本文整理汇总了Python中flask_security.Security方法的典型用法代码示例。如果您正苦于以下问题:Python flask_security.Security方法的具体用法?Python flask_security.Security怎么用?Python flask_security.Security使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类flask_security的用法示例。
在下文中一共展示了flask_security.Security方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_passwordless_custom_form
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_passwordless_custom_form(app, sqlalchemy_datastore):
app.config["SECURITY_PASSWORDLESS"] = True
class MyPasswordlessLoginForm(PasswordlessLoginForm):
email = StringField("My Passwordless Email Address Field")
app.security = Security(
app,
datastore=sqlalchemy_datastore,
passwordless_login_form=MyPasswordlessLoginForm,
)
client = app.test_client()
response = client.get("/login")
assert b"My Passwordless Email Address Field" in response.data 示例2: test_custom_forms_via_config
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_custom_forms_via_config(app, sqlalchemy_datastore):
class MyLoginForm(LoginForm):
email = StringField("My Login Email Address Field")
class MyRegisterForm(RegisterForm):
email = StringField("My Register Email Address Field")
app.config["SECURITY_LOGIN_FORM"] = MyLoginForm
app.config["SECURITY_REGISTER_FORM"] = MyRegisterForm
security = Security(datastore=sqlalchemy_datastore)
security.init_app(app)
client = app.test_client()
response = client.get("/login")
assert b"My Login Email Address Field" in response.data
response = client.get("/register")
assert b"My Register Email Address Field" in response.data 示例3: test_form_required_local_message
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_form_required_local_message(app, sqlalchemy_datastore):
""" Test having a local message (not xlatable and not part of MSG_ config."""
class MyLoginForm(LoginForm):
myfield = StringField("My Custom Field", validators=[Required(message="hi")])
app.config["SECURITY_LOGIN_FORM"] = MyLoginForm
security = Security(datastore=sqlalchemy_datastore)
security.init_app(app)
client = app.test_client()
response = client.post("/login", content_type="application/json")
assert response.status_code == 400
assert b"myfield" in response.data 示例4: test_form_labels
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_form_labels(app):
app.config["BABEL_DEFAULT_LOCALE"] = "fr_FR"
app.security = Security()
app.security.init_app(app)
assert check_xlation(app, "fr_FR"), "You must run python setup.py compile_catalog"
with app.test_request_context():
rform = RegisterForm()
assert str(rform.password.label.text) == "Mot de passe"
assert str(rform.password_confirm.label.text) == "Confirmer le mot de passe"
assert str(rform.email.label.text) == "Adresse email"
assert str(rform.submit.label.text) == "Inscription"
form = LoginForm()
assert str(form.password.label.text) == "Mot de passe"
assert str(form.remember.label.text) == "Se souvenir de moi"
assert str(form.email.label.text) == "Adresse email"
assert str(form.submit.label.text) == "Connexion"
form = ChangePasswordForm()
assert str(form.password.label.text) == "Mot de passe"
assert str(form.new_password.label.text) == "Nouveau mot de passe"
assert str(form.new_password_confirm.label.text) == "Confirmer le mot de passe"
assert str(form.submit.label.text) == "Changer le mot de passe" 示例5: test_breached
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_breached(app):
# partial response from: https://api.pwnedpasswords.com/range/07003
pwned_response = "AF5A73CD3CBCFDCD12B0B68CB7930F3E888:2\r\n\
AFD8AA47E6FD782ADDC11D89744769F7354:2\r\n\
B04334E179537C975D0B3C72DA2E5B68E44:15\r\n\
B118F58C2373FDF97ACF93BD3339684D1EB:2\r\n\
B1ED5D27429EDF77EFD84F4EA9BDA5013FB:4\r\n\
B25C03CFBE4CBF19E0F4889711C9A488E5D:2\r\n\
B3902FD808DCA504AAAD30F3C14BD3ACE7C:10".encode(
"utf-8"
)
app.security = Security()
app.security.init_app(app)
with app.test_request_context():
with mock.patch("urllib.request.urlopen") as mock_urlopen:
