Skip to content

signinwithethereum/siwe-py

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
siwe
siwe
 
 
tests
tests
 
 
LICENSE-APACHE
LICENSE-APACHE
 
 
LICENSE-MIT
LICENSE-MIT
 
 
README.md
README.md
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Sign-In with Ethereum

This package provides a Python implementation of EIP-4361: Sign In With Ethereum.

Installation

SIWE can be easily installed in any Python project with pip:

pip install siwe

Usage

SIWE provides a SiweMessage class which implements EIP-4361.

Parsing a SIWE Message

Parsing is done by initializing a SiweMessage object with an EIP-4361 formatted string:

from siwe import SiweMessage message = SiweMessage.from_message(message=eip_4361_string)

Or to initialize a SiweMessage as a pydantic.BaseModel right away:

message = SiweMessage(domain="login.xyz", address="0x1234...", ...)

Verifying and Authenticating a SIWE Message

Verification and authentication is performed via EIP-191, using the address field of the SiweMessage as the expected signer. The validate method checks message structural integrity, signature address validity, and time-based validity attributes.

try: message.verify(signature="0x...") # You can also specify other checks (e.g. the nonce or domain expected). except siwe.ValidationError: # Invalid

Serialization of a SIWE Message

SiweMessage instances can also be serialized as their EIP-4361 string representations via the prepare_message method:

print(message.prepare_message())

Example

Parsing and verifying a SiweMessage is easy:

try: message: SiweMessage = SiweMessage(message=eip_4361_string) message.verify(signature, nonce="abcdef", domain="example.com"): except siwe.ValueError: # Invalid message print("Authentication attempt rejected.") except siwe.ExpiredMessage: print("Authentication attempt rejected.") except siwe.DomainMismatch: print("Authentication attempt rejected.") except siwe.NonceMismatch: print("Authentication attempt rejected.") except siwe.MalformedSession as e: # e.missing_fields contains the missing information needed for validation print("Authentication attempt rejected.") except siwe.InvalidSignature: print("Authentication attempt rejected.") # Message has been verified. Authentication complete. Continue with authorization/other.

Testing

poetry install git submodule update --init poetry run pytest

See Also

Disclaimer

Our Python library for Sign-In with Ethereum has not yet undergone a formal security audit. We welcome continued feedback on the usability, architecture, and security of this implementation.

About

A Python implementation of Sign-In with Ethereum

Resources

Readme

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages