flask-security icon indicating copy to clipboard operation
flask-security copied to clipboard

verified publisher icon mattupstate

Metadata

Quick and simple security for Flask applications

Results 100 flask-security issues
Sort by recently updated
recently updated
newest added

Flash message after Reset Password page says "logged in automatically", but it isn't

5 comment

The default flash message after resetting the password is: "You successfully reset your password and you have been logged in automatically." However, in flask_security - I don't see code that...

kantorii avatar kantorii

A conflict in validation between forgot_password view function and ForgotPasswordForm.validate method.

2 comment

Using Flask_security `forgot_password` default view and turning ON the `SECURITY_CONFIRMABLE` flag, during validation process of the `ForgotPasswordForm`, the `forgot_password` view requires `anonymous_user` while the form checks if a confirmation is...

IronFist16 avatar IronFist16

SQLAlchemyUserDatastore.get_user should use get with uuid's

2 comment

Currently `get` is used only for numerics rather than also for a UUID pk: https://github.com/mattupstate/flask-security/blob/3e15d06ee82a728d5cc53059fb28406c7bc6e7aa/flask_security/datastore.py#L242-L243

cancan101 avatar cancan101

in memory cache verify password implementation

31 comment

As bcrypt algorithm computations are expensives and long, I implemented a simple cache system allowing to bypass token validation on each requests when the same validation is already in cache....

eregnier avatar eregnier

Logout doesn't work for non-root reverse proxies

1 comment

I have an app set up with a (nginx) reverse proxy to `/myapp/`. I've managed to get most of this to work, by using a [`ReverseProxied`](http://blog.macuyiko.com/post/2016/fixing-flask-url_for-when-behind-mod_proxy.html) object to fix url...

beldaz avatar beldaz

Question: Keep the next argument configured for the register form even if inputs fail validation

1 comment

I have an ExtendedRegisterForm that customizes the RegisterForm. It's configured with the next argument, so that upon successful registration, I can configure the next route. But, if you mess up...

anglofox avatar anglofox

datastore: get user by numeric identity attribute

6 comment

* BETTER Supports login by a numeric identity attribute (e.g. phone number, social security number). * closes #604 * replaces #608

jirikuncar avatar jirikuncar

Broken CI for python 3.x

1 comment

I am getting errors on the validation of PR since there is something bad on `release.py`: ``` ________________________________ pyflakes-check ________________________________ /home/travis/build/mattupstate/flask-security/scripts/release.py:114: InvalidPrintSyntax use of >> is invalid with print function...

miceno avatar miceno

Broken CI for 3.5

1 comment

After solving #832 we also get the following errors (see https://travis-ci.org/mattupstate/flask-security/jobs/510643989) ```tests/test_changeable.py:80: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _...

miceno avatar miceno

verify_hash

5 comment

when i use auth_token_required, the verify_hash function is too slow,how can i optimize it?

guoqi233 avatar guoqi233

discussion

Metadata

1.6k
Stars
516
Forks
Watchers

Owner

verified publisher icon mattupstate

Metadata

Quick and simple security for Flask applications

Back