mock_urlopen.return_value.__enter__.return_value.read.return_value = (
pwned_response
)
pbad = app.security._password_validator("flaskflask", False)
assert len(pbad) == 1
assert app.config["SECURITY_MSG_PASSWORD_BREACHED"][0] in pbad[0] 示例6: test_breached_cnt
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_breached_cnt(app):
# partial response from: https://api.pwnedpasswords.com/range/07003
pwned_response = "AF5A73CD3CBCFDCD12B0B68CB7930F3E888:2\r\n\
AFD8AA47E6FD782ADDC11D89744769F7354:2\r\n\
B04334E179537C975D0B3C72DA2E5B68E44:15\r\n\
B118F58C2373FDF97ACF93BD3339684D1EB:2\r\n\
B1ED5D27429EDF77EFD84F4EA9BDA5013FB:4\r\n\
B25C03CFBE4CBF19E0F4889711C9A488E5D:2\r\n\
B3902FD808DCA504AAAD30F3C14BD3ACE7C:10".encode(
"utf-8"
)
app.security = Security()
app.security.init_app(app)
with app.test_request_context():
with mock.patch("urllib.request.urlopen") as mock_urlopen:
mock_urlopen.return_value.__enter__.return_value.read.return_value = (
pwned_response
)
pbad = app.security._password_validator("flaskflask", True)
# Still weak password, just not pwned enough. Should fail complexity
assert len(pbad) == 1
assert "Repeats like" in pbad[0] 示例7: test_phone_util_override
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_phone_util_override(app):
class MyPhoneUtil:
def __init__(self, app):
pass
def validate_phone_number(self, input_data):
return "call-me"
def get_canonical_form(self, input_data):
return "very-canonical"
app.security = Security()
app.security.init_app(app, phone_util_cls=MyPhoneUtil)
with app.app_context():
client = app.test_client()
# trigger @before first request
client.get("/login")
assert uia_phone_mapper("55") == "very-canonical" 示例8: setup_flask_app
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def setup_flask_app(manager_ip='localhost',
driver='',
hash_salt=None,
secret_key=None):
"""Setup a functioning flask app, when working outside the rest-service
:param manager_ip: The IP of the manager
:param driver: SQLA driver for postgres (e.g. pg8000)
:param hash_salt: The salt to be used when creating user passwords
:param secret_key: Secret key used when hashing flask tokens
:return: A Flask app
"""
app = Flask(__name__)
db_uri = _get_postgres_db_uri(manager_ip, driver)
app.config['SQLALCHEMY_DATABASE_URI'] = db_uri
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['ENV'] = 'production'
set_flask_security_config(app, hash_salt, secret_key)
Security(app=app, datastore=user_datastore)
Migrate(app=app, db=db)
db.init_app(app)
app.app_context().push()
return app 示例9: set_flask_security_config
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def set_flask_security_config(app, hash_salt=None, secret_key=None):
"""Set all necessary Flask-Security configurations
:param app: Flask app object
:param hash_salt: The salt to be used when creating user passwords
:param secret_key: Secret key used when hashing flask tokens
"""
hash_salt = hash_salt or config.instance.security_hash_salt
secret_key = secret_key or config.instance.security_secret_key
# Make sure that it's possible to get users from the datastore
# by username and not just by email (the default behavior)
app.config['SECURITY_USER_IDENTITY_ATTRIBUTES'] = 'username, email'
app.config['SECURITY_PASSWORD_HASH'] = 'pbkdf2_sha256'
app.config['SECURITY_HASHING_SCHEMES'] = ['pbkdf2_sha256']
app.config['SECURITY_DEPRECATED_HASHING_SCHEMES'] = []
app.config['SECURITY_TOKEN_MAX_AGE'] = 36000 # 10 hours
app.config['SECURITY_PASSWORD_SALT'] = hash_salt
app.config['SECURITY_REMEMBER_SALT'] = hash_salt
app.config['SECRET_KEY'] = secret_key 示例10: add_flask_security
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def add_flask_security(app):
with app.app_context():
app.config['SECURITY_UNAUTHORIZED_VIEW'] = '/'
app.config['SECRET_KEY'] = f3c_global_config.secret_key
app.config['SECURITY_PASSWORD_SALT'] = f3c_global_config.secret_key
user_datastore = MongoEngineUserDatastore(db, User, Role)
security = Security(app, user_datastore)
