Skip to content
Switch branches/tags
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Phovea Phovea NPM version Build Status

Security manager implementation based on Flask-Login. Additionally, a login module is provided that can be used at client-side.


git clone
cd phovea_security_flask
npm install


npm test


npm run build

Default users

Username Password
admin admin
sam sam

Add new users

Config File

New users are added to phovea_security_flask/config.json.

The python script hashes a given password and prints password, salt, and hashed password.

Environment Variables

Alternatively, you can provide users via environment variables: The UserStore class in phovea_security_flask/ reads all environment variables starting with PHOVEA_USER_ and uses the remainder of the enviroment variable key as username. The environment variable's key has to contain: SALT;HASHED_PW;ROLE1 (multiple roles can be added by seperating them with a semicolon), e.g.:

export PHOVEA_USER_bruce.banner="08c52b567cb947c98be6de6e9ad3919f;2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7;avenger;scientist

Defines the following user:

  • Username: bruce.banner
  • Salt: 08c52b567cb947c98be6de6e9ad3919f
  • Hashed password: 2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7
  • Roles: avenger, scientist

NOTE: User credentials defined as environment variables override all users defined in the config.json. This behaviour can be used to define development users inside the config.json, and provide users for production via environment variables when deployed.

This repository is part of Phovea, a platform for developing web-based visualization applications. For tutorials, API docs, and more information about the build and deployment process, see the documentation page.