feat: add Litestar framework integration with SuperTokens and setup environment

pythonhubdev · pythonhubdev · commit 3f8c800da398 · 2025-05-23T22:35:47.000+05:30
diff --git a/examples/with-litestar/with-thirdpartyemailpassword/README.md b/examples/with-litestar/with-thirdpartyemailpassword/README.md
@@ -0,0 +1,33 @@
+![SuperTokens banner](https://raw.githubusercontent.com/supertokens/supertokens-logo/master/images/Artboard%20%E2%80%93%2027%402x.png)
+
+# FastAPI example
+
+This is an example to show how to use supertokens-python library with FastAPI framework and ThirdpartyEmailpassword recipe.
+
+This server code can be used to implement social auth using:
+- Google
+- Google Workspaces
+- Github
+- Apple
+- Discord
+
+## Installation
+
+Before installing, use the script to create a virtual environment and to install all the required packages.
+```bash
+source create_env.sh
+```
+
+## Start web app
+
+```bash
+uvicorn main:app --reload --host=0.0.0.0 --port=3001
+```
+
+## Author
+
+Created with :heart: by the folks at supertokens.com.
+
+## License
+
+This project is licensed under the Apache 2.0 license.
diff --git a/examples/with-litestar/with-thirdpartyemailpassword/create_env.sh b/examples/with-litestar/with-thirdpartyemailpassword/create_env.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+pip install virtualenv
+#Create a virtualenv
+virtualenv litestar_example
+# shellcheck disable=SC2164
+source litestar_example/bin/activate
+
+pip install -r requirements.txt
diff --git a/examples/with-litestar/with-thirdpartyemailpassword/main.py b/examples/with-litestar/with-thirdpartyemailpassword/main.py
@@ -0,0 +1,192 @@
+import os
+from typing import Any
+
+import uvicorn  # type: ignore
+from dotenv import load_dotenv
+from litestar import Litestar, MediaType, Response, get
+from litestar.config.cors import CORSConfig
+from litestar.di import Provide
+from supertokens_python import (
+    InputAppInfo,
+    SupertokensConfig,
+    get_all_cors_headers,
+    init,
+)
+from supertokens_python.framework.litestar.litestar_middleware import LitestarMiddleware
+from supertokens_python.recipe import (
+    dashboard,
+    emailverification,
+    session,
+    thirdparty,
+    usermetadata,
+)
+from supertokens_python.recipe.session import SessionContainer
+from supertokens_python.recipe.session.framework.litestar import verify_session
+
+load_dotenv()
+
+
+def get_api_port():
+    return 3001
+
+
+def get_website_port():
+    return "3000"
+
+
+def get_website_domain():
+    return "http://localhost:" + get_website_port()
+
+
+init(
+    supertokens_config=SupertokensConfig(connection_uri="https://try.supertokens.io"),
+    app_info=InputAppInfo(
+        app_name="Supertokens",
+        api_domain="http://localhost:" + str(get_api_port()),
+        website_domain=get_website_domain(),
+        api_base_path="/auth",
+    ),
+    framework="litestar",
+    recipe_list=[
+        session.init(),
+        dashboard.init(),
+        emailverification.init("REQUIRED"),
+        usermetadata.init(),
+        thirdparty.init(
+            sign_in_and_up_feature=thirdparty.SignInAndUpFeature(
+                providers=[
+                    thirdparty.ProviderInput(
+                        config=thirdparty.ProviderConfig(
+                            third_party_id="google",
+                            clients=[
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["GOOGLE_CLIENT_ID"],
+                                    client_secret=os.environ["GOOGLE_CLIENT_SECRET"],
+                                    client_type="web",
+                                ),
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["GOOGLE_CLIENT_ID_MOBILE"],
+                                    client_secret=os.environ[
+                                        "GOOGLE_CLIENT_SECRET_MOBILE"
+                                    ],
+                                    client_type="mobile",
+                                ),
+                            ],
+                        ),
+                    ),
+                    thirdparty.ProviderInput(
+                        config=thirdparty.ProviderConfig(
+                            third_party_id="github",
+                            clients=[
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["GITHUB_CLIENT_ID"],
+                                    client_secret=os.environ["GITHUB_CLIENT_SECRET"],
+                                    client_type="web",
