|
2 | 2 |
|
3 | 3 | The official Python library for the Picket API |
4 | 4 |
|
| 5 | +## Installation |
| 6 | + |
| 7 | +```bash |
| 8 | +pip install -U picketapi |
| 9 | +``` |
| 10 | + |
| 11 | +## Usage - Quick Start |
| 12 | + |
| 13 | +Use the `Picket` class to create the Picket API client. It takes a _secret API key_ as a parameter. |
| 14 | + |
| 15 | +```python |
| 16 | +from picketapi import Picket |
| 17 | + |
| 18 | +picket = new Picket("YOU_SECRET_API_KEY") |
| 19 | +``` |
| 20 | + |
| 21 | +## Nonce |
| 22 | + |
| 23 | +A `nonce` is random value generated by the Picket API to that user must sign to prove ownership a wallet address. The `nonce` function can be used to implement your own wallet authentication flow. |
| 24 | + |
| 25 | +A nonce is unique to a project and wallet address. If a `nonce` doesn't exist for the project and wallet address, Picket will generate a new nonce; otherwise, Picket will return the existing nonce. A nonce is valid for two minutes before self-destructing. |
| 26 | + |
| 27 | +```python |
| 28 | +resp = picket.nonce(chain="solana", wallet_address="wAlLetTAdDress") |
| 29 | +# resp is of type NonceResponse |
| 30 | +print(resp.nonce) |
| 31 | +``` |
| 32 | + |
| 33 | +## Auth |
| 34 | + |
| 35 | +`auth` is the server-side equivalent of login. `auth` should only be used in a trusted server environment. The most common use-case for `auth` is [linking a wallet to an existing application account](https://docs.picketapi.com/picket-docs/tutorials/link-a-wallet-to-a-web-2.0-account). |
| 36 | + |
| 37 | +```python |
| 38 | +resp = picket.auth(chain="ethereum", wallet_address="0x1234567890", signature="abcdefghijklmnop") |
| 39 | +# resp is of type AuthResponse |
| 40 | +print(resp.user) |
| 41 | +print(resp.access_token) |
| 42 | +``` |
| 43 | + |
| 44 | +## Authz (Authorize) |
| 45 | +`authz` stands for authorization. Unlike Auth, which handles both authentication and authorization, Authz only handles authorization. |
| 46 | +Given an authenticated user's access token and authorization requirements, `authz` will issue a new access token on success (user is authorized) or, on failure, it will return a 4xx HTTP error code. |
| 47 | + |
| 48 | +```python |
| 49 | +resp = picket.authz(access_token="xxx.yyy.zzz", requirements={ "contractAddress": "0xContract" }) |
| 50 | +# resp is of type AuthResponse |
| 51 | +print(resp.user) |
| 52 | +print(resp.access_token) |
| 53 | +``` |
| 54 | + |
| 55 | +## Validate |
| 56 | +`validate` validates an access token. `validate` should be called, or manually access token validation should be done, server-side before trusting a request's access token. It's common to move access token validation and decoding logic to a shared middleware across API endpoints. |
| 57 | +If the access token is valid, validate returns the decoded claims of the access token. |
| 58 | + |
| 59 | +```python |
| 60 | +resp, err := picket.validate(access_token="xxx.yyy.zzz", requirements={"contractAddress": "0xContract", "minTokenBalance": "100"}) |
| 61 | +# Response is the decoded access token (AuthorizedUser) |
| 62 | +print(resp) |
| 63 | +``` |
| 64 | + |
| 65 | +## Verify Token Ownership |
| 66 | +If you only want to verify token ownership server side for a given wallet, `tokenOwnership` allows you to do just that. |
| 67 | + |
| 68 | +```python |
| 69 | +resp = picket.token_ownership( |
| 70 | + chain="solana", |
| 71 | + wallet_address="waLLETaddRess", |
| 72 | + requirements={ |
| 73 | + "collection": "METAPLEX_COLLECTION", |
| 74 | + "minTokenBalance": "3", |
| 75 | + } |
| 76 | + ) |
| 77 | +# Response is of type TokenOwnershipResponse |
| 78 | +print(resp.allowed) |
| 79 | +print(resp.tokenBalances) |
| 80 | +``` |
| 81 | + |
0 commit comments