Skip to content
Django basic LTI authentication (launch links) - Provider and Consumer
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore ignore pyc Jul 16, 2015 fix typo Feb 20, 2019 Ensure not form-encoded (remove option) Feb 20, 2019 remove login_func as it is redundant Jul 15, 2015
requirements.txt initial commit May 1, 2015 Ensure not form-encoded (remove option) Feb 20, 2019

A basic LTI authentication mechanism for django.

Tested with:

as both a provider and a consumer.

pip install blti

As a provider: see

from blti import lti_provider

def provider_view(request, post_params, consumer_key, *args, **kwargs):
    pass # your authenticated view here

N.B. to allow the embedding of your LTI provider in an iframe, you may need to disable django clickjacking protection (e.g. also using @xframe_options_exempt) when the "launch_presentation_document_target" parameter is set to "iframe".

set default options with:

import blti

    # this may be a callable or a dictionary-like object
	consumer_lookup = {
		'test_consumer': 'test_secret123'
	site_url = '', # your site URL (if set to None, Django will try to infer it from the request)
	require_post = True, # this view only accepts POST requests
	error_func = some_error_callable # the callable to use to handle errors. Defaults to HttpResponseForbidden
    allow_origin = '*' # the value for the Access-Control-Allow-Origin header

or pass them in:

import blti

def provider_view(request, post_params, consumer_key, *args, **kwargs):

As a consumer:

import blti

params = {
    'resource_link_id': 'unique value for the link',
    'resource_link_title': 'title of the link, e.g link text',
    'resource_link_description': 'description for the link',
    'user_id': 'some_user_id_123',
    'user_image': '',
    'roles' : 'Instructor',
    'lis_person_name_full': 'Some User',
    'lis_person_contact_email_primary': '',

    'context_id': 'course_id',
    'context_type': 'CourseSection',
    'context_title': 'Course on Stuff',

    # etc... for as many LTI params as required

url = ''

# this will be the same parameters, but with extra oauth and lti data, and the oauth_signature attached
post_data = blti.sign_launch_data(url, params, 'my consumer key', 'my consumer secret')
You can’t perform that action at this time.