+                                ),
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["GITHUB_CLIENT_ID_MOBILE"],
+                                    client_secret=os.environ[
+                                        "GITHUB_CLIENT_SECRET_MOBILE"
+                                    ],
+                                    client_type="mobile",
+                                ),
+                            ],
+                        )
+                    ),
+                    thirdparty.ProviderInput(
+                        config=thirdparty.ProviderConfig(
+                            third_party_id="apple",
+                            clients=[
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["APPLE_CLIENT_ID"],
+                                    client_type="web",
+                                    additional_config={
+                                        "keyId": os.environ["APPLE_KEY_ID"],
+                                        "teamId": os.environ["APPLE_TEAM_ID"],
+                                        "privateKey": os.environ["APPLE_PRIVATE_KEY"],
+                                    },
+                                ),
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["APPLE_CLIENT_ID_MOBILE"],
+                                    client_type="mobile",
+                                    additional_config={
+                                        "keyId": os.environ["APPLE_KEY_ID"],
+                                        "teamId": os.environ["APPLE_TEAM_ID"],
+                                        "privateKey": os.environ["APPLE_PRIVATE_KEY"],
+                                    },
+                                ),
+                            ],
+                        )
+                    ),
+                    thirdparty.ProviderInput(
+                        config=thirdparty.ProviderConfig(
+                            third_party_id="google-workspaces",
+                            clients=[
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["GOOGLE_WORKSPACES_CLIENT_ID"],
+                                    client_secret=os.environ[
+                                        "GOOGLE_WORKSPACES_CLIENT_SECRET"
+                                    ],
+                                ),
+                            ],
+                        )
+                    ),
+                    thirdparty.ProviderInput(
+                        config=thirdparty.ProviderConfig(
+                            third_party_id="discord",
+                            clients=[
+                                thirdparty.ProviderClientConfig(
+                                    client_id=os.environ["DISCORD_CLIENT_ID"],
+                                    client_secret=os.environ["DISCORD_CLIENT_SECRET"],
+                                ),
+                            ],
+                        )
+                    ),
+                ]
+            )
+        ),
+    ],
+    telemetry=False,
+)
+
+
+@get(
+    "/sessioninfo",
+    dependencies={"session": Provide(verify_session())},
+)
+async def get_session_info(session: SessionContainer) -> Response[Any]:
+    return Response(
+        {
+            "sessionHandle": session.get_handle(),
+            "userId": session.get_user_id(),
+            "accessTokenPayload": session.get_access_token_payload(),
+        }
+    )
+
+
+def f_405(_, __: Exception):
+    return Response("", status_code=404, media_type=MediaType.TEXT)
+
+
+cors = CORSConfig(
+    allow_origins=[get_website_domain()],
+    allow_credentials=True,
+    allow_methods=["GET", "PUT", "POST", "DELETE", "OPTIONS", "PATCH"],
+    allow_headers=["Content-Type"] + get_all_cors_headers(),
+)
+
+app = Litestar(
+    route_handlers=[
+        get_session_info,
+    ],
+    middleware=[
+        LitestarMiddleware(),
+    ],
+    cors_config=cors,
+    exception_handlers={
+        Exception: f_405,
+    },
+)
+
+if __name__ == "__main__":
+    uvicorn.run(app, host="0.0.0.0", port=get_api_port())  # type: ignore
diff --git a/examples/with-litestar/with-thirdpartyemailpassword/requirements.txt b/examples/with-litestar/with-thirdpartyemailpassword/requirements.txt
@@ -0,0 +1,4 @@
+litestar
+uvicorn
+python-dotenv
+supertokens-python
diff --git a/supertokens_python/framework/litestar/litestar_middleware.py b/supertokens_python/framework/litestar/litestar_middleware.py
@@ -2,8 +2,9 @@
 
