Paseto integration for flask
Project description
FLASK-PASETO
FLASK-PASETO add basic supports for paseto v2 to your flask app.
Installation
FLask-Paseto relies on paseto which in turns relies on pysodium.
pysoduim is a wrapper for the popular libsoduim cryptography library.
This guide shows how to install libsodium on mac and windows.
on linux libsodium could be install using sudo apt-get install -y libsodium-dev or yum install libsodium depending on your linux distribution.
To install FLask-Paseto used the command below to get the latest version
pip install flask_paseto
Example usage
import pysodium
from flask_paseto import (
Paseto,
paseto_required,
create_access_token,
create_access_token_public,
get_paseto_claim,
get_paseto_claim_public
)
app = Flask(__name__)
app.config['PASETO_SECRET_KEY'] = '0'*32 # must be 32 byte
pk, sk = pysodium.crypto_sign_keypair()
app.config['PASETO_PRIVATE_KEY']=sk
app.config['PASETO_PUBLIC_KEY']=pk
paseto = Paseto(app)
@app.route('/protected/local/')
@paseto_required
def protected():
claims = get_paseto_claim()
return jsonify(claims), 200
@app.route('/create/local/token/')
def create_token():
ret = {'access_token': create_access_token({'test user':'yes'})}
return jsonify(ret), 200
@app.route('/create/public/token/')
def create_public_token():
ret = {'access_token': create_access_token_public({'public test user':'yes'})}
return jsonify(ret), 200
@app.route('/protected/public/')
@paseto_required
def protected_public():
claims = get_paseto_claim_public()
return jsonify(claims), 200
app.run()
The client http request must provide a generated paseto token
GET /protected/public HTTP/1.1
Authorization: Bearer v2.local.epxJJp-rchdlMondp12dxN9MV7GACjW0swwyOgo5pliQo2fJmC-1WqhrmWDTQBkg08In7zXD6ieM-xpaY2eMWr-mAu64nVi8VvTWi5bc3dhGHGR-Mg8QQ8HJIzPldLfSDLQXwQ
Configuration Options
| Option | Description |
|---|---|
| PASETO_SECRET_KEY | This is the secret key used by paseto to sign your data. It requires 32 byte strings |
| PASETO_PUBLIC_KEY | This is the public key generated as part of the key pair generated for paseto |
| PASETO_PRIVATE_KEY | This is the private key generated as part of the key pair generated for paseto |
| PASETO_EXPIRATION_DELTA | The additional time from the current time the token was created before expiration |
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Flask-PASETO-0.0.2.tar.gz
(4.3 kB
view details)
File details
Details for the file Flask-PASETO-0.0.2.tar.gz.
File metadata
- Download URL: Flask-PASETO-0.0.2.tar.gz
- Upload date:
- Size: 4.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/42.0.2 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 633d79ad6c6a6b6831a441f3708fb5759648494516a631b858945838060e37bc |
|
| MD5 | b052cc2bac2c22001de6f0eb4b1ea2c2 |
|
| BLAKE2b-256 | 303290d073133357584d54939674216d792fcab14c111559a40f66d0e56093ac |
