Skip to main content

Paseto integration for flask

Project description

FLASK-PASETO

FLASK-PASETO add basic supports for paseto v2 to your flask app.

Installation

FLask-Paseto relies on paseto which in turns relies on pysodium. pysoduim is a wrapper for the popular libsoduim cryptography library. This guide shows how to install libsodium on mac and windows. on linux libsodium could be install using sudo apt-get install -y libsodium-dev or yum install libsodium depending on your linux distribution.

To install FLask-Paseto used the command below to get the latest version

    pip install flask_paseto

Example usage

    import pysodium

    from flask_paseto import (
        Paseto,
        paseto_required,
        create_access_token,
        create_access_token_public,
        get_paseto_claim,
        get_paseto_claim_public
    )

    app = Flask(__name__)

    app.config['PASETO_SECRET_KEY'] = '0'*32 # must be 32 byte
    pk, sk = pysodium.crypto_sign_keypair()
    app.config['PASETO_PRIVATE_KEY']=sk
    app.config['PASETO_PUBLIC_KEY']=pk


    paseto = Paseto(app)

    @app.route('/protected/local/')
    @paseto_required
    def protected():
        claims = get_paseto_claim()
        return jsonify(claims), 200

    @app.route('/create/local/token/')
    def create_token():
        ret = {'access_token': create_access_token({'test user':'yes'})}
        return jsonify(ret), 200
    
    @app.route('/create/public/token/')
    def create_public_token():
        ret = {'access_token': create_access_token_public({'public test user':'yes'})}
        return jsonify(ret), 200

    @app.route('/protected/public/')
    @paseto_required
    def protected_public():
        claims = get_paseto_claim_public()
        return jsonify(claims), 200

    app.run()

The client http request must provide a generated paseto token

    GET /protected/public HTTP/1.1
    Authorization: Bearer v2.local.epxJJp-rchdlMondp12dxN9MV7GACjW0swwyOgo5pliQo2fJmC-1WqhrmWDTQBkg08In7zXD6ieM-xpaY2eMWr-mAu64nVi8VvTWi5bc3dhGHGR-Mg8QQ8HJIzPldLfSDLQXwQ

Configuration Options

Option Description
PASETO_SECRET_KEY This is the secret key used by paseto to sign your data. It requires 32 byte strings
PASETO_PUBLIC_KEY This is the public key generated as part of the key pair generated for paseto
PASETO_PRIVATE_KEY This is the private key generated as part of the key pair generated for paseto
PASETO_EXPIRATION_DELTA The additional time from the current time the token was created before expiration

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-Paseto-0.0.5.tar.gz (4.3 kB view details)

Uploaded Source

File details

Details for the file Flask-Paseto-0.0.5.tar.gz.

File metadata

  • Download URL: Flask-Paseto-0.0.5.tar.gz
  • Upload date:
  • Size: 4.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.2.0 pkginfo/1.5.0.1 requests/2.21.0 setuptools/42.0.2 requests-toolbelt/0.9.1 tqdm/4.48.2 CPython/3.7.6

File hashes

Hashes for Flask-Paseto-0.0.5.tar.gz
Algorithm Hash digest
SHA256 0ff4bd994456a3cd3156e0112053a357183363a6a84b5b705f4698e0da4b38e0
MD5 9c62ce55f4139cbab6ff504c8afa1341
BLAKE2b-256 1f915e912fac5916bf320f752bf04b8cd669df9ab1c4123a4f77885fb507d544

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page