 from litestar import Request, Response
 from litestar.datastructures import MutableScopeHeaders
-from litestar.middleware.base import AbstractMiddleware
-from litestar.types import Message, Receive, Scope, Send
+from litestar.enums import ScopeType
+from litestar.middleware import ASGIMiddleware
+from litestar.types import ASGIApp, Message, Receive, Scope, Send
 from supertokens_python import Supertokens
 from supertokens_python.exceptions import SuperTokensError
 from supertokens_python.framework.litestar.litestar_request import LitestarRequest
@@ -13,12 +14,17 @@
 from supertokens_python.utils import default_user_context
 
 
-class LitestarMiddleware(AbstractMiddleware):
-    async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
+class LitestarMiddleware(ASGIMiddleware):
+    scopes = (ScopeType.HTTP, ScopeType.ASGI)
+
+    async def handle(
+        self, scope: Scope, receive: Receive, send: Send, next_app: ASGIApp
+    ) -> None:
         if scope["type"] != "http":
-            await self.app(scope, receive, send)
+            await next_app(scope, receive, send)
             return
 
+        # Initialize SuperTokens and request/response objects
         st = Supertokens.get_instance()
         request = Request[Any, Any, Any](scope, receive=receive, send=send)
         custom_request = LitestarRequest(request)
@@ -27,6 +33,7 @@ async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
         try:
             response = LitestarResponse(Response[Any](content=None))
             result = await st.middleware(custom_request, response, user_context)
+
             if result is not None:
                 # SuperTokens handled the request
                 if hasattr(request.state, "supertokens") and isinstance(
@@ -35,9 +42,9 @@ async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
                     manage_session_post_response(
                         request.state.supertokens, result, user_context
                     )
-                # Add cookies using MutableScopeHeaders
+                # Convert response to ASGI and add cookies to headers
                 asgi_response = await result.response.to_asgi_response(
-                    app=None, request=request
+                    app=next_app, request=request
                 )
 
                 async def modified_send(message: Message):
@@ -49,9 +56,8 @@ async def modified_send(message: Message):
                     await send(message)
 
                 await asgi_response(scope, receive, modified_send)
-                return
             else:
-                # SuperTokens didn’t handle the request; wrap the send function
+                # SuperTokens didn’t handle the request; pass to next app with wrapped send
                 async def send_wrapper(message: Message):
                     if message["type"] == "http.response.start":
                         if hasattr(request.state, "supertokens") and isinstance(
@@ -71,18 +77,17 @@ async def send_wrapper(message: Message):
                                 mutable_headers.add("set-cookie", cookie_value)
                     await send(message)
 
-                await self.app(scope, receive, send_wrapper)
-                return
+                await next_app(scope, receive, send_wrapper)
 
         except SuperTokensError as e:
+            # Handle SuperTokens errors
             response = LitestarResponse(Response[Any](content=None))
             result = await st.handle_supertokens_error(
                 custom_request, e, response, user_context
             )
             if isinstance(result, LitestarResponse):
-                # Add cookies using MutableScopeHeaders
                 asgi_response = await result.response.to_asgi_response(
-                    app=None, request=request
+                    app=next_app, request=request
                 )
 
                 async def modified_send(message: Message):
@@ -94,5 +99,5 @@ async def modified_send(message: Message):
                     await send(message)
 
                 await asgi_response(scope, receive, modified_send)
-                return
-            raise Exception("Should never come here")
+            else:
+                raise Exception("Unexpected error handling in SuperTokens middleware")
diff --git a/tests/Litestar/test_litestar.py b/tests/Litestar/test_litestar.py
