Provides easy integration of the HMAC signatures for your REST Flask Applications.
Project description
This module provides three functions to authenticate calls to a Flask route. The intended use case is for use with REST APIs. It’s simply designed to check that a client is entitled to access a particular route in a Flask application, based on the fact that it must possess a copy of the secret key.
Usage
Server
app = Flask(__name__)
app.config['HMAC_KEY'] = 's3cr3tk3y' # define the secret key in an app config
@app.route("/no_auth_view")
def no_auth_view():
return "no_auth_view"
@app.route("/hmac_auth_view")
@hmac.auth # decorate view
def hmac_auth_view():
return "hmac_auth_view"Call without payload
sig = hmac.make_hmac() # generate signature
response = requests.get(
'/hmac_auth_view',
headers={hmac.header: sig}
)Call with payload
Request payload has to be used as a data for HMAC generation.
data = json.dumps({'foo': 'boo'})
sig = hmac.make_hmac(data) # generate signature
response = requests.post(
'/hmac_auth_view',
data=data,
headers={hmac.header: sig}
)Change Log
0.0.1
Initial release including the core feature set
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
flaskhmac-0.0.1.tar.gz
(3.3 kB
view hashes)
