Skip to main content

Strong, Simple, and Precise security for Flask APIs

Project description

Latest Published Version Build Status Documentation Build Status


Strong, Simple, and Precise security for Flask APIs

API security should be strong, simple, and precise like a Roman Legionary. This package aims to provide that. Using JWT tokens as implemented by PyJWT, flask_praetorian uses a very simple interface to make sure that the users accessing your API’s endpoints are provisioned with the correct roles for access.

This project was heavily influenced by Flask-Security, but intends to supply only essential functionality. Instead of trying to anticipate the needs of all users, flask-praetorian will provide a simple and secure mechanism to provide security for APIs specifically.

The flask-praetorian package can be used to:

  • Encrypt (hash) passwords for storing in your database
  • Verify plaintext passwords against the encrypted, stored versions
  • Generate authorization tokens upon verification of passwords
  • Check requests to secured endpoints for authorized tokens
  • Ensure that the users associated with tokens have necessary roles for access
  • Parse user information from request headers for use in client route handlers

All of this is provided in a very simple to confiure and initialize flask extension. Though simple, the security provided by flask-praetorian is strong due to the usage of the proven security technology of JWT and python’s PassLib package.

Super-quick Start

  • requirements: python versions 3.4, 3.5, 3.6, and 3.7
  • install through pip: $ pip install flask-praetorian
  • minimal usage example: example/


The complete documentation can be found at the flask-praetorian home page

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for flask-praetorian, version 0.4.0
Filename, size File type Python version Upload date Hashes
Filename, size flask-praetorian-0.4.0.tar.gz (14.9 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page