flask-security

flask-security copied to clipboard

Option to avoid unnecessary queries for roles/permissions on every request

1

The `_on_identity_loaded` function in flask_security.core makes one query for roles, and then another query for each role, to load permissions for that role. My app doesn't even use flask-security for...

jennydale

Couchdb support

1

Hi, my team is thinking of using flask-security for account management,and we are wondering if it would be possible to add support for CouchDb? How hard would this be to...

Joeclinton1

f-strings are less computationally expensive, more readable, more concise, and less error-prone than other ways of formatting. This MR changes last format-strings to f-strings.

sr-verde

Seems like a useful additional MFA option - supported by: https://github.com/duosecurity/duo_universal_python) Right now, the two_factor code is pretty inter-tangled with no real plugin architecture - this is hampering adding WebAuthn...

jwag956

Possibility to modify the path for the mail templates

1

### Possibility to modify the path for the mail templates I propose to add the possibility to **modify** the path of the **mails templates**, currently we are obliged to create...

TakeusV1

Improve bcrypt to match OWASP

3

passlib has a work factor of 12 by default. OWAPS wants at least 13. We should set that as default config for SECURITY_PASSWORD_HASH_OPTIONS and add to documentation what that config...

jwag956

Documentation: a quickstart project for spa

9

I'm trying build an spa, following what the doc says [here](https://flask-security-too.readthedocs.io/en/stable/spa.html), but I'm stuck. The quickstart projects are pretty useful. It would be great to have one for an spa.

andreaskundig

The __hash__ and __eq__ seem to mess this up - need to investigate further. https://stackoverflow.com/questions/62567569/ponyorm-with-mixins-with-custom-hash

jwag956

We are very close to being able to support not requiring email and allowing registration with one of rather than all of identity attributes. While registration would be easy to...

jwag956

Issue with `registerable.register_user` function change

2

I've been working on upgrading from Flask Security 3.0.0 to Flask Security Too 3.4.2. There was change in this commit (https://github.com/Flask-Middleware/flask-security/commit/3c5fd22bf45c21d769544344d985df67ffbf2b09#diff-2e9556678333fc9e7dfe58473f411bb4) that changed how the register_user function works. Instead of...

richard-to