hawat.blueprints.auth_api package
This pluggable module provides API key based authentication service. When this module is enabled, users may generate and use API keys to authenticate themselves when accessing various API application endpoints.
Currently, the API key may be provided via one of the following methods:
The
Authorization
HTTP header.You may provide your API key by adding
Authorization
HTTP header to your requests. Following forms are accepted:Authorization: abcd1234 Authorization: key abcd1234 Authorization: token abcd1234
The
api_key
orapi_token
parameter of the HTTPPOST
request.You may provide your API key as additional HTTP parameter
api_key
orapi_token
of yourPOST
request to particular application endpoint. UsingGET
requests is forbidden due to the fact that request URLs are getting logged on various places and your keys could thus be easily compromised.
Provided endpoints
/auth_api/<user_id>/key-generate
Page enabling generation of new API key.
Authentication: login required
Authorization:
admin
Methods:
GET
,POST
/auth_api/<user_id>/key-delete
Page enabling deletion of existing API key.
Authentication: login required
Authorization:
admin
Methods:
GET
,POST
- class hawat.blueprints.auth_api.APIAuthBlueprint(name, import_name, **kwargs)[source]
Bases:
HawatBlueprint
Pluggable module - API key authentication service (auth_api).
- hawat.blueprints.auth_api.BLUEPRINT_NAME = 'auth_api'
Name of the blueprint as module global constant.
- class hawat.blueprints.auth_api.DeleteKeyView[source]
Bases:
HTMLMixin
,SQLAlchemyMixin
,ItemChangeView
View for deleting API keys from user accounts.
- authentication = True
Similar to the
decorators
mechanism in Flask pluggable views, you may use this class variable to specify, that the view is protected by authentication. During the process of registering the view into the blueprint inhawat.app.hawatBlueprint.register_view_class()
the view will be automatically decorated withflask_login.login_required()
decorator.The advantage of using this in favor of
decorators
is that the application menu can automatically hide/show items inaccessible to current user.This is a scalar variable that must contain boolean
True
orFalse
.
- classmethod authorize_item_action(**kwargs)[source]
Perform access authorization for current user to particular item.
- classmethod change_item(**kwargs)[source]
Hook method: Change given item in any desired way.
- Parameters
item – Item to be changed/modified.
- property dbchlogmodel
This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.
- property dbmodel
This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.
- static get_message_cancel(**kwargs)[source]
Hook method. Must return text for flash message in case of action cancel. The text may contain HTML characters and will be passed to
flask.Markup
before being used, so to certain extend you may emphasize and customize the output.
- static get_message_failure(**kwargs)[source]
Hook method. Must return text for flash message in case of action failure. The text may contain HTML characters and will be passed to
flask.Markup
before being used, so to certain extend you may emphasize and customize the output.
- static get_message_success(**kwargs)[source]
Hook method. Must return text for flash message in case of action success. The text may contain HTML characters and will be passed to
flask.Markup
before being used, so to certain extend you may emphasize and customize the output.
- classmethod get_view_icon()[source]
Implementation of
hawat.view.BaseView.get_view_icon()
.
- classmethod get_view_name()[source]
Return unique name for the view. Name must be unique in the namespace of parent blueprint/module and should contain only characters
[a-z0-9]
. It will be used for generating endpoint name for the view.This method does not have any default implementation and must be overridden by a subclass.
- Returns
Name for the view.
- Return type
str
- classmethod get_view_template()[source]
Implementation of
hawat.view.RenderableView.get_view_template()
.
- classmethod get_view_title(**kwargs)[source]
Return title for the view, that will be displayed in the
title
tag of HTMLhead
element and also as the content of page header inh2
tag.Default implementation returns the return value of
hawat.view.BaseView.get_menu_title()
method by default.- Parameters
kwargs (dict) – Optional parameters.
- Returns
Title for the view.
- Return type
str
- methods: ClassVar[Optional[Collection[str]]] = ['GET', 'POST']
The methods this view is registered for. Uses the same default (
["GET", "HEAD", "OPTIONS"]
) asroute
andadd_url_rule
by default.
- class hawat.blueprints.auth_api.GenerateKeyView[source]
Bases:
HTMLMixin
,SQLAlchemyMixin
,ItemChangeView
View for generating API keys for user accounts.
- authentication = True
Similar to the
decorators
mechanism in Flask pluggable views, you may use this class variable to specify, that the view is protected by authentication. During the process of registering the view into the blueprint inhawat.app.hawatBlueprint.register_view_class()
the view will be automatically decorated withflask_login.login_required()
decorator.The advantage of using this in favor of
decorators
is that the application menu can automatically hide/show items inaccessible to current user.This is a scalar variable that must contain boolean
True
orFalse
.
- classmethod authorize_item_action(**kwargs)[source]
Perform access authorization for current user to particular item.
- classmethod change_item(**kwargs)[source]
Hook method: Change given item in any desired way.
- Parameters
item – Item to be changed/modified.
- property dbchlogmodel
This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.
- property dbmodel
This property must be implemented in each subclass to return reference to appropriate model class based on SQLAlchemy declarative base.
- static get_message_cancel(**kwargs)[source]
Hook method. Must return text for flash message in case of action cancel. The text may contain HTML characters and will be passed to
flask.Markup
before being used, so to certain extend you may emphasize and customize the output.
- static get_message_failure(**kwargs)[source]
Hook method. Must return text for flash message in case of action failure. The text may contain HTML characters and will be passed to
flask.Markup
before being used, so to certain extend you may emphasize and customize the output.
- static get_message_success(**kwargs)[source]
Hook method. Must return text for flash message in case of action success. The text may contain HTML characters and will be passed to
flask.Markup
before being used, so to certain extend you may emphasize and customize the output.
- classmethod get_view_icon()[source]
Implementation of
hawat.view.BaseView.get_view_icon()
.
- classmethod get_view_name()[source]
Return unique name for the view. Name must be unique in the namespace of parent blueprint/module and should contain only characters
[a-z0-9]
. It will be used for generating endpoint name for the view.This method does not have any default implementation and must be overridden by a subclass.
- Returns
Name for the view.
- Return type
str
- classmethod get_view_template()[source]
Implementation of
hawat.view.RenderableView.get_view_template()
.
- classmethod get_view_title(**kwargs)[source]
Return title for the view, that will be displayed in the
title
tag of HTMLhead
element and also as the content of page header inh2
tag.Default implementation returns the return value of
hawat.view.BaseView.get_menu_title()
method by default.- Parameters
kwargs (dict) – Optional parameters.
- Returns
Title for the view.
- Return type
str
- methods: ClassVar[Optional[Collection[str]]] = ['GET', 'POST']
The methods this view is registered for. Uses the same default (
["GET", "HEAD", "OPTIONS"]
) asroute
andadd_url_rule
by default.