Hi Guys Quick Hope everyone is well , What is the ...
# support-questions-legacym
moe1502pi4962
05/27/2022, 6:02 AMHi Guys Quick Hope everyone is well , What is the best way to implement supertokens in python ? So the plan is to use a python terminal app with login ? is this possible ? Does anyone have any tips or has anyone implemented something similar ?
r
rp_st
05/27/2022, 6:13 AMhey @moe1502pi4962
rp_st
05/27/2022, 6:13 AMSo if i understand this correctly, you are building a CLI written in python and want to provide auth for that?
m
moe1502pi4962
05/27/2022, 6:14 AMYes that is correct and I have googled around but cannot seem to find anything concrete
r
rp_st
05/27/2022, 6:14 AMhmm. What is your backend?
m
moe1502pi4962
05/27/2022, 6:39 AMCurrently what i use as a backend would be MongoDB , so currently we have our own custom JWT Token Auth which uses Mongodb to do a lookup and redis to store the tokens for session management
r
rp_st
05/27/2022, 6:59 AMhmm. so the client is the python CLI right? It talks to mongodb directly? Or some API layer which talks to mongodb?
m
moe1502pi4962
05/27/2022, 7:09 AMI have a flaskapi that talks to MongoDB basically the api does the heavy lifting
r
rp_st
05/27/2022, 7:33 AMUnderstood. And for logging in, does the CLI open the web browser?
m
moe1502pi4962
05/27/2022, 7:53 AMNo it does not it is just a terminal app , whereby I would used request to make a call to the flask api and get my token back
r
rp_st
05/27/2022, 7:56 AMhmm. How would that API authenticate the user?
m
moe1502pi4962
05/27/2022, 8:03 AMCheck if the user exists in the database if he/she does it will return a JWT Token back
r
rp_st
05/27/2022, 8:04 AMoh so the user will give an email or something in the request?
rp_st
05/27/2022, 8:12 AMWell, anyhow. So you have two options:
- Use our session recipe -> here, instead of issuing just a JWT, you will get an access and a refresh token which you will have to save on the client side. This can be a bit complex because you need to refresh the session yourself (we don't have a frontend python SDK)
- The other method is to use supertokens to issue a JWT which you can then send to the frontend (similar to your current method). The only real advantage you are getting here is that you don't have to worry about issuing a JWT yourself and managing its secret key yourself.
m
moe1502pi4962
05/27/2022, 8:52 AMOkay thank you for the advice I will evaluate the two options