A basic HTTP auth server written in Python / Flask with basic JWT support
Python Lua
Switch branches/tags
Nothing to show
Latest commit c5d8515 Nov 6, 2016 @jamespo apache conf / lua code
Permalink
Failed to load latest commit information.
apache
README.md
crypteduser.conf
crypteduser.py
requirements.txt

README.md

crypteduser

A tiny authentication server written in python & flask. It uses a sqlalchemy DB to store user & hashed password and returns a JSON Web Token cookie upon successful authentication.

Setup

Install the requirements either in a virtualenv or natively pip install -r requirements.txt

Edit the configuration file (crypteduser.conf) to set the database and disable debug Create the database by setting the environment variable CREATEDB

CREATEDB=1 ./crypteduser.py

Then run the server.

Add a user

curl -i -d username=jamesp -d password=WombleW1m http://127.0.0.1:5000/adduser/

Check password

This will return a JWT cookie in the response

curl -i -d username=jamesp -d password=WombleW1m http://127.0.0.1:5000/verifyuser/

Update password

curl -i -d username=jamesp -d password=WombleW1m2 http://127.0.0.1:5000/updatepass/

Notes

If you run this over the network (ie - not over localhost), put an a SSL-terminating proxy in front. Do NOT send the usernames & passwords over in plain text. Do not run in debug mode in production.

License

Apache License