Flask-Security is a Flask extension which adds basic security and authentication features to your Flask apps quickly and easily. It additionally bootstraps your application with various views for handling its configured features to get you up and running as quick as possible.
Questions tagged [flask-security]
319 questions
0
votes
1 answer
Updating User object with new relationship
I have a user object:
class User():
id = Column(Integer, primary_key=True)
name = Column(String(255), unique=True, nullable=False)
active = Column(Boolean())
user_domain_id = Column(Integer, ForeignKey("domain_info.domain_id"))
…
39fredy
- 1,923
- 2
- 21
- 40
0
votes
1 answer
PyTest with Flask-Security - issue logging in for testing
I have a working flask app and I'm adding testing using the pytest library.
99% of the app's functionality requires users to login, and I'm using flask-security to manage this.
The app works well, however, I am struggling to add testing -…
pemm
- 140
- 1
- 9
0
votes
1 answer
flask-security with SQLALCHEMY_BINDS loses connections from pool for static files
flask-security with SQLALCHEMY_BINDS loses connections from pool for static files -- at least I think what is happening.
First comment under Caching Flask-Login user_loader suggests using flask-principal's skip_static=True, but I don't see that…
Lou K
- 1,128
- 2
- 12
- 31
0
votes
1 answer
Flask-Security reset password functionality exploited
I have a flask application running on a production environment, and one of the user requested a password reset, which sent out an email to them with a link back to the site for resetting the password.
That email got shared with a third-party…
Kunal Gupta
- 23
- 6
0
votes
2 answers
Have a custom primary key for users.id in flask-security
I want to have a custom key for the field id, for example, id_user, I've tried the following
class UserModel(db.model, UserMixin)
...
@property
def id(self):
return self.id_user
But couldn't make it work. When I try to…
Hugo Pablo
- 81
- 1
- 9
0
votes
1 answer
How skip tfa setup phase in flask-security-too
I'd like to have defaulted up to sms the tfa method and skip the user choice on it, providing the code automatically on login and then verifying it.
I tried setting into the db manually sms but the setup form is shown anyway.
Giulio G
- 1
0
votes
1 answer
How to make a login to a rest api with flask-security using requests
I have disabled CSRF but I can't get to login to a REST API using Flask-Security with roles based authorization, from a local front-end server. I do make the login but, I think, no cookies are stored on the request so I keep getting the login page…
Hugo Pablo
- 81
- 1
- 9
0
votes
1 answer
No module named 'flask_security'
I have already installed flask-security,however I get an import error.
Here is the import line
from flask_security import *
from flask_cors import CORS, cross_origin
from flask import request
import json
from controller.functions import *
import…
aresdev
- 31
- 8
0
votes
1 answer
flask MethodView with decorators is giving error
Maybe I'm doing something wrong. I'm trying to use flask-security-too auth_required with flask's MethodView as described under https://flask.palletsprojects.com/en/1.1.x/views/#decorating-views, and exception is being raised when I try to access the…
Lou K
- 1,128
- 2
- 12
- 31
0
votes
1 answer
How do I customise the flask-user registration and login functions?
I want to customise the functions that process the results of completing the flask-user registration and login forms. I know how to customise the html forms themselves, but I want to change how flask-user performs the registration process. For…
Stephen Graham
- 378
- 2
- 14
0
votes
2 answers
Problem with logging user in without using ORM - "Could not locate column in row for column 'is_active'"
I am trying to log user in without using ORM. My code looks like that:
@app.route("/", methods=['GET', 'POST'])
def index():
if flask.request.method == 'POST':
email = request.form.get('email')
password =…
Sygol
- 167
- 2
- 8
0
votes
1 answer
is there a way to login a user from different from another form than security login form
I have a login page set using flask security, once the user login it redirect to admin page, now I want to create another login page for end user (Customers).
I have created a form that post email and password to flask. flask then check if the email…
mohammed joban
- 25
- 3
0
votes
1 answer
Why isn't the SECURITY_UNAUTHORIZED_VIEW config option redirecting me when I use the roles_required decorator?
When I use the @roles_required decorator and don't have the required role, I'm not being redirected to the set page. In fact I'm not being redirected at all but when I manually logout and get redirected to /login it displays all the error messages I…
Midnight
- 373
- 2
- 11
0
votes
1 answer
Is it necessary to secure a connection to a local wifi with https?
I am currently writing an app that is planned to control a machine. The machine is controlled by a Raspberry Pi, which offers an API (via flask) to the local wifi. The app on the other hand is also connected to the same wifi and accesses the API.…
Gerke
- 926
- 1
- 10
- 20
0
votes
1 answer
How to set configuration in Flask-Security?
I want to set a value for SECURITY_PASSWORD_SALT. The documentation gives a huge list on configuration items, but it does not explain how to set such an item.
Jens Wagemaker
- 354
- 3
- 13