An async python client for my "Purple Auth" microservice.
Create an account and application on purpelauth.com, then initialize the client with those values. You should store the api key in an environment variable, but the app id is a public value, not a secret.
from purple_auth_client import AuthClient
auth_client = AuthClient(
host="https://purpleauth.com",
app_id="37f9a26d-03c8-4b7c-86ad-132bb82e8e38",
api_key="[Key provided by purple auth portal]"
)
You will initially be limited to 500 authentications per app, but you can email me to have that increased.
Start otp authentication flow with server.
result = await auth_client.authenticate(
"test@example.com", flow="otp"
)
Complete authentication with email and generated code.
result = await auth_client.submit_code("test@example.com", "12345678")
Send idToken to server for verification.
result = await auth_client.verify_token_remote(token_submitted_by_client)
You should prefer to verify tokens locally using the verify
method, but this
is covered as a convenience and sanity check.
Request a new ID Token from the server using a refresh token
new_token = await auth_client.refresh(refresh_token_from_client)
Get more info about this app from the server.
info = await auth_client.app_info()
Start authentication using magic link flow.
result = await auth_client.authenticate(
"test@example.com", flow="magic"
)
Verify and decode an ID Token on directly in the app without having to call out every time
result = await auth_client.verify(id_token_from_client)
# {"headers": {"alg": "ES256", "type": "JWT"}, "claims": {"sub": "user@email.com", "exp": "test@example.com"}
# etc.