Castle protects your users from account compromise
Project description
Castle analyzes device, location, and interaction patterns in your web and mobile apps and lets you stop account takeover attacks in real-time.
Installation
pip install castle
Configuration
import and configure the library with your Castle API secret.
from castle.configuration import configuration, WHITELISTED
# Same as setting it through Castle.api_secret
configuration.api_secret = ':YOUR-API-SECRET'
# For authenticate method you can set failover strategies: allow(default), deny, challenge, throw
configuration.failover_strategy = 'deny'
# Castle::RequestError is raised when timing out in milliseconds (default: 500 milliseconds)
configuration.request_timeout = 1000
# Whitelisted and Blacklisted headers are case insensitive and allow to use _ and - as a separator, http prefixes are removed
# By default all headers are passed, but some are automatically scrubbed.
# If you need to apply a whitelist, we recommend using the minimum set of
# standard headers that we've exposed in the `WHITELISTED` constant.
# Whitelisted headers
configuration.whitelisted = WHITELISTED + ['X_HEADER']
# Blacklisted headers take advantage over whitelisted elements. Note that
# some headers are always scrubbed, for security reasons.
configuration.blacklisted = ['HTTP-X-header']
# Castle needs the original IP of the client, not the IP of your proxy or load balancer.
# The SDK will only trust the proxy chain as defined in the configuration.
# We try to fetch the client IP based on X-Forwarded-For or Remote-Addr headers in that order,
# but sometimes the client IP may be stored in a different header or order.
# The SDK can be configured to look for the client IP address in headers that you specify.
# If the specified header or X-Forwarded-For default contains a proxy chain with public IP addresses,
# then one of the following must be set
# 1. The trusted_proxies value must match the known proxy IP's
# 2. The trusted_proxy_depth value must be set to the number of known trusted proxies in the chain (see below)
configuration.ip_headers = []
# Additionally to make X-Forwarded-For and other headers work better discovering client ip address,
# and not the address of a reverse proxy server, you can define trusted proxies
# which will help to fetch proper ip from those headers
# In order to extract the client IP of the X-Forwarded-For header
# and not the address of a reverse proxy server, you must define all trusted public proxies
# you can achieve this by listing all the proxies ip defined by string or regular expressions
# in trusted_proxies setting
configuration.trusted_proxies = []
# or by providing number of trusted proxies used in the chain
configuration.trusted_proxy_depth = 0
# If there is no possibility to define options above and there is no other header which can have client ip
# then you may set trust_proxy_chain = true to trust all of the proxy IP's in X-Forwarded-For
configuration.trust_proxy_chain = false
# *Note: default always marked as trusty list is here: Castle::Configuration::TRUSTED_PROXIESTracking
Here is a simple example of track event.
from castle.client import Client
from castle import events
castle = Client.from_request(request)
castle.track({
'event': events.LOGIN_SUCCEEDED,
'user_id': 'user_id'
})The client will automatically configure the context for each request.
Signature
from secure_mode import signature
signature(user_id)will create a signed user_id.
Async tracking
By default Castle sends requests synchronously. To send requests in a background worker you can generate data for a worker:
from castle.client import Client
from castle import events
context = Client.to_context(request)
options = Client.to_options({
'event': events.LOGIN_SUCCEEDED,
'user_id': user.id,
'properties': {
'key': 'value'
},
'user_traits': {
'key': 'value'
}
})and use it later in a way
from castle.client import Client
client = Client(context)
client.track(options)Events
Impersonation mode
Exceptions
CastleError will be thrown if the Castle API returns a 400 or a 500 level HTTP response. You can also choose to catch a more finegrained error.
Documentation
Documentation and links to additional resources are available at https://castle.io/docs
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file castle-3.3.0.tar.gz.
File metadata
- Download URL: castle-3.3.0.tar.gz
- Upload date:
- Size: 22.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d5e238a2a69b0bd1ef1870da7ba3e486e8d7823286e49636a178821692ed63ee
|
|
| MD5 |
dd9ae9a804c0235c7bd649e90dd154ef
|
|
| BLAKE2b-256 |
42473c96695b1463db1257f3099d441c7c9e5a0496c6b1d05b15f78ddcd92c4a
|
File details
Details for the file castle-3.3.0-py2.py3-none-any.whl.
File metadata
- Download URL: castle-3.3.0-py2.py3-none-any.whl
- Upload date:
- Size: 39.2 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.7.7
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
652cab4be6edb9cc7271c7941b68173f14b3161b0cbe237e1ac06b5980739057
|
|
| MD5 |
3208a4f05d62670f9ff46834c0f7611b
|
|
| BLAKE2b-256 |
a35e9bb2d4420ed27c6e0f0a04a92bf35e6b112ee53a890bb6413af7242134f2
|
