Project description

FLASK-PASETO

FLASK-PASETO add basic supports for paseto v2 to your flask app.

Installation

FLask-Paseto relies on paseto which in turns relies on pysodium. pysoduim is a wrapper for the popular libsoduim cryptography library. This guide shows how to install libsodium on mac and windows. on linux libsodium could be install using sudo apt-get install -y libsodium-dev or yum install libsodium depending on your linux distribution.

To install FLask-Paseto used the command below to get the latest version

    pip install flask_paseto

Example usage

    import pysodium

    from flask_paseto import (
        Paseto,
        paseto_required,
        create_access_token,
        create_access_token_public,
        get_paseto_claim,
        get_paseto_claim_public
    )

    app = Flask(__name__)

    app.config['PASETO_SECRET_KEY'] = '0'*32 # must be 32 byte
    pk, sk = pysodium.crypto_sign_keypair()
    app.config['PASETO_PRIVATE_KEY']=sk
    app.config['PASETO_PUBLIC_KEY']=pk


    paseto = Paseto(app)

    @app.route('/protected/local/')
    @paseto_required
    def protected():
        claims = get_paseto_claim()
        return jsonify(claims), 200

    @app.route('/create/local/token/')
    def create_token():
        ret = {'access_token': create_access_token({'test user':'yes'})}
        return jsonify(ret), 200
    
    @app.route('/create/public/token/')
    def create_public_token():
        ret = {'access_token': create_access_token_public({'public test user':'yes'})}
        return jsonify(ret), 200

    @app.route('/protected/public/')
    @paseto_required
    def protected_public():
        claims = get_paseto_claim_public()
        return jsonify(claims), 200

    app.run()

The client http request must provide a generated paseto token

    GET /protected/public HTTP/1.1
    Authorization: Bearer v2.local.epxJJp-rchdlMondp12dxN9MV7GACjW0swwyOgo5pliQo2fJmC-1WqhrmWDTQBkg08In7zXD6ieM-xpaY2eMWr-mAu64nVi8VvTWi5bc3dhGHGR-Mg8QQ8HJIzPldLfSDLQXwQ

Configuration Options

Option	Description
PASETO_SECRET_KEY	This is the secret key used by paseto to sign your data. It requires 32 byte strings
PASETO_PUBLIC_KEY	This is the public key generated as part of the key pair generated for paseto
PASETO_PRIVATE_KEY	This is the private key generated as part of the key pair generated for paseto
PASETO_EXPIRATION_DELTA	The additional time from the current time the token was created before expiration

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

0.0.5

Sep 14, 2020

0.0.4

Sep 14, 2020

0.0.3

Sep 14, 2020

This version

0.0.2

Sep 14, 2020

0.0.1

Sep 14, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-PASETO-0.0.2.tar.gz (4.3 kB view hashes)

Uploaded Sep 14, 2020 Source

Hashes for Flask-PASETO-0.0.2.tar.gz

Hashes for Flask-PASETO-0.0.2.tar.gz
Algorithm	Hash digest
SHA256	`633d79ad6c6a6b6831a441f3708fb5759648494516a631b858945838060e37bc`
MD5	`b052cc2bac2c22001de6f0eb4b1ea2c2`
BLAKE2b-256	`303290d073133357584d54939674216d792fcab14c111559a40f66d0e56093ac`