🎉 Trustauthx v-1.0 is released. Get Started →
Integration
Python
How to Use Authlite Client

AuthLiteClient API Documentation

Welcome to the documentation for the AuthLiteClient Python class! 🚀 This class empowers you to interact with various API endpoints for authentication and user management. We'll provide a detailed explanation of each API endpoint and guide you on how to construct requests and communicate with the API while emphasizing the role of the jwt_encode and jwt_decode functions.

Let's explore each API endpoint step by step! 📚

Table of Contents

  1. Introduction
  2. Initialization
  3. Generate Authentication URL
  4. Generate Edit User URL
  5. Re-authenticate User
  6. Get User Data
  7. Get Access Token from Refresh Token
  8. Validate Access Token
  9. Revoke Token
  10. Attach Role/Roles to a User
  11. Remove Role/Roles from a User
  12. Update Role/Roles of a User
  13. Validate Token Set
  14. Roles Instance Variable
  15. Get All Roles
  16. Add Role
  17. Delete Role
  18. Add Permission
  19. Delete Permission
  20. concludes

1. Introduction

The AuthLiteClient class facilitates interaction with various authentication and user management API endpoints provided by TrustAuthX.

Emoji Key

  • 🚀: Important
  • 🔐: Security
  • 📝: Note

2. Initialization 🔐

To start using the AuthLiteClient, you must initialize it with your API and secret keys. These keys are vital for securing requests to TrustAuthX API endpoints.

How to Initialize AuthLiteClient:

python
from authx.authlite import AuthLiteClient
 
# Initialize the AuthLiteClient
client = AuthLiteClient(api_key="your_api_key", secret_key="your_secret_key", org_id="your_org_id")
  • api_key (str): Your TrustAuthX API key.
  • secret_key (str): Your TrustAuthX secret key.
  • org_id (str): Your organization's ID (required for some operations).

3. Generate Authentication URL 🚀

You can generate an authentication URL for your organization using the generate_url method. This URL allows users to log in or register with TrustAuthX.

How to Generate Authentication URL:

python
auth_url = client.generate_url()
  • auth_url (str): The generated authentication URL.

4. Generate Edit User URL 🚀

The generate_edit_user_url method constructs a URL that enables users to edit their profile settings.

How to Generate Edit User URL:

python
access_token = "user_access_token"
target_url = "target_url_for_redirection"
edit_user_url = client.generate_edit_user_url(access_token, target_url)
  • access_token (str): The user's access token.
  • target_url (str): The URL to which the user will be redirected after editing their profile.

5. Re-authenticate User 🔐

The re_auth method guides you through re-authenticating a user using a code obtained from TrustAuthX.

How to Re-authenticate a User:

python
reauth_code = "re-authentication_code"
user_info = client.re_auth(reauth_code)
  • reauth_code (str): The re-authentication code obtained from TrustAuthX.
  • user_info (dict): User information, including access and refresh tokens.

6. Get User Data 🚀

Retrieve user data using the get_user method. It explains how to construct a request to validate the provided authentication token and obtain user information.

How to Get User Data:

python
user_token = "user_access_token"
user_info = client.get_user(user_token)
  • user_token (str): The user's authentication token.
  • user_info (dict): User information, including access and refresh tokens.

7. Get Access Token from Refresh Token 🚀

Learn how to obtain a new access token using a refresh token with the get_access_token_from_refresh_token method.

How to Get Access Token from Refresh Token:

python
refresh_token = "user_refresh_token"
new_tokens = client.get_access_token_from_refresh_token(refresh_token)
  • refresh_token (str): The user's refresh token.
  • new_tokens (dict): New access and refresh tokens.

8. Validate Access Token 🚀

The validate_access_token method explains how to validate an access token's authenticity.

How to Validate Access Token:

python
access_token = "user_access_token"
is_valid = client.validate_access_token(access_token)
  • access_token (str): The access token to validate.
  • is_valid (bool): True if the token is valid; otherwise, False.

9. Revoke Token 🔐

Learn how to revoke an access or refresh token using the revoke_token method.

How to Revoke a Token:

python
# Revoke an access token
client.revoke_token(AccessToken="user_access_token")
 
# Revoke a refresh token
client.revoke_token(RefreshToken="user_refresh_token")
 
# Revoke all tokens associated with the user
client.revoke_token(AccessToken="user_access_token", revoke_all_tokens=True)
  • AccessToken (str): The access token to revoke (optional).
  • RefreshToken (str): The refresh token to revoke (optional).
  • revoke_all_tokens (bool): Set to True to revoke all tokens associated with the user (optional).

10. Validate Token Set 🔐

The validate_token_set method demonstrates how to validate an access token and, if necessary, refresh it using a refresh token.

How to Validate Token Set:

python
access_token = "user_access_token"
refresh_token = "user_refresh_token"
token_check = client.validate_token_set(access_token, refresh_token)
  • access_token (str): The user's access token.
  • refresh_token (str): The user's refresh token.
  • token_check (TokenCheck): An object containing the state, access token, and refresh token.

