[Flask] Flask secret key for mobile app client
Unai Rodriguez
unai at sysbible.org
Mon May 30 00:09:38 EDT 2016
If the people using the app can be anyone (I.e. it's open to general
public) you cannot. Typically SSL I.e. HTTPS) plus authentication is
used for this.
If the people that are supposed to access have something in common (I.e.
they come from a specific office, etc) then you might be able to add
rules on a firewalll. But that can be a problem (rules not correct or
people accessing through a VPN etc). I guess the only way is if the app
is served only to the people that are supposed to access the through
some sort of a corporate /private network .
-- unai
On Mon, May 30, 2016, at 09:56 AM, aiman parvaiz wrote:
> Hi all
> I am new to flask and am writing a REST API backend for a mobile app.
> My question is how can I ensure that call to my endpoints is only
> being done by my mobile app and not by some one who has guessed the
> endpoint.
> What would be the best way to avoid this kind of behavior.
> Thanks
> _________________________________________________
> Flask mailing list
> Flask at python.org
> https://mail.python.org/mailman/listinfo/flask
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20160530/cd1ea4ce/attachment.html>
More information about the Flask
mailing list