Base module of the extension. Contains basic functions, the Auth object and the
AuthUser base class.
class flaskext.auth.auth.Auth(app=None, login_url_name=None)[source]
Extension initialization object containing settings for the extension.
- login_url_name: Name of the URL that is used for login. It’s used in
the not_logged_in_callback if provided in the constructor.
- not_logged_in_callback: Function to call when a user accesses a page
without being logged in. Normally used to redirect to the login page.
If a login_url_name is provided, it will by default redirect to that
url. Otherwise, the default is abort(401).
- not_permitted_callback: Function to call when a user tries to access
a page for which he doesn’t have the permission. Default: abort(401).
- hash_algorithm: Algorithm from the hashlib library used for password
encryption. Default: sha1.
- user_timeout: Timeout (in seconds) after which the sesion of the user
expires. Default: 3600. A timeout of 0 means it will never expire.
- load_role: Function to load a role. Is called with user.role as only
class flaskext.auth.auth.AuthUser(username=None, password=None, salt=None, role=None)[source]
Baseclass for a user model. Contains a few convenience methods.
- username: Username of the user.
- password: Password of the user. By default not encrypted. The
set_and_encrypt_password() method sets and encrypts the password.
- salt: Salt used for the encrytion of the password.
- role: Role of this user.
Attempts to verify the password and log the user in. Returns true if
Load current user based on the result of get_current_user_data().
Encrypts and sets the password. If no salt is provided, a new
one is generated.
flaskext.auth.auth.encrypt(password, salt=None, hash_algorithm=None)[source]
Encrypts a password based on the hashing algorithm.
Returns the data of the current user (user.__dict__) if there is a
current user and he didn’t time out yet. If timeout should be ignored,
Logs the user in. Note that NO AUTHENTICATION is done by this function. If
you want to authenticate a user, use the AuthUser.authenticate() method.
Decorator for views that require login. Callback can be specified to
override the default callback on the auth object.
Logs the currently logged in user out and returns the user data.
flaskext.auth.auth.not_logged_in(callback, *args, **kwargs)[source]
Executes not logged in callback. Not for external use.
Module containing functions and classes specific to the permission model.
class flaskext.auth.permissions.Permission(resource, action)[source]
Permission object, representing actions that can be taken on a resource.
- resource: A resource is a component on which actions can be performed.
Examples: post, user, ticket, product, but also post.comment, user.role,
- action: Any action that can be performed on a resource. Names of actions
should be short and clear. Examples: create, read, update, delete, download,
class flaskext.auth.permissions.Role(name, permissions)[source]
Role object to group users and permissions.
- name: The name of the role.
- permissions: A list of permissions.
flaskext.auth.permissions.has_permission(role, resource, action)[source]
Function to check if a user has the specified permission.
flaskext.auth.permissions.permission_required(resource, action, callback=None)[source]
Decorator for views that require a certain permission of the logged in
Module to provide plug-and-play authentication support for SQLAlchemy.
Factory function to create an SQLAlchemy User model with a declarative
base (for example db.Model from the Flask-SQLAlchemy extension).
Module to provide plug-and-play authentication support for Google App Engine
class flaskext.auth.models.gae.User(*args, **kwargs)[source]
Implementation of User for persistence in Google’s App Engine datastore.