Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
schwab-py
: A Charles Schwab API Wrapper.. image:: https://img.shields.io/discord/720378361880248621.svg?label=&logo=discord&logoColor=ffffff&color=7389D8&labelColor=6A7EC2 :target: https://discord.gg/BEr6y6Xqyv
.. image:: https://img.shields.io/endpoint.svg?url=https%3A%2F%2Fshieldsio-patreon.vercel.app%2Fapi%3Fusername%TDAAPI%26type%3Dpatrons&style=flat :target: https://patreon.com/TDAAPI
.. image:: https://readthedocs.org/projects/schwab-py/badge/?version=latest :target: https://schwab-py.readthedocs.io/en/latest/?badge=latest
.. image:: https://github.com/alexgolec/schwab-py/workflows/tests/badge.svg :target: https://github.com/alexgolec/schwab-py/actions?query=workflow%3Atests
.. image:: https://badge.fury.io/py/schwab-py.svg :target: https://badge.fury.io/py/schwab-py
.. image:: http://codecov.io/github/alexgolec/schwab-py/coverage.svg?branch=master :target: http://codecov.io/github/alexgolec/schwab-py?branch=master
schwab-py
?schwab-py
is an unofficial wrapper around the Charles Schwab Consumer APIs.
It strives to be as thin and unopinionated as possible, offering an elegant
programmatic interface over each endpoint. Notable functionality includes:
tda-api
, how do I migrate?Now that TDAmeritrade is no more, the old tda-api
library will no longer
work. Check out our transition guide <https://schwab-py.readthedocs.io/en/latest/tda-transition.html>
__ for
instructions on getting started.
schwab-py
?For a full description of schwab-py
's functionality, check out the
documentation <https://schwab-py.readthedocs.io/en/latest/>
__. Meawhile,
here's a quick getting started guide:
Before you do anything, create an account and an application on the
Charles Schwab developer site <https://developer.schwab.com/login>
.
You'll receive an API key and app secret, which you can pass to this wrapper.
You'll also want to take note of your callback URI, as the login flow requires
it. You app must be approved by Schwab before you can use it (this can take
several days). You can find more detailed instructions here <https://schwab-py.readthedocs.io/en/latest/getting-started.html>
.
Next, install schwab-py
:
.. code-block:: python
pip install schwab-py
You're good to go! To demonstrate, here's how you can authenticate and fetch daily historical price data for the past twenty years:
.. code-block:: python
from schwab import auth, client import json
api_key = 'YOUR_API_KEY' app_secret = 'YOUR_APP_SECRET' callback_url = 'https://127.0.0.1:8182/' token_path = '/path/to/token.json'
c = auth.easy_client(api_key, app_secret, callback_url, token_path)
r = c.get_price_history_every_day('AAPL') r.raise_for_status() print(json.dumps(r.json(), indent=4))
schwab-py
?schwab-py
was designed to provide a few important pieces of functionality:
Safe Authentication: Schwab's API supports OAuth authentication, but too
many people online end up rolling their own implementation of the OAuth
callback flow. This is both unnecessarily complex and dangerous.
schwab-py
handles token fetch and refreshing for you.
Minimal API Wrapping: Unlike some other API wrappers, which build in lots
of logic and validation, schwab-py
takes raw values and returns raw
responses, allowing you to interpret the complex API responses as you see
fit. Anything you can do with raw HTTP requests you can do with
schwab-py
, only more easily.
schwab-py
?As excellent as Schwab's API is, there are a few popular features it does not offer:
thinkorswim (AKA TOS) <https://www.schwab.com/trading/thinkorswim/desktop>
__, this API is
unaffiliated with it. You can access and trade against the same accounts as
TOS, but some of TOS's functionality is not supported by schwab-py
We have a Discord server <https://discord.gg/BEr6y6Xqyv>
__! You can join to
get help using schwab-py
or just to chat with interesting people.
Bug reports, suggestions, and patches are always welcome! Submit issues
here <https://github.com/alexgolec/schwab-py/issues>
__ and pull requests
here <https://github.com/alexgolec/schwab-py/pulls>
__.
schwab-py
is released under the
MIT license <https://github.com/alexgolec/schwab-py/blob/master/LICENSE>
__.
Disclaimer: schwab-py is an unofficial API wrapper. It is in no way endorsed by or affiliated with Charles Schwab or any associated organization. Make sure to read and understand the terms of service of the underlying API before using this package. This authors accept no responsibility for any damage that might stem from use of this package. See the LICENSE file for more details.
FAQs
Unofficial API wrapper for the Schwab HTTP API
We found that schwab-py demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.