book

Flask Web Development

Name: Flask Web Development
Author: Miguel Grinberg
ISBN: 9781449372620

by Miguel Grinberg

May 2014

Intermediate to advanced

258 pages

5h 42m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Dedication
Preface
Who This Book Is ForHow This Book Is OrganizedHow to Work with the Example Code Using Code ExamplesConventions Used in This BookSafari® Books OnlineHow to Contact UsAcknowledgments
I. Introduction to Flask
1. Installation
Using Virtual EnvironmentsInstalling Python Packages with pip
2. Basic Application Structure
Initialization Routes and View FunctionsServer StartupA Complete ApplicationThe Request-Response CycleApplication and Request ContextsRequest Dispatching Request HooksResponsesFlask ExtensionsCommand-Line Options with Flask-Script
3. Templates
The Jinja2 Template Engine Rendering Templates Variables Control StructuresTwitter Bootstrap Integration with Flask-Bootstrap Custom Error PagesLinksStatic Files Localization of Dates and Times with Flask-Moment
4. Web Forms
Cross-Site Request Forgery (CSRF) Protection Form ClassesHTML Rendering of Forms Form Handling in View FunctionsRedirects and User SessionsMessage Flashing
5. Databases
SQL Databases NoSQL Databases SQL or NoSQL?Python Database FrameworksDatabase Management with Flask-SQLAlchemy Model Definition Relationships Database OperationsCreating the Tables Inserting Rows Modifying Rows Deleting Rows Querying Rows Database Use in View FunctionsIntegration with the Python Shell Database Migrations with Flask-Migrate Creating a Migration Repository Creating a Migration ScriptUpgrading the Database
6. Email
Email Support with Flask-Mail Sending Email from the Python ShellIntegrating Emails with the ApplicationSending Asynchronous Email
7. Large Application Structure
Project StructureConfiguration OptionsApplication PackageUsing an Application Factory Implementing Application Functionality in a Blueprint Launch Script Requirements File Unit Tests Database Setup

II. Example: A Social Blogging Application
8. User Authentication
Authentication Extensions for FlaskPassword Security Hashing Passwords with Werkzeug Creating an Authentication Blueprint User Authentication with Flask-Login Preparing the User Model for LoginsProtecting Routes Adding a Login Form Signing Users InSigning Users OutTesting LoginsNew User RegistrationAdding a User Registration FormRegistering New UsersAccount ConfirmationGenerating Confirmation Tokens with itsdangerousSending Confirmation EmailsAccount Management
9. User Roles
Database Representation of RolesRole AssignmentRole Verification
10. User Profiles
Profile InformationUser Profile PageProfile EditorUser-Level Profile EditorAdministrator-Level Profile EditorUser Avatars
11. Blog Posts
Blog Post Submission and DisplayBlog Posts on Profile PagesPaginating Long Blog Post ListsCreating Fake Blog Post DataRendering Data on PagesAdding a Pagination WidgetRich-Text Posts with Markdown and Flask-PageDownUsing Flask-PageDownHandling Rich Text on the ServerPermanent Links to Blog PostsBlog Post Editor
12. Followers
Database Relationships Revisited Many-to-Many RelationshipsSelf-Referential RelationshipsAdvanced Many-to-Many RelationshipsFollowers on the Profile PageQuery Followed Posts Using a Database Join Show Followed Posts on the Home Page
13. User Comments
Database Representation of CommentsComment Submission and DisplayComment Moderation
14. Application Programming Interfaces
Introduction to REST Resources Are EverythingRequest MethodsRequest and Response Bodies Versioning RESTful Web Services with Flask Creating an API Blueprint Error Handling User Authentication with Flask-HTTPAuth Token-Based Authentication Serializing Resources to and from JSON Implementing Resource Endpoints Pagination of Large Resource Collections Testing Web Services with HTTPie
III. The Last Mile
15. Testing
Obtaining Code Coverage Reports The Flask Test Client Testing Web Applications Testing Web Services End-to-End Testing with Selenium Is It Worth It?
16. Performance
Logging Slow Database Performance Source Code Profiling
17. Deployment
Deployment Workflow Logging of Errors During Production Cloud Deployment The Heroku Platform Preparing the ApplicationCreating a Heroku accountInstalling the Heroku Toolbelt Creating an applicationProvisioning a databaseConfiguring logging Configuring email Running a production web server Adding a requirements file Adding a Procfile Testing with Foreman Enabling Secure HTTP with Flask-SSLify Deploying with git push Reviewing Logs Deploying an UpgradeTraditional HostingServer SetupImporting Environment Variables Setting Up Logging
18. Additional Resources
Using an Integrated Development Environment (IDE) Finding Flask ExtensionsGetting Involved with Flask
Index
Colophon
Copyright

Content preview from Flask Web Development

Chapter 8. User Authentication

Most applications need to keep track of who its users are. When users connect with the application, they authenticate with it, a process by which they make their identity known. Once the application knows who the user is, it can offer a customized experience.

The most commonly used method of authentication requires users to provide a piece of identification (either their email or username) and a secret password. In this chapter, the complete authentication system for Flasky is created.

Authentication Extensions for Flask

There are many excellent Python authentication packages, but none of them do everything. The user authentication solution presented in this chapter uses several packages and provides the glue that makes them work well together. This is the list of packages that will be used:

Flask-Login: Management of user sessions for logged-in users
Werkzeug: Password hashing and verification
itsdangerous: Cryptographically secure token generation and verification

In addition to authentication-specific packages, the following general-purpose extensions will be used:

Flask-Mail: Sending of authentication-related emails
Flask-Bootstrap: HTML templates
Flask-WTF: Web forms

Password Security

The safety of user information stored in databases is often overlooked during the design of web applications. If an attacker is able to break into your server and access your user database, then you risk the security of your users, and the risk is bigger than you ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781491947586Errata

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design