Paseto integration for flask
Project description
FLASK-PASETO
FLASK-PASETO add basic supports for paseto v2 to your flask app.
Installation
FLask-Paseto relies on paseto which in turns relies on pysodium.
pysoduim is a wrapper for the popular libsoduim cryptography library.
This guide shows how to install libsodium on mac and windows.
on linux libsodium could be install using sudo apt-get install -y libsodium-dev or yum install libsodium depending on your linux distribution.
To install FLask-Paseto used the command below to get the latest version
pip install flask_paseto
Example usage
import pysodium
from flask_paseto import (
Paseto,
paseto_required,
create_access_token,
create_access_token_public,
get_paseto_claim,
get_paseto_claim_public
)
app = Flask(__name__)
app.config['PASETO_SECRET_KEY'] = '0'*32 # must be 32 byte
pk, sk = pysodium.crypto_sign_keypair()
app.config['PASETO_PRIVATE_KEY']=sk
app.config['PASETO_PUBLIC_KEY']=pk
paseto = Paseto(app)
@app.route('/protected/local/')
@paseto_required
def protected():
claims = get_paseto_claim()
return jsonify(claims), 200
@app.route('/create/local/token/')
def create_token():
ret = {'access_token': create_access_token({'test user':'yes'})}
return jsonify(ret), 200
@app.route('/create/public/token/')
def create_public_token():
ret = {'access_token': create_access_token_public({'public test user':'yes'})}
return jsonify(ret), 200
@app.route('/protected/public/')
@paseto_required
def protected_public():
claims = get_paseto_claim_public()
return jsonify(claims), 200
app.run()
The client http request must provide a generated paseto token
GET /protected/public HTTP/1.1
Authorization: Bearer v2.local.epxJJp-rchdlMondp12dxN9MV7GACjW0swwyOgo5pliQo2fJmC-1WqhrmWDTQBkg08In7zXD6ieM-xpaY2eMWr-mAu64nVi8VvTWi5bc3dhGHGR-Mg8QQ8HJIzPldLfSDLQXwQ
Configuration Options
| Option | Description |
|---|---|
| PASETO_SECRET_KEY | This is the secret key used by paseto to sign your data. It requires 32 byte strings |
| PASETO_PUBLIC_KEY | This is the public key generated as part of the key pair generated for paseto |
| PASETO_PRIVATE_KEY | This is the private key generated as part of the key pair generated for paseto |
| PASETO_EXPIRATION_DELTA | The additional time from the current time the token was created before expiration |
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Flask-PASETO-0.0.4.tar.gz
(4.3 kB
view details)
File details
Details for the file Flask-PASETO-0.0.4.tar.gz.
File metadata
- Download URL: Flask-PASETO-0.0.4.tar.gz
- Upload date:
- Size: 4.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/42.0.2 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.7.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1e581c635dab0e926bf0554ce7d9312940039f1fb95d593a3f344807eb44599b |
|
| MD5 | ab317ddeeaae492760586a6812672921 |
|
| BLAKE2b-256 | a592596ffe1fa28dbb1fb17c7babe5684c70c304e7940cf56f219a5de7de3a0c |
