python – What process goes into PKI authentication in a Flask app?

I want to display the client’s username on my web page. The client has his certs loaded into either his smartcard or in his browser. Assuming I have the following code, how do I get the client’s username?

The code below is a stump to help illustrate what I want to do. I have read a dozen other posts about PKI, but most of them detail the process of creating a server that negotiates the communication protocols, or they show how to send an HTTP request using certs, but the actual retrieval of information from the cert to confirm a user’s identity has not popped out at me from the reading I’ve done. So, here’s the code.

from flask import Flask

app = Flask(__name__)

def get_name_from_cert():
    #####################################
    # this is the part I don't understand
    #####################################

def has_access_to_system(you):
    whitelisted_users = ("tommy", "timmy", "tammy")

    if you in whitelisted_users:
        return True
    else:
        return False

@app.route("/whoareyou", methods=("GET"))
def secret_page():
    you = get_name_from_cert()

    if has_access_to_system(you):
        return f"<h1>Welcome, {you}</h1>"
    else:
        return f"<h1>Be gone, {you}!</h1>"

app.run()