11. Attach Role/Roles to a User 🔐

attach_role(self, uid: str, rol_ids: str | list, signoff_session_and_assign: bool = False, refresh_token: str = None, access_token: str = None, return_class: bool = False) -> dict | SignOffSessionReplace 🚀

Attaches a role to a user.

How to Attaches a role to a user.

  • uid (str): The user ID to attach the role to.
  • rol_ids (str | list): The ID(s) of the role(s) to attach.
  • signoff_session_and_assign (bool, optional): Whether to sign off the session and assign. Defaults to False.
  • refresh_token (str, optional): The refresh token for authentication.
  • access_token (str, optional): The access token for authentication.
  • return_class (bool, optional): Whether to return a class instance. Defaults to False.

Returns:

  • A dictionary or a SignOffSessionReplace object, depending on the return_class parameter.

Raises:

  • ParseError: If signoff_session_and_assign is True but refresh_token or access_token is not provided.

12. Remove Role/Roles from a User 🔐

remove_role(self, uid: str, rol_ids: str | list, signoff_session_and_assign: bool = False, refresh_token: str = None, access_token: str = None, return_class: bool = False) -> dict | SignOffSessionReplace 🚀

Removes a role from a user.

How to removes a role to a user.

  • uid (str): The user ID to remove the role from.
  • rol_ids (str | list): The ID(s) of the role(s) to remove.
  • signoff_session_and_assign (bool, optional): Whether to sign off the session and assign. Defaults to False.
  • refresh_token (str, optional): The refresh token for authentication.
  • access_token (str, optional): The access token for authentication.
  • return_class (bool, optional): Whether to return a class instance. Defaults to False.

Returns:

  • A dictionary or a SignOffSessionReplace object, depending on the return_class parameter.

Raises:

  • ParseError: If signoff_session_and_assign is True but refresh_token or access_token is not provided.

13. Update Role/Roles of a User 🔐

update_role(self, uid: str, rol_ids_to_add: str | list, rol_ids_to_remove: str | list, signoff_session_and_assign: bool = False, refresh_token: str = None, access_token: str = None, return_class: bool = False) -> dict | SignOffSessionReplace 🚀

Updates a user's roles by adding and/or removing roles.

Parameters:

  • uid (str): The user ID to update roles for.
  • rol_ids_to_add (str | list): The ID(s) of the role(s) to add.
  • rol_ids_to_remove (str | list): The ID(s) of the role(s) to remove.
  • signoff_session_and_assign (bool, optional): Whether to sign off the session and assign. Defaults to False.
  • refresh_token (str, optional): The refresh token for authentication.
  • access_token (str, optional): The access token for authentication.
  • return_class (bool, optional): Whether to return a class instance. Defaults to False.

Returns:

  • A dictionary or a SignOffSessionReplace object, depending on the return_class parameter.

Raises:

  • ParseError: If signoff_session_and_assign is True but refresh_token or access_token is not provided.

##14. Roles The Instance Variable of Class AuthLiteClient 🔐

The _Roles class inherits from the _EdgeDBRoleQuery class and provides methods for managing roles and permissions. It can be accessed by Roles which is an instance variable of AuthLiteClient.

###15. get_all_roles(self) -> GetAllRolesResponse 🚀

Retrieves all roles and their associated permissions.

Returns:

  • A GetAllRolesResponse object containing the list of roles and their permissions.

###16. add_role(self, org_id: str, name: str, permissions: List[Permission]) -> AddRoleResponse 🚀

Adds a new role with the specified permissions.

Parameters:

  • org_id (str): The organization ID associated with the new role.
  • name (str): The name of the new role.
  • permissions (List[Permission]): A list of permissions to be associated with the new role.

Returns:

  • An AddRoleResponse object containing the details of the newly added role.

###17. delete_role(self, org_id: str, rol_id: str) -> DeleteRoleResponse 🚀

Deletes an existing role.

Parameters:

  • org_id (str): The organization ID associated with the role.
  • rol_id (str): The unique identifier of the role to be deleted.

Returns:

  • A DeleteRoleResponse object containing the details of the deleted role.

###18. add_permission(self, org_id: str, rol_id: str, permissions: List[Permission]) -> AddPermissionResponse 🚀

Adds one or more permissions to an existing role.

Parameters:

  • org_id (str): The organization ID associated with the role.
  • rol_id (str): The unique identifier of the role.
  • permissions (List[Permission]): A list of permissions to be added to the role.

Returns:

  • An AddPermissionResponse object containing the updated role with the added permissions.

###19. delete_permission(self, org_id: str, rol_id: str, permissions: List[Permission]) -> DeletePermissionResponse 🚀

Deletes one or more permissions from an existing role.

Parameters:

  • org_id (str): The organization ID associated with the role.
  • rol_id (str): The unique identifier of the role.
  • permissions (List[Permission]): A list of permissions to be removed from the role.

Returns:

  • A DeletePermissionResponse object containing the updated role with the removed permissions.
  1. That concludes our in-depth documentation for the AuthLiteClient class and its methods. Feel free to refer to this documentation while working with TrustAuthX APIs. If you have any questions or need further assistance, please don't hesitate to reach out. Happy coding! 🎉👨‍💻👩‍💻
API ReferenceFastapi