Security manager implementation based on flask-login
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci
docs
phovea_security_flask
src
.editorconfig
.gitattributes
.gitignore
.gitlab-ci.yml
.travis.yml
.yo-rc.json
ISSUE_TEMPLATE.md
LICENSE
README.md
build.py
buildInfo.js
buildPython.js
docker_packages.txt
encryptor.py
encryptor_python3.py
index.js
karma.conf.js
package.json
phovea.js
phovea_registry.js
requirements.txt
requirements_dev.txt
setup.cfg
setup.py
tests.webpack.js
tox.ini
tsconfig.json
tsconfig_dev.json
tsd.d.ts
tslint.json
typedoc.json
webpack.config.js

README.md

phovea_security_flask Phovea NPM version Build Status Dependency Status

Security manager implementation based on Flask-Login. Additionally, a login module is provided that can be used at client-side.

Installation

git clone https://github.com/phovea/phovea_security_flask.git
cd phovea_security_flask
npm install

Testing

npm test

Building

npm run build

Add new users

Config File

New users are added to phovea_security_flask/config.json.

The python script encryptor.py hashes a given password and prints password, salt, and hashed password.

Environment Variables

Alternatively, you can provide users via environment variables: The UserStore class in phovea_security_flask/dummy_store.py reads all environment variables starting with PHOVEA_USER_ and uses the remainder of the enviroment variable key as username. The environment variable's key has to contain: SALT;HASHED_PW;ROLE1 (multiple roles can be added by seperating them with a semicolon), e.g.:

export PHOVEA_USER_bruce.banner="08c52b567cb947c98be6de6e9ad3919f;2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7;avenger;scientist

Defines the following user:

  • Username: bruce.banner
  • Salt: 08c52b567cb947c98be6de6e9ad3919f
  • Hashed password: 2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7
  • Roles: avenger, scientist

NOTE: User credentials defined as environment variables override all users defined in the config.json. This behaviour can be used to define development users inside the config.json, and provide users for production via environment variables when deployed.


This repository is part of Phovea, a platform for developing web-based visualization applications. For tutorials, API docs, and more information about the build and deployment process, see the documentation page.