New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
adds role based access control #98
Comments
Interesting solution, I like its simplicity. The areas that I think we'd need to elaborate are:
|
Hi Miguel, Thanks for the interest. I tried to implement your points this morning and i think i covered them all except multi-auth (bit more complex due to the nested
I also wrote some minimal tests for basic, digest and token. You can find my fork/branch at: https://github.com/gemerden/Flask-HTTPAuth/tree/role-based-access-control |
I also added a role based version of MultiAuth: MultiRoleAuth(MultiAuth); to simplify that i factored the selected_auth logic into a separate property of MultiAuth. Also added basic tests ... |
Good feature suggestion! Waiting to implement. |
Hi Miguel, Do you have any ideas of how I should progress to this? I added your initial suggestions and created a pull request. Cheers, Lars |
Your PR is now merged (with some changes from myself). Once I get around to update the docs I'll publish it to PyPI. Thanks! |
Missed your message. Great, hope to see it soon, so i can use it instead of my own version ;-) |
@gemerden it's been out for a while now. Enjoy it! |
For my own project i have added a simple way to add role based access control to BasicAuth:
used as in:
compared to:
with
roles_required
a replacement forlogin_required
with the additional requirement that the user has one of the roles (obtained through theget_user_roles
callback) set by the decorator.Is this something to add to the repo?
The text was updated successfully, but these errors were encountered: