[Flask] Flask-security or other alternatives

Paul Götze paul.christoph.goetze at gmail.com
Thu Jun 22 05:14:07 EDT 2017 

Hi Kiko,

I am using flask-security successfully in a production app, and it just
works fine. To be honest I used the fork
(https://pypi.org/project/Flask-Security-Fork/) which some months ago
had quite some fixes that were not in the original repo. There was a
merging process going on over quite some time, because the original repo
seemed to be not maintained (enough) to keep up with issues and the fork
authors didn’t have maintainer access.

See https://github.com/mattupstate/flask-security/issues/559 for the
discussion and related issues. It looks like they managed to reintegrate
the fork now
(https://github.com/inveniosoftware/flask-security-fork/issues/40) and
they are going to close down the fork. Also there was a new version of
flask-security 3.0.0 released a couple of days ago.

So, I'm pretty happy with it and I can definitely recommend using
flask-security. It comes with all the standard authentication things
(register, signup, password change/reset, email confirmation, etc.). The
last version I used (flask-security-fork 2.0.1) didn’t provide a couple
of things I needed to use it with a JSON-API, but it was pretty easy to
adjust these things to my needs.

Hope this is helpful.

Cheers,
Paul


Am 22.06.2017 um 10:34 schrieb Kiko
>
>
> 2017-06-22 10:11 GMT+02:00 Christophe Bal <projetmbc at gmail.com
> <mailto:projetmbc at gmail.com>>:
>
>     Take a look here
>     : https://blog.miguelgrinberg.com/post/handling-authentication-secrets-in-the-browser
>     <https://blog.miguelgrinberg.com/post/handling-authentication-secrets-in-the-browser>
>
>
> Thanks, pretty nice slides.
>
> But it doesn't answer my doubts about reinventing the wheel or using
> flask-security :-(
>  
>
>
>
>     Christophe BAL
>     Enseignant Agrégé de Mathématiques
>     Programmeur Python Amateur
>
>     Le 22 juin 2017 08:24, "Kiko" <kikocorreoso at gmail.com
>     <mailto:kikocorreoso at gmail.com>> a écrit :
>
>         Hi all,
>
>         After reading most used tutorials [1] [2] and most of the
>         books about flask [3] [4] [5] [6] [7] [8] [9] I can't see the
>         use of Flask-security on any of them even it provides basic
>         authentication, mail confirmation, reset/change password,...,
>         out of the box.
>
>         Is there any reason for that? Do you discourage the use of
>         this extension for some reason? Do you recommend it for the
>         typical login/regster needs of a website (basic
>         authentication, mail confirmation, reset/change password) in
>         order to not reinventing the wheel? If you recommend it, do
>         you know of good examples implementing this stuff?
>
>         Thanks in advance.
>
>         kind regards.
>
>         [1]
>         https://blog.miguelgrinberg.com/post/the-flask-mega-tutorial-now-with-python-3-support
>         <https://blog.miguelgrinberg.com/post/the-flask-mega-tutorial-now-with-python-3-support>
>         [2]
>         https://realpython.com/blog/python/handling-email-confirmation-in-flask/
>         <https://realpython.com/blog/python/handling-email-confirmation-in-flask/>
>         [3] http://shop.oreilly.com/product/0636920031116.do
>         <http://shop.oreilly.com/product/0636920031116.do>
>         [4] https://www.packtpub.com/web-development/flask-example
>         <https://www.packtpub.com/web-development/flask-example>
>         [5] https://www.packtpub.com/web-development/flask-blueprints
>         <https://www.packtpub.com/web-development/flask-blueprints>
>         [6]
>         https://www.packtpub.com/web-development/learning-flask-framework
>         <https://www.packtpub.com/web-development/learning-flask-framework>
>         [7] https://www.packtpub.com/web-development/mastering-flask
>         <https://www.packtpub.com/web-development/mastering-flask>
>         [8]
>         https://www.packtpub.com/web-development/building-web-applications-flask
>         <https://www.packtpub.com/web-development/building-web-applications-flask>
>         [9]
>         https://www.packtpub.com/web-development/flask-framework-cookbook
>         <https://www.packtpub.com/web-development/flask-framework-cookbook>
>
>         _______________________________________________
>         Flask mailing list
>         Flask at python.org <mailto:Flask at python.org>
>         https://mail.python.org/mailman/listinfo/flask
>         <https://mail.python.org/mailman/listinfo/flask>
>
>
>
>
> _______________________________________________
> Flask mailing list
> Flask at python.org
> https://mail.python.org/mailman/listinfo/flask

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20170622/eefe0ffc/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://mail.python.org/pipermail/flask/attachments/20170622/eefe0ffc/attachment-0001.sig>

More information about the Flask mailing list