Most applications need to keep track of who its users are. When users connect with the application, they authenticate with it, a process by which they make their identity known. Once the application knows who the user is, it can offer a customized experience.
The most commonly used method of authentication requires users to provide a piece of identification (either their email or username) and a secret password. In this chapter, the complete authentication system for Flasky is created.
There are many excellent Python authentication packages, but none of them do everything. The user authentication solution presented in this chapter uses several packages and provides the glue that makes them work well together. This is the list of packages that will be used:
In addition to authentication-specific packages, the following general-purpose extensions will be used:
The safety of user information stored in databases is often overlooked during the design of web applications. If an attacker is able to break into your server and access your user database, then you risk the security of your users, and the risk is bigger than you ...