Skip to content
This repository has been archived by the owner on Jun 29, 2020. It is now read-only.

jpsca/authcode

BranchesTags

Repository files navigation

Authcode

Awesome authentication code for Flask and Bottle web apps.

Build Status

Authcode is a clean solution for both authentication and authorization of Python web applications. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do.

It uses SQLAlchemy models and works out of the box with Flask and Bottle, but can be adapted to use it with other web frameworks.

  1. Create
auth = authcode.Auth(SECRET_KEY, db=db, roles=True)
User = auth.User
Role = auth.Role
  1. Setup
authcode.setup_for_flask(auth, app)
  1. Protect
@app.route('/')
@auth.protected()
def index():
    return u'Welcome ' + g.user.login

@app.route('/top-secret/')
@auth.protected(role='007')
def top_secret():
    return 'For your eyes only'

Highlights

  • Default but fully customizable User & Role models.
  • Ready to use authentication views and templates.
  • Support multiple users models at the same time
  • Password-reset tokens.
  • Cross Site Request Forgery (CSRF) protection.
  • Uses the most secure hash algorithms.
  • Auto-update of old password hashes.
  • Compatible with Python 2.7, 3.4+ and Pypy.

TODO

  • More documentation (always!)
    • Automatic views: how to use and customize
    • Manual views
  • Examples:
    • Default
    • Twitter + login/password example
    • Mozilla Persona example?
  • Tutorials, etc.
  • Code:
    • MultiAuth tests

Contributing

  1. Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
  2. Fork the Authcode repository on Github to start making your changes.
  3. Write a test which shows that the bug was fixed or that the feature works as expected.
  4. Send a pull request and bug the maintainer until it gets merged and published. :) Make sure to add yourself to AUTHORS.

Run the tests

We use some external dependencies, listed in requirements_tests.txt:

$  pip install -r requirements-tests.txt
$  python setup.py install

To run the tests in your current Python version do:

$  make test

To run them in every supported Python version do:

$  tox

It's also neccesary to run the coverage report to make sure all lines of code are touch by the tests:

$  make coverage

Our test suite runs continuously on Travis CI with every update.

copyright:Juan-Pablo Scaletti.
license:MIT, see LICENSE for more details.

About

Awesome auth library for Flask and Bottle web apps

authcode.lucuma.co

Topics

python authentication password auth authorization csrf csrf-protection

Resources

Readme

License

MIT license
Activity

Stars

17 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages