Implements RFC 7804 Salted Challenge Response (SCRAM) HTTP Authentication Mechanism for the Flask web framework.
Reason this release was yanked:
Broken release
Project description
flask-scram
Implements RFC 7804 Salted Challenge Response (SCRAM) HTTP Authentication Mechanism for the Flask web framework.
See requests-scram for a client-side implementation.
Getting Started
Initialize the extension with the application or with init_app
in an application factory, and then decorate your
route with the login_required
method:
from flask import Flask
from flask_scram import Scram
USERNAME = 'user'
PASSWORD = 'pass'
app = Flask(__name__)
db = {}
def auth_fn(username):
return db[username]
scram = ScramAuth(app, auth_fn=auth_fn)
# or, later in your application factory: scram.init_app(app)
# store your authentication key in your "database"
db[USERNAME] = scram.make_auth_info(PASSWORD)
@app.route("/")
@scram.login_required
def index():
return "OK"
You may specify the following configuration variables:
SCRAM_MECHANISM
- supported SCRAM Authentication mechanism e.g.SCRAM-SHA-256
SCRAM_REALM
- the realm parameter to use e.g. defaults torequest.host
You may also use the authenticate
method in your code or before request handler.
See scramp for examples of the make_auth_info
and
make_stored_server_keys
functions which the same methods implement.
Todo
- Implement One Round-Trip Reauthentication
License
Licensed under the MIT License.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for flask_scram-1.0.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 5a0ed1562c7420ee73d66185774261506875b655cc1b654921e2b17b16f39972 |
|
MD5 | b981938c985584afefa4ccab9416a677 |
|
BLAKE2b-256 | 97b2af79cd02f3c081487991979c05711408782b8de7afe3715a498e6853d8aa |