Skip to main content

Flask endpoints for user management and authentication.

Project description

Flask Authentication

Flask Endpoints for User Management and Authentication Middleware

  1. Endpoints
  2. Authentication

Endpoints

from frappyflaskauth import register_endpoints
from flask import Flask

app = Flask(__name__)
# create store instances for users
user_store = ...
# this is a minimal configuration
register_endpoints(app, user_store)

Parameters

  • app - the Flask app instance
  • user_store - an store class providing user related methods
  • token_store - optional - if you want login sessions to survive a server restart
  • options_override - default {} - a dictionary containing configuration options that override the defaults:

Options

  • api_prefix - default /api/user - the API prefix used for all endpoints (e.g. /api/user/login)
  • token_expiration - default 86400 - the number of seconds a login session is valid for before it expires
  • default_permissions - default [] - the initial permissions any user receives on creation (local users)
  • user_admin_permission - default admin - the permission a user requires to be able to invoke user management endpoints like update permissions, delete users, fetch all users, update passwords of other users.
  • no_user_management - default False - if you don't want any user management endpoints to be registered
  • api_keys - default False - if you need API keys to access endpoints (integrated into check_login_state). API keys are provided in the Authorization header prefixed with Token $KEY (where $KEY is the user's API key)
  • allow_own_profile_edit - default False - if this is set to true, any user can update their own profile info (user.profile).
  • page_size - default 25 - the number of users returned with the /users endpoint (lists all users)

Authentication

To check if a user is authenticated and get the currently logged in user in your own endpoints, simply use the check_login_state function. It will

  • extract the authentication header
    • return a 401, if no authentication header is present
  • check if that header is valid and associated with a user
    • return a 401, if the header is invalid or expired
  • has the option to check if the associated user has a specific permission
    • return a 403, if the user doesn't have the required permission
  • return the user object to the caller, if all checks are successful
  • specific restrictions for API key access
    • return a 403, if the user tries to use an API key to access an endpoint not configured for this
from frappyflaskauth import check_login_state
from flask import Flask, jsonify

app = Flask(__name__)

@app.route("/api/my-endpoint", methods=["GET"])
def my_custom_endpoint():
    user = check_login_state("view")
    # execution will only go past this point, if user is logged in AND has "view" permission
    print(user.id, user.permissions)  # this is the currently logged in user
    return jsonify({})

@app.route("/api/my-endpoint", methods=["GET"])
def my_logged_in_endpoint():
    _ = check_login_state()  # simply check if the user is logged in, ignore the returned user
    return jsonify({})

@app.route("/api/my-endpoint", methods=["GET"])
def my_api_key_enabled_endpoint():
    _ = check_login_state(allow_api_key=True)

Parameters:

  • permission, default None which is a string that is checked against the user.permissions field (which is a list)
  • allow_api_key, default False which is a flag enabling API keys to access the endpoint protected by this function call.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

frappyflaskauth-1.6.3.tar.gz (9.8 kB view details)

Uploaded Source

Built Distribution

frappyflaskauth-1.6.3-py3-none-any.whl (10.4 kB view details)

Uploaded Python 3

File details

Details for the file frappyflaskauth-1.6.3.tar.gz.

File metadata

  • Download URL: frappyflaskauth-1.6.3.tar.gz
  • Upload date:
  • Size: 9.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.11.5

File hashes

Hashes for frappyflaskauth-1.6.3.tar.gz
Algorithm Hash digest
SHA256 a6e5f402117b0ac1e03e401f04d6693fb674fc11f417d091b03e17763f245dd7
MD5 2c8714365a2b778c168ed43535a4523a
BLAKE2b-256 e1933c79b4334edd156693f130eedda0122b9957ea49e604cd1f0c50d8f876c2

See more details on using hashes here.

File details

Details for the file frappyflaskauth-1.6.3-py3-none-any.whl.

File metadata

File hashes

Hashes for frappyflaskauth-1.6.3-py3-none-any.whl
Algorithm Hash digest
SHA256 0d44aed61c7d8ea89a61c5f6a66f0e635da5e209059c6b3694485af201d2544e
MD5 969b5f81589e16b1b12bcaef39958b0e
BLAKE2b-256 305e9f5095fcce998c6d5429ac5ac4dcd3f6489029cd9b710cb45b46e98435fa

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page