flask_praetorian package

flask-praetorian is a security extension for flask. It is modelled heavily on flask-security (https://github.com/mattupstate/flask-security), but is targeted at providing authentication for api-only applications that use token based authentication. It builds on flask-jwt and provides some additional functionality such as password encryption upon storage and decorators that check the current users roles

Submodules

flask_praetorian.base module

class flask_praetorian.base.Praetorian(app=None, user_class=None, jwt=None)

Bases: object

authenticate(username, password)

Verifies that a password matches the stored password for that username. If verification passes, the matching user instance is returned

encrypt_password(raw_password)

Encrypts a plaintext password using the stored passlib password context

error_handler(error)

Provides a flask error handler

init_app(app, user_class, jwt=None)

Initializes the Praetorian extension

Param:app: The flask app to which this extension is bound Param:user_class: The class used to interact with user information Param:jwt: An instance of a jwt extension that should be used if None, a new jwt instance will be used instead

classmethod validate_user_class(user_class)

Validates the supplied user_class to make sure that it has the class methods necessary to function correctly.

Requirements: - lookup method. Accepts username parameter, returns instance - identify method. Accepts user id parameter, returns instance

verify_password(raw_password, hashed_password)

Verifies that a plaintext password matches the hashed version of that password using the stored passlib password context

flask_praetorian.decorators module

flask_praetorian.decorators.auth_required(*args, **kwargs)

This decorator is used to ensure that a user is authenticated before being able to access a flask route. It is a simple wrapper around the flask_jwt.jwt_required decorator, and is only included here so that a Praetorian user does not have to import jwt into their module if they wish to only use Praetorian

flask_praetorian.decorators.roles_accepted(*accepted_rolenames)

This decorator ensures that any uses accessing the decorated route have one of the needed roles to access it

flask_praetorian.decorators.roles_required(*required_rolenames)

This decorator ensures that any uses accessing the decorated route have all the needed roles to access it

flask_praetorian.exceptions module

exception flask_praetorian.exceptions.PraetorianError(*format_args, status_code=401, **format_kwds)

Bases: buzz.Buzz

Provides a custom exception class for flask-praetorian based on Buzz. buzz-lightyear on gitub

jsonify()

Returns a representation of the error in a jsonic form that is compatible with flask’s error handling