create_default_user_and_roles(user_datastore)
_add_apikey_handler(security, user_datastore) 示例11: test_form_data_is_passed_to_user_registered_signal
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_form_data_is_passed_to_user_registered_signal(app, sqlalchemy_datastore):
class MyRegisterForm(RegisterForm):
additional_field = StringField("additional_field")
app.security = Security(
app, datastore=sqlalchemy_datastore, register_form=MyRegisterForm
)
recorded = []
@user_registered.connect_via(app)
def on_user_registered(app, user, confirm_token, form_data):
assert isinstance(app, Flask)
assert isinstance(user, UserMixin)
assert confirm_token is None
assert form_data["additional_field"] == "additional_data"
recorded.append(user)
client = app.test_client()
data = dict(
email="dude@lp.com",
password="password",
password_confirm="password",
additional_field="additional_data",
)
response = client.post("/register", data=data, follow_redirects=True)
assert response.status_code == 200
assert len(recorded) == 1 示例12: test_nullable_username
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_nullable_username(app, sqlalchemy_datastore):
# sqlalchemy datastore uses fsqlav2 which has username as unique and nullable
# make sure can register multiple users with no username
# Note that current WTForms (2.2.1) has a bug where StringFields can never be
# None - it changes them to an empty string. DBs don't like that if you have
# your column be 'nullable'.
class NullableStringField(StringField):
def process_formdata(self, valuelist):
if valuelist:
self.data = valuelist[0]
class MyRegisterForm(ConfirmRegisterForm):
username = NullableStringField("Username")
app.config["SECURITY_CONFIRM_REGISTER_FORM"] = MyRegisterForm
security = Security(datastore=sqlalchemy_datastore)
security.init_app(app)
client = app.test_client()
data = dict(email="u1@test.com", password="password", password_confirm="password")
response = client.post(
"/register", json=data, headers={"Content-Type": "application/json"}
)
assert response.status_code == 200
logout(client)
data = dict(email="u2@test.com", password="password", password_confirm="password")
response = client.post(
"/register", json=data, headers={"Content-Type": "application/json"}
)
assert response.status_code == 200 示例13: test_register_blueprint_flag
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_register_blueprint_flag(app, sqlalchemy_datastore):
app.security = Security(app, datastore=Security, register_blueprint=False)
client = app.test_client()
response = client.get("/login")
assert response.status_code == 404 示例14: test_change_hash_type
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_change_hash_type(app, sqlalchemy_datastore):
init_app_with_options(
app,
sqlalchemy_datastore,
**{
"SECURITY_PASSWORD_HASH": "plaintext",
"SECURITY_PASSWORD_SALT": None,
"SECURITY_PASSWORD_SCHEMES": ["bcrypt", "plaintext"],
}
)
app.config["SECURITY_PASSWORD_HASH"] = "bcrypt"
app.config["SECURITY_PASSWORD_SALT"] = "salty"
app.security = Security(
app, datastore=sqlalchemy_datastore, register_blueprint=False
)
client = app.test_client()
response = client.post(
"/login", data=dict(email="matt@lp.com", password="password")
)
assert response.status_code == 302
response = client.get("/logout")
response = client.post(
"/login", data=dict(email="matt@lp.com", password="password")
)
assert response.status_code == 302 示例15: test_form_required
# 需要导入模块: import flask_security [as 别名]
# 或者: from flask_security import Security [as 别名]
def test_form_required(app, sqlalchemy_datastore):
class MyLoginForm(LoginForm):
myfield = StringField("My Custom Field", validators=[Required()])
app.config["SECURITY_LOGIN_FORM"] = MyLoginForm
security = Security(datastore=sqlalchemy_datastore)
security.init_app(app)
client = app.test_client()
response = client.post("/login", content_type="application/json")
assert response.status_code == 400
assert b"myfield" in response.data