A Flask extension that provides PASETO (Platform-Agnostic Security Token).
Project description
Flask PASETO Extended
Flask-PASETO-Extended is a Flask extension to use PASETO (Platform-Agnostic Security Tokens) for several purposes.
For encoding/decoding PASETO, we have adopted PySETO,
which is a PASETO implementation supporting all of PASETO versions (
v4,
v3,
v2 and
v1) and purposes (local and public).
Currently, we provide the following classes for using PASETO with Flask:
- PasetoCookieSessionInterface
- Flask (
Flask.sessions) stores session information as a Cookie value. By using this class, you can serialize the session information as an encrypted (and then MACed) PASETO.
- Flask (
- PasetoLoginManager
- By using this class together with Flask-Login, you can use PASETO for remember-me tokens which is also encoded into a Cookie value.
- PasetoManager
- This class can be used for verifying public (signed) PASETO. It is suitable for using PASETO as API tokens (NOTE: under construction).
Index
Installation
You can install Flask-PASETO-Extended with pip:
$ pip install flask-paseto-extended
Usage
Flask-PASETO-Extended provides three classes for each purpose.
PasetoCookieSessionInterface
Flask (Flask.sessions) stores session information as a Cookie value. By using this class, you can serialize the session information as an encrypted (and then MACed) PASETO.
This class can be used as follows:
import flask
from flask_paseto_extended import PasetoCookieSessionInterface
app = flask.Flask(__name__)
app.secret_key = "super secret string"
# Use PASETO("v4" by default) for cookie sessions.
app.session_interface = PasetoCookieSessionInterface()
See examples/cookie_session.py for a sample code that actually works.
PasetoLoginManager
By using this class together with Flask-Login, you can use PASETO for remember-me tokens which is also encoded into a Cookie value.
This class can be used as follows:
import flask
import flask_login
# Import PasetoLoginManager instead of flask_login.LoginManager.
from flask_paseto_extended import PasetoLoginManager
app = flask.Flask(__name__)
app.secret_key = "super secret string"
login_manager = PasetoLoginManager(app)
See examples/login_manager.py for a sample code that actually works.
PasetoManager
This class can be used for verifying public (signed) PASETO. It is suitable for using PASETO as API tokens (NOTE: under construction).
T.B.D.
API Reference
See Document.
Tests
You can run tests from the project root after cloning with:
$ tox
Contributing
We welcome all kind of contributions, filing issues, suggesting new features or sending PRs.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for Flask PASETO Extended-0.1.1.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f640dcdaafad245ee35c7905ee4d68285da57dafa9610b7a0ec55edff4563663 |
|
| MD5 | 1316c9d13669f17f14f199df94ae38b8 |
|
| BLAKE2b-256 | 620fc00359a82242ae6debcd73bb9e970667947fc2119911b52b55adca022633 |
Hashes for Flask_PASETO_Extended-0.1.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d54b779aaec695b83fca7a1d82681d806e8f73c53220f4ec30786b5f14bfbd47 |
|
| MD5 | 8508d5044fb48bad468c65b1e7a59507 |
|
| BLAKE2b-256 | f2faad7c5d45000b0b705899fa8aae9712bf3fdc68678f1c36e679c7cb0d3a61 |
