Flask-Paseto

Release 0.0.5

Paseto integration for flask

Homepage PyPI Python

License
MIT
Install
pip install Flask-Paseto==0.0.5

Documentation

FLASK-PASETO

FLASK-PASETO adds basic support for paseto v2 to your Flask app.

Installation

Flask-Paseto relies on paseto which in turns relies on pysodium. pysoduim is a wrapper for the popular libsoduim cryptography library. This guide shows how to install libsodium on mac and windows. on linux libsodium could be install using sudo apt-get install -y libsodium-dev or yum install libsodium depending on your linux distribution.

To install Flask-Paseto used the command below to get the latest version

    pip install flask_paseto

Example usage

    import pysodium

    from flask_paseto import (
        Paseto,
        paseto_required,
        create_access_token,
        create_access_token_public,
        get_paseto_claim,
        get_paseto_claim_public
    )

    app = Flask(__name__)

    app.config['PASETO_SECRET_KEY'] = '0'*32 # must be 32 byte
    pk, sk = pysodium.crypto_sign_keypair()
    app.config['PASETO_PRIVATE_KEY']=sk
    app.config['PASETO_PUBLIC_KEY']=pk


    paseto = Paseto(app)

    @app.route('/protected/local/')
    @paseto_required
    def protected():
        claims = get_paseto_claim()
        return jsonify(claims), 200

    @app.route('/create/local/token/')
    def create_token():
        ret = {'access_token': create_access_token({'test user':'yes'})}
        return jsonify(ret), 200
    
    @app.route('/create/public/token/')
    def create_public_token():
        ret = {'access_token': create_access_token_public({'public test user':'yes'})}
        return jsonify(ret), 200

    @app.route('/protected/public/')
    @paseto_required
    def protected_public():
        claims = get_paseto_claim_public()
        return jsonify(claims), 200

    app.run()

The client http request must provide a generated paseto token

    GET /protected/public HTTP/1.1
    Authorization: Bearer v2.local.epxJJp-rchdlMondp12dxN9MV7GACjW0swwyOgo5pliQo2fJmC-1WqhrmWDTQBkg08In7zXD6ieM-xpaY2eMWr-mAu64nVi8VvTWi5bc3dhGHGR-Mg8QQ8HJIzPldLfSDLQXwQ

Configuration Options

Option Description
PASETO_SECRET_KEY This is the secret key used by paseto to sign your data. It requires 32 byte strings
PASETO_PUBLIC_KEY This is the public key generated as part of the key pair generated for paseto
PASETO_PRIVATE_KEY This is the private key generated as part of the key pair generated for paseto
PASETO_EXPIRATION_DELTA The additional time from the current time the token was created before expiration

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
5
Latest release
First release
Stars
2
Forks
1
Watchers
1
Contributors
2
Repository size
9.77 KB
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.0.5
0.0.4
0.0.3
0.0.2
0.0.1

Contributors

akerele abraham Jürgen Gmach


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-02-15 13:33:54 UTC

Login to resync this project