Aserto integration for Flask
Project description
Aserto Flask middleware
This is the official library for integrating Aserto authorization into your Flask applications.
For a example of what this looks like in a running Flask app and guidance on connecting an identity provider, see the PeopleFinder app example.
Features
Add authorization checks to your routes
from flask_aserto import AsertoMiddleware, AuthorizationError
app = Flask(__name__)
aserto = AsertoMiddleware(**aserto_options)
@app.route("/api/users/<id>", methods=["GET"])
@aserto.authorize
def api_user(id: str) -> Response:
# Raises an AuthorizationError if the `GET.api.users.__id`
# policy returns a decision of "allowed = false"
...
Automatically create a route to serve a Display State Map
# Defaults to creating a route at the path "/__displaystatemap"
aserto.register_display_state_map(app)
Perform more finely controlled authorization checks
@app.route("/api/users/<id>", methods=["GET"])
async def api_user(id: str) -> Response:
# This also automatically knows to check the `GET.api.users.__id` policy
if not await aserto.check("allowed"):
raise AuthorizationError()
...
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
flask-aserto-0.3.1.tar.gz
(4.8 kB
view hashes)
Built Distribution
Close
Hashes for flask_aserto-0.3.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6c97bb9074c8e77511bb31e813a12792bbb9561e0c9481777aa8ebcbfca32991 |
|
MD5 | f14d993ea6eea7a7c16b6fcdb6c68254 |
|
BLAKE2b-256 | 2f177af9f3b20f557e7a8050655c4879e3f0168a8e722a7f26b40cd47d25e0a0 |