15

I love @rbates CanCan ruby library for authorization. Was wondering if anything similar existed for python / flask ?

I guess there are three main requirements:

  1. simple declarative way of defining abilities (here is how CanCan does it)
  2. decorator for flask routes
  3. fine-grained way for checking abilities in other parts of the code. i.e. if current_user.can('post::edit') or something

Or, what is the one obvious way to do it? (PEP-20)

Current Options:

Jonathan
  • 16,077
  • 12
  • 67
  • 106

5 Answers5

9

One year later, I ended up writing one:

https://github.com/jtushman/bouncer

https://github.com/jtushman/flask-bouncer

Jonathan
  • 16,077
  • 12
  • 67
  • 106
1

I recommend you keep an eye on Cork. Currently it's an authentication and authorization framework just for Bottle, but on the roadmap is Flask support. Pretty awesome.

philadams
  • 353
  • 3
  • 8
1

I saw this package in a LinkedIn post a while back. I never really checked it out, but it looked to have constant updates

Authomatic is an authorization / authentication client library for Python web applications inspired by Alex Vagin’s Simpleauth. In fact, I almost named it Deadsimpleauth, but that name would be too long for a succinct library.

http://peterhudec.github.io/authomatic/ https://github.com/peterhudec/authomatic

Brad Sturtevant
  • 311
  • 3
  • 13
1

Not sure if this is exactly what your looking for, but you might want to take a look at Flask-Auth. http://pythonhosted.org/Flask-Auth/

KJWing
  • 13
  • 1
  • 5
0

This might be what you're looking for. It has a decorator, and a current_user object you can access and add methods to.

https://flask-login.readthedocs.org/en/latest/

user2475903
  • 1