API

Auth

Base module of the extension. Contains basic functions, the Auth object and the AuthUser base class.

class flaskext.auth.auth.Auth(app=None, login_url_name=None)

Extension initialization object containing settings for the extension.

Supported settings:

• login_url_name: Name of the URL that is used for login. It’s used in the not_logged_in_callback if provided in the constructor.
• not_logged_in_callback: Function to call when a user accesses a page without being logged in. Normally used to redirect to the login page. If a login_url_name is provided, it will by default redirect to that url. Otherwise, the default is abort(401).
• not_permitted_callback: Function to call when a user tries to access a page for which he doesn’t have the permission. Default: abort(401).
• hash_algorithm: Algorithm from the hashlib library used for password encryption. Default: sha1.
• user_timeout: Timeout (in seconds) after which the sesion of the user expires. Default: 3600. A timeout of 0 means it will never expire.
• load_role: Function to load a role. Is called with user.role as only parameter.

class flaskext.auth.auth.AuthUser(username=None, password=None, salt=None, role=None)

Baseclass for a user model. Contains a few convenience methods.

Attributes:

• username: Username of the user.
• password: Password of the user. By default not encrypted. The set_and_encrypt_password() method sets and encrypts the password.
• salt: Salt used for the encrytion of the password.
• role: Role of this user.

authenticate(password)

Attempts to verify the password and log the user in. Returns true if succesful.

classmethod load_current_user(apply_timeout=True)

Load current user based on the result of get_current_user_data().

set_and_encrypt_password(password, salt='1349865074')

Encrypts and sets the password. If no salt is provided, a new one is generated.

flaskext.auth.auth.encrypt(password, salt=None, hash_algorithm=None)

Encrypts a password based on the hashing algorithm.

flaskext.auth.auth.get_current_user_data(apply_timeout=True)

Returns the data of the current user (user.__dict__) if there is a current user and he didn’t time out yet. If timeout should be ignored, provide apply_timeout=False.

flaskext.auth.auth.login(user)

Logs the user in. Note that NO AUTHENTICATION is done by this function. If you want to authenticate a user, use the AuthUser.authenticate() method.

flaskext.auth.auth.login_required(callback=None)

Decorator for views that require login. Callback can be specified to override the default callback on the auth object.

flaskext.auth.auth.logout()

Logs the currently logged in user out and returns the user data.

flaskext.auth.auth.not_logged_in(callback, *args, **kwargs)

Executes not logged in callback. Not for external use.

Permissions

Module containing functions and classes specific to the permission model.

class flaskext.auth.permissions.Permission(resource, action)

Permission object, representing actions that can be taken on a resource.

Attributes:

• resource: A resource is a component on which actions can be performed. Examples: post, user, ticket, product, but also post.comment, user.role, etc.
• action: Any action that can be performed on a resource. Names of actions should be short and clear. Examples: create, read, update, delete, download, list, etc.

class flaskext.auth.permissions.Role(name, permissions)

Role object to group users and permissions.

Attributes:

• name: The name of the role.
• permissions: A list of permissions.

flaskext.auth.permissions.has_permission(role, resource, action)

Function to check if a user has the specified permission.

flaskext.auth.permissions.permission_required(resource, action, callback=None)

Decorator for views that require a certain permission of the logged in user.

SQLAlchemy

Module to provide plug-and-play authentication support for SQLAlchemy.

flaskext.auth.models.sa.get_user_class(declarative_base)

Factory function to create an SQLAlchemy User model with a declarative base (for example db.Model from the Flask-SQLAlchemy extension).

GAE

Module to provide plug-and-play authentication support for Google App Engine using flask-auth.

class flaskext.auth.models.gae.User(*args, **kwargs)

Implementation of User for persistence in Google’s App Engine datastore.