Strong, Simple, and Precise security for Flask APIs
Project description
flask-praetorian
Strong, Simple, and Precise security for Flask APIs
API security should be strong, simple, and precise like a Roman Legionary. This package aims to provide that. Using JWT as implemented by Flask-JWT, flask_praetorian uses a very simple interface to make sure that the users accessing your API’s endpoints are provisioned with the correct roles for access.
This project was heavily influenced by Flask-Security, but intends to supply only essential functionality. Instead of trying to anticipate the needs of all users, flask-praetorian will provide a simple and secure mechanism to provide security for APIs specifically.
The flask-praetorian package can be used to:
Encrypt (hash) passwords for storing in your database
Verify plaintext passwords against the encrypted, stored versions
Generate authorization tokens using a /auth api endpoint
Check requests to secured endpoints for authorized tokens
Ensure that the users associated with tokens have necessary roles for access
All of this is provided in a very simple to confiure and initialize flask extension. Though simple, the security provided by flask-praetorian is strong due to the usage of the proven security technology of JWT and python’s PassLib package.
Super-quick Start
requirements: python3.5
install through pip: $ pip install flask-praetorian
minimal usage example: example/basic.py
Documentation
The complete documentation can be found at the flask-praetorian home page
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for flask-praetorian-0.2.1rc1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2069429b4c14988b409327877e60d86a93a12a7c432184a1edab5c4e4cb63be4 |
|
MD5 | 8623a1b32e7272c77ca6342643c029d6 |
|
BLAKE2b-256 | 89e872c0544d9cbc3c969d209180ac37df85b58e16d056130e2dccf6abeae265 |