Awesome authentication code for Flask and Bottle web apps.
Authcode is a clean solution for both authentication and authorization of Python web applications. Briefly, authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do.
auth = authcode.Auth(SECRET_KEY, db=db, roles=True) User = auth.User Role = auth.Role
@app.route('/') @auth.protected() def index(): return u'Welcome ' + g.user.login @app.route('/top-secret/') @auth.protected(role='007') def top_secret(): return 'For your eyes only'
- Default but fully customizable User & Role models.
- Ready to use authentication views and templates.
- Support multiple users models at the same time
- Password-reset tokens.
- Cross Site Request Forgery (CSRF) protection.
- Uses the most secure hash algorithms.
- Auto-update of old password hashes.
- Compatible with Python 2.7, 3.4+ and Pypy.
- More documentation (always!)
- Automatic views: how to use and customize
- Manual views
- Twitter + login/password example
- Mozilla Persona example?
- MultiAuth tests
- Check for open issues or open a fresh issue to start a discussion around a feature idea or a bug.
- Fork the Authcode repository on Github to start making your changes.
- Write a test which shows that the bug was fixed or that the feature works as expected.
- Send a pull request and bug the maintainer until it gets merged and published.
:) Make sure to add yourself to
Run the tests
We use some external dependencies, listed in
$ pip install -r requirements-tests.txt $ python setup.py install
To run the tests in your current Python version do:
$ make test
To run them in every supported Python version do:
It's also neccesary to run the coverage report to make sure all lines of code are touch by the tests:
$ make coverage
Our test suite runs continuously on Travis CI with every update.
|license:||MIT, see LICENSE for more details.|