Today, we are excited to release a new version of our base Python library, as well as releases of our framework-specific libraries for FastAPI, Flask, and Django Rest Framework.
Let’s jump in to some of the larger changes!
If you’ve used our Python libraries before, the type hinting left a lot to be desired. In our latest release, we now have type hints for all requests as well as datatypes for all responses.
NOTE: This will break specifically if you were previously unpacking (using the ** operator) on responses. Responses were previously dicts and are now explicit datatypes.
We have implemented commonly used functions like a key lookup (response["user_id"] will still work, but response.user_id is now preferred). We typically try to avoid breaking changes (this is our second in 3 years), but this felt like a pretty narrow problem.
For simpler permissions checking, you can now call functions directly on the User object like:
These allow you to pass around the User object instead of needing to refer back to the Auth object, and it also allows for easier mocking/testing.
This isn’t specific to our Python library, but we’ve released a lot of new APIs like:
See the full list in our reference docs here.
At PropelAuth, we’ve been fortunate to have a front-row seat to seeing many B2B SaaS companies grow. Auth providers are most important at critical moments in a company's history (initial launch, onboarding your first customer, closing your first enterprise customer, etc.). The most important thing we can do as you grow is to get out of the way.
That’s why we’re really happy with this FastAPI route:
@app.post("/api/expensive-action")
async def do_expensive_action(user: User = Depends(auth.require_user)):
org = user.get_active_org()
if org == None or \
not org.user_has_permission("can_do_expensive_action"):
raise HTTPException(status_code=403, detail="Forbidden")
return do_expensive_action_inner(user, org)
At first glance, this seems like a pretty simple route, but it has a few important pieces:
@app.post("/api/expensive-action")
async def do_expensive_action(user: User = Depends(auth.require_user)):
org = user.get_active_org()
if org == None or \
not org.user_has_permission("can_do_expensive_action"):
raise HTTPException(status_code=403, detail="Forbidden")
return do_expensive_action_inner(user, org)
And the best part? That same code snippet above will continue to work. Even as our customer’s requirements get more complicated, your code won’t.
We're always looking to improve our libraries and services based on your feedback. If you have any questions about this release or suggestions for future improvements, please don't hesitate to reach out.
The above is the detailed content of PropelAuth Python velease. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
