Backend SDKs
/
Python Flask
Last updated

Protect your backend APIs with Flask (Python) SDK

Check out the repo on GitHub


Prerequisites

Python ≥ 3.8

Install the SDK

Before installation make sure that your app using the minimum Python version

pip install frontegg

Initialize Frontegg

Regions

The SDK defaults to Frontegg's EU region, in case you're running on one of the other regions, make sure to change the FRONTEGG_API_GATEWAY_URL to use your region's URL, instead of api.frontegg.com.


Import and initialize Frontegg along with your Flask application

from frontegg.flask import frontegg
from flask import Flask
    
fe_client_id = 'REPLACE_WITH_FRONTEGG_CLIENT_ID'
fe_api_key = 'REPLACE_WITH_FRONTEGG_API_KEY'

frontegg.init_app(fe_client_id, fe_api_key)

app = Flask('my_first_frontegg_app')

app.run()

Protect backend routes

When using Frontegg's secure access, you can protect your baceknd routes using the authentication middleware

from flask import g
from frontegg.flask.secure_access import with_authentication

@app.get("/protected")
@with_authentication(role_keys=['my-role'], permission_keys=['my-permission'])
def protected(request):  
    return g.user

The with_authentication decorator gets the optional arguments role_keys and permission_keys to specify which roles and permissions are required in order to access the route.

When using the with_authentication decorator, the user data will be set on the request context, as you can see in the example above.

Use access tokens

When using M2M authentication, access tokens will be cached by the SDK. By default access tokens will be cached locally, however you can use one other kind of cache:

  • redis

Use Redis as your cache

When initializing your context, pass an access tokens options object with your redis parameters

access_tokens_options = {
  cache: {
    type: 'redis',
    options: {
      host: 'localhost',
      port: 6379,
      password: '',
      db: 10,
    },
  },
};

frontegg.init_app(fe_client_id, fe_api_key, options)

Cross-Origin resource sharing (CORS)

In order to use Frontegg, it is required that your app will be able to handle CORS. It's easy to set up:


from flask_cors import CORS

CORS(app, supports_credentials=True)

Working with the REST API

Frontegg offers a comprehensive REST API for your application. To use the API from your backend, you'll need to initialize the HTTP client with your credentials.


// define your base url
base_url = "https://api.frontegg.com/audits"
http_client = HttpClient(client_id=<YOUR_CLIENT_ID>, api_key=<YOUR_API_KEY>, base_url=base_url)

The http client can now be used to make API requests to Frontegg's REST API (base on the provided base url).

Using the audits client

Frontegg’s Managed audit logs feature allows collecting custom audit logs that are specific for your application and displaying these in Frontegg's self-service component.

Creating a new client

from frontegg.common.clients import AuditsClient, HttpClient, Severity

http_client = HttpClient(client_id=<YOUR_CLIENT_ID>, api_key=<YOUR_API_KEY>, base_url=frontegg_urls.audits_service['base_url'])
audits_client = AuditsClient(http_client)

Sending audits using the client

audits_client.send_aud

Debugging

Frontegg uses python 3 built-in logging libary to log useful debugging information. To utilize this functionality, add the variable FRONTEGG_DEBUG:

FRONTEGG_DEBUG=True

Or configure it in the application:

from frontegg import frontegg_logger  
import logging  
  
frontegg_logger.setLevel(logging.DEBUG)