Flask-Principal and Flask-Login (aka Batman and Robin)
As described in the project page (https://pythonhosted.org/Flask-Principal/), Flask-Principal is a permission extension. It manages who can access what and to what extent. You usually should use it with an authentication and session manager, as is the case of Flask-Login, another extension we'll learn in this section.
Flask-Principal handles permissions through four simple entities: Identity, IdentityContext, Need, and Permission.
- Identity: This implies the way Flask-Principal identifies a user.
- IdentityContext: This implies the context of a user tested against Permission. It is used to verify whether the user has the right to do something. It can be used as a decorator (block unauthorized access) ...
Get Building Web Applications with Flask now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.