Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
+ Searching for Pynecone? You are in the right repo. Pynecone has been renamed to Reflex. +
English | 简体中文 | 繁體中文 | Türkçe | हिंदी | Português (Brasil) | Italiano | Español | 한국어 | 日本語 | Deutsch | Persian (پارسی) | Tiếng Việt
Reflex is a library to build full-stack web apps in pure Python.
Key features:
See our architecture page to learn how Reflex works under the hood.
Open a terminal and run (Requires Python 3.9+):
pip install reflex
Installing reflex
also installs the reflex
command line tool.
Test that the install was successful by creating a new project. (Replace my_app_name
with your project name):
mkdir my_app_name
cd my_app_name
reflex init
This command initializes a template app in your new directory.
You can run this app in development mode:
reflex run
You should see your app running at http://localhost:3000.
Now you can modify the source code in my_app_name/my_app_name.py
. Reflex has fast refreshes so you can see your changes instantly when you save your code.
Let's go over an example: creating an image generation UI around DALL·E. For simplicity, we just call the OpenAI API, but you could replace this with an ML model run locally.
Here is the complete code to create this. This is all done in one Python file!
import reflex as rx
import openai
openai_client = openai.OpenAI()
class State(rx.State):
"""The app state."""
prompt = ""
image_url = ""
processing = False
complete = False
def get_image(self):
"""Get the image from the prompt."""
if self.prompt == "":
return rx.window_alert("Prompt Empty")
self.processing, self.complete = True, False
yield
response = openai_client.images.generate(
prompt=self.prompt, n=1, size="1024x1024"
)
self.image_url = response.data[0].url
self.processing, self.complete = False, True
def index():
return rx.center(
rx.vstack(
rx.heading("DALL-E", font_size="1.5em"),
rx.input(
placeholder="Enter a prompt..",
on_blur=State.set_prompt,
width="25em",
),
rx.button(
"Generate Image",
on_click=State.get_image,
width="25em",
loading=State.processing
),
rx.cond(
State.complete,
rx.image(src=State.image_url, width="20em"),
),
align="center",
),
width="100%",
height="100vh",
)
# Add state and page to the app.
app = rx.App()
app.add_page(index, title="Reflex:DALL-E")
Let's start with the UI.
def index():
return rx.center(
...
)
This index
function defines the frontend of the app.
We use different components such as center
, vstack
, input
, and button
to build the frontend. Components can be nested within each other
to create complex layouts. And you can use keyword args to style them with the full power of CSS.
Reflex comes with 60+ built-in components to help you get started. We are actively adding more components, and it's easy to create your own components.
Reflex represents your UI as a function of your state.
class State(rx.State):
"""The app state."""
prompt = ""
image_url = ""
processing = False
complete = False
The state defines all the variables (called vars) in an app that can change and the functions that change them.
Here the state is comprised of a prompt
and image_url
. There are also the booleans processing
and complete
to indicate when to disable the button (during image generation) and when to show the resulting image.
def get_image(self):
"""Get the image from the prompt."""
if self.prompt == "":
return rx.window_alert("Prompt Empty")
self.processing, self.complete = True, False
yield
response = openai_client.images.generate(
prompt=self.prompt, n=1, size="1024x1024"
)
self.image_url = response.data[0].url
self.processing, self.complete = False, True
Within the state, we define functions called event handlers that change the state vars. Event handlers are the way that we can modify the state in Reflex. They can be called in response to user actions, such as clicking a button or typing in a text box. These actions are called events.
Our DALL·E. app has an event handler, get_image
to which get this image from the OpenAI API. Using yield
in the middle of an event handler will cause the UI to update. Otherwise the UI will update at the end of the event handler.
Finally, we define our app.
app = rx.App()
We add a page from the root of the app to the index component. We also add a title that will show up in the page preview/browser tab.
app.add_page(index, title="DALL-E")
You can create a multi-page app by adding more pages.
📑 Docs | 🗞️ Blog | 📱 Component Library | 🖼️ Templates | 🛸 Deployment
Reflex launched in December 2022 with the name Pynecone.
As of February 2024, our hosting service is in alpha! During this time anyone can deploy their apps for free. See our roadmap to see what's planned.
Reflex has new releases and features coming every week! Make sure to :star: star and :eyes: watch this repository to stay up to date.
We welcome contributions of any size! Below are some good ways to get started in the Reflex community.
We are actively looking for contributors, no matter your skill level or experience. To contribute check out CONTIBUTING.md
Reflex is open-source and licensed under the Apache License 2.0.
FAQs
Web apps in pure Python.
We found that reflex demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.