Flask-Security allows you to quickly add common security mechanisms to your Flask application. They include:

  1. Session based authentication
  2. Role management
  3. Password hashing
  4. Basic HTTP authentication
  5. Token based authentication
  6. Token based account activation (optional)
  7. Token based password recovery / resetting (optional)
  8. User registration (optional)
  9. Login tracking (optional)
  10. JSON/Ajax Support

Many of these features are made possible by integrating various Flask extensions and libraries. They include:

  1. Flask-Login
  2. Flask-Mail
  3. Flask-Principal
  4. Flask-WTF
  5. itsdangerous
  6. passlib

Additionally, it assumes you’ll be using a common library for your database connections and model definitions. Flask-Security supports the following Flask extensions out of the box for data persistence:

  1. Flask-SQLAlchemy
  2. Flask-MongoEngine
  3. Flask-Peewee
  4. PonyORM