A Flask extension that provides PASETO (Platform-Agnostic Security Token).
Project description
Flask PASETO Extended
Flask-PASETO-Extended is a Flask extension to use PASETO (Platform-Agnostic Security Tokens) for several purposes.
For encoding/decoding PASETO, we have adopted PySETO,
which is a PASETO implementation supporting all of PASETO versions (
v4,
v3,
v2 and
v1) and purposes (local and public).
Currently, we provide the following classes for using PASETO with Flask:
- PasetoCookieSessionInterface
- Flask (
Flask.sessions) stores session information as a Cookie value. By using this class, you can serialize the session information as an encrypted (and then MACed) PASETO.
- Flask (
- PasetoLoginManager
- By using this class together with Flask-Login, you can use PASETO for remember-me tokens which is also encoded into a Cookie value.
- PasetoManager
- This class can be used for verifying public (signed) PASETO. It is suitable for using PASETO as API tokens (NOTE: under construction).
Index
Installation
You can install Flask-PASETO-Extended with pip:
$ pip install flask-paseto-extended
Usage
Flask-PASETO-Extended provides three classes for each purpose.
PasetoCookieSessionInterface
Flask (Flask.sessions) stores session information as a Cookie value. By using this class, you can serialize the session information as an encrypted (and then MACed) PASETO.
This class can be used as follows:
import flask
from flask_paseto_extended import PasetoCookieSessionInterface
app = flask.Flask(__name__)
app.secret_key = "super secret string"
# Use PASETO("v4" by default) for cookie sessions.
app.session_interface = PasetoCookieSessionInterface()
See examples/cookie_session.py for a sample code that actually works.
PasetoLoginManager
By using this class together with Flask-Login, you can use PASETO for remember-me tokens which is also encoded into a Cookie value.
This class can be used as follows:
import flask
import flask_login
# Import PasetoLoginManager instead of flask_login.LoginManager.
from flask_paseto_extended import PasetoLoginManager
app = flask.Flask(__name__)
app.secret_key = "super secret string"
login_manager = PasetoLoginManager(app)
See examples/login_manager.py for a sample code that actually works.
PasetoManager
This class can be used for verifying public (signed) PASETO. It is suitable for using PASETO as API tokens (NOTE: under construction).
T.B.D.
API Reference
See Document.
Tests
You can run tests from the project root after cloning with:
$ tox
Contributing
We welcome all kind of contributions, filing issues, suggesting new features or sending PRs.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for flask-paseto-extended-0.2.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d85576056292ab7606e704da8bc587f682345716d624d8591b52ee065786aab1 |
|
| MD5 | dc8f961de0452a2edf1696e338c8e5fc |
|
| BLAKE2b-256 | 478d01a885d181c6ffc87a907a5315df5a820e34c7bc48fdb6db07a0ceffa542 |
Hashes for flask_paseto_extended-0.2.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 6047a53eb6c87bd64538fac70891d4c910feefb5606a93fe8f3a865ea83ce49f |
|
| MD5 | accc1cac0679d910993fba4cc50a7317 |
|
| BLAKE2b-256 | 3b7f1aafe7f88eadd24ab33badbc85ce7f5d508516445715ae84ea3a0de82ec1 |
