Overview
The Data Theorem API Protect Python SDK is a Python library that provides protection for APIs written in Python. The SDK integrates with your Python API using the API Protect middleware which supports most popular Python frameworks. To Protect an API, all the API developer needs to do is add the API Protect middleware to their web application code set the client Id we provide.
Installation
Step 1: Add the package to dependencies
To install API Protect the provided Python package must be added as a dependency, typically by adding it to a requirements.txt
file. Here is an example of how to add the package:
# requirements.txt before adding the apiprotect package Jinja2<2.12 SQLAlchemy<1.4.0 advocate>=1.0.0,<2.0 boto3<2.0.0 falcon-cors<1.2.0 falcon<4.0.0
# requirements.txt after adding the apiprotect package file:./vendored/apiprotect-1.0.1.tar.gz Jinja2<2.12 SQLAlchemy<1.4.0 advocate>=1.0.0,<2.0 boto3<2.0.0 falcon-cors<1.2.0 falcon<4.0.0
Step 2: Add the middleware to the application
The middleware for your web framework should be imported and added to your application.
Note: The ordering of middleware is important
This middleware should be added after any logging middleware and before other middleware or application code. Request Flow │ ┌───────────────────────────────────┐ │ │ Logging Middleware │ │ └───────────────────────────────────┘ │ ┌───────────────────────────────────┐ │ │ Api Protect Middleware │ │ └───────────────────────────────────┘ │ ┌───────────────────────────────────┐ │ │ Other Middleware │ │ └───────────────────────────────────┘ │ │ ▼
# example Falcon application from apiprotect.middleware import ApiProtectFalconMiddleware app = falcon.App( middleware=[ CloudTraceMiddleware(), ApiProtectFalconMiddleware(), SqlAlchemySessionMiddleware(), CORSMiddleware(), ] )
# example WSGI application from apiprotect.middleware import ApiProtectWSGIMiddleware wsgi_app = get_wsgi_application() protected_wsgi_app = ApiProtectWSGIMiddleware(wsgi_app)
Step 3: Set the Client ID
For each API you protect Data Theorem provides a unique identifier which authenticates the SDK when it communicates with our services. The client id we provide can be set in two way, either via an environment variable DT_API_PROTECT_CLIENT_ID
or by passing it directly to the middleware.
Setting the environment variable is the preferred way, but if you need to pass it to the middleware, here is how to do that:
# example passing client_id to Falcon middleware import settings # file-based secure settings management app = falcon.App( middleware=[ CloudTraceMiddleware(), ApiProtectFalconMiddleware(client_id=settings.client_id), SqlAlchemySessionMiddleware(), CORSMiddleware(), ] )
# example passing client_id to WSGI middleware import settings # file-based secure settings management from apiprotect.middleware import ApiProtectWSGIMiddleware wsgi_app = get_wsgi_application() protected_wsgi_app = ApiProtectWSGIMiddleware(wsgi_app, client_id=settings.client_id)