TriAnSec, config=config)

⚙️ Configuration Options

Parameter Type Default Description
api_key str Required Your TrianSec API key
engine_url str Hardcoded Security engine URL (you don't need to set this)
timeout int 5 Request timeout in seconds
retry_count int 3 Number of retry attempts
fallback_action str "allow" Action when engine is unreachable ("allow" or "block")
enable_cache bool True Enable local decision caching
cache_ttl int 300 Cache TTL in seconds
cache_maxsize int 1000 Maximum cache entries
enable_debug bool False Enable debug mode
bypass_paths List[str] Control plane paths Paths to bypass security

🔧 Environment Variables

Variable Description Default
TRIANSEC_API_KEY Your TrianSec API key (Required)
TRIANSEC_ENGINE_URL Security engine URL https://api.triansec.com
TRIANSEC_TIMEOUT Request timeout in seconds 5
TRIANSEC_RETRY_COUNT Number of retry attempts 3
TRIANSEC_FALLBACK_ACTION Fallback action (allow or block) allow
TRIANSEC_CACHE_ENABLED Enable cache (true or false) true
TRIANSEC_CACHE_TTL Cache TTL in seconds 300
TRIANSEC_DEBUG Debug mode (true or false) false

🔒 How It Works

Incoming Request
       │
       ▼
  SDK Middleware
       │
       ▼
Extract Request Data (IP, User-Agent, Headers, etc.)
       │
       ▼
Check Local Cache
       │
       ▼
Send to Security Engine (with API key from request)
       │
       ▼
Security Engine validates API key, analyzes behavior
       │
       ▼
Return Decision (ALLOW / BLOCK / THROTTLE)
       │
       ▼
Apply Decision
       │
       ▼
Your Application Logic

🛡️ Security Decisions

Decision Description
ALLOW Request is legitimate, pass through to your application
THROTTLE Request is suspicious, pass through with throttle headers
BLOCK Request is malicious, return 429 Too Many Requests

🧪 Development

Setup

git clone https://github.com/triansec/triansec-sdk.git
cd triansec-sdk
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate
pip install -e .[dev]

Run Tests

pytest

Run Tests with Coverage

pytest --cov=triansec --cov-report=html

Linting

ruff check .
black .
mypy triansec

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.


🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

  1. Fork the repository
  2. Create your feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes (git commit -m 'Add some amazing feature')
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

📞 Support


👥 Authors

  • Aniket Paswan - Backend Architecture, System Design, Policy Engine, Security Middleware, Frontend Development
  • Anjali Jha - Authentication Architecture, API Key Generation & Management, Frontend Development, UI/UX
  • Anshika Pratap Singh - System Management, Frontend Development, UI/UX, Developer Dashboard

🙏 Acknowledgments

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

triansec-0.1.0.tar.gz (51.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

triansec-0.1.0-py3-none-any.whl (54.9 kB view details)

Uploaded Python 3

File details

Details for the file triansec-0.1.0.tar.gz.

File metadata

  • Download URL: triansec-0.1.0.tar.gz
  • Upload date:
  • Size: 51.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.5

File hashes

Hashes for triansec-0.1.0.tar.gz
Algorithm Hash digest
SHA256 682f54ea5f2fc8f8a6d283d6a544ebb5fd167bab724aec7dfe3f661bef38c72a
MD5 b9194887a6cffd1a9f93ff7c27575e38
BLAKE2b-256 c0dd069116504772b22da0a2fce9d56656f85cf51f53f493674f9cfabdd56552

See more details on using hashes here.

File details

Details for the file triansec-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: triansec-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 54.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.5

File hashes

Hashes for triansec-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 f6c6abe47c653141261f9eb9ebdc7888a56b2bcbf2727fb20910bbd7a551968a
MD5 295d6f89f4077c0aa0e0f234e948f054
BLAKE2b-256 f78b3fc50545bf7ca8d26c1215276a9df77ee5b80230bf468c471216b401bb8b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page