Skip to main content

Simple security for Flask apps.

Project description

https://github.com/Flask-Middleware/flask-security/workflows/tests/badge.svg?branch=master&event=push Coverage! https://img.shields.io/github/tag/Flask-Middleware/flask-security.svg Downloads License Documentation Status https://img.shields.io/badge/code%20style-black-000000.svg pre-commit

Quickly add security features to your Flask application.

Notes on this repo

This is a independently maintained version of Flask-Security based on the 3.0.0 version of the Original

Goals

  • Regain momentum for this critical piece of the Flask eco-system. To that end the the plan is to put out small, frequent releases starting with pulling the simplest and most obvious changes that have already been vetted in the upstream version, as well as other pull requests. This was completed with the June 29 2019 3.2.0 release.

  • Continue work to get Flask-Security to be usable from Single Page Applications, such as those built with Vue and Angular, that have no html forms. This is true as of the 3.3.0 release.

  • Use OWASP to guide best practice and default configurations.

  • Be more opinionated and ‘batteries’ included by reducing reliance on abandoned projects and bundling in support for common use cases.

  • Follow the Pallets lead on supported versions, documentation standards and any other guidelines for extensions that they come up with.

  • Continue to add newer authentication/authorization standards:
    • ‘Social Auth’ integrated (using authlib) (5.1)

    • WebAuthn support (5.0)

    • Two-Factor recovery codes (5.0)

    • First-class support for username as identity (4.1)

    • Support for fresheness decorator to ensure sensitive operations have new authentication (4.0)

    • Support for email normalization and validation (4.0)

    • Unified signin (username, phone, passwordless) feature (3.4)

Contributing

Issues and pull requests are welcome. Other maintainers are also welcome. Unlike the original Flask-Security - issue pull requests against the master branch. Please consult these contributing guidelines.

Installing

Install and update using pip:

pip install -U Flask-Security-Too

Resources

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-Security-Too-5.1.1.tar.gz (586.3 kB view details)

Uploaded Source

Built Distribution

Flask_Security_Too-5.1.1-py2.py3-none-any.whl (358.3 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file Flask-Security-Too-5.1.1.tar.gz.

File metadata

  • Download URL: Flask-Security-Too-5.1.1.tar.gz
  • Upload date:
  • Size: 586.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.1 CPython/3.11.2

File hashes

Hashes for Flask-Security-Too-5.1.1.tar.gz
Algorithm Hash digest
SHA256 0a0b653cfd1c5d252994bd87b1f112431cec2d5cacedfa49b36e1740da21c37d
MD5 34b66556ac820625b2b5548f11543843
BLAKE2b-256 01ad0674da7291a8ef4a040b8c094ae28e418ffc36dc59825ae17a4f8ef88649

See more details on using hashes here.

Provenance

File details

Details for the file Flask_Security_Too-5.1.1-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for Flask_Security_Too-5.1.1-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 727a0540caa84f72972490d3ad31e441fb6d4b6f507713bfc1636e4a41644e9f
MD5 ab75dd1141c79dabf64c48b2227e2846
BLAKE2b-256 a4b06d568a41d81378cd4703c977188b7d179e005f0d90c9482ab3877b803098

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page