flask-security (HEAD) - Codebase list

Flask-Security
===================

.. image:: https://github.com/Flask-Middleware/flask-security/workflows/tests/badge.svg?branch=master&event=push
    :target: https://github.com/Flask-Middleware/flask-security

.. image:: https://codecov.io/gh/Flask-Middleware/flask-security/branch/master/graph/badge.svg?token=U02MUQJ7BM
    :target: https://codecov.io/gh/Flask-Middleware/flask-security
    :alt: Coverage!

.. image:: https://img.shields.io/github/tag/Flask-Middleware/flask-security.svg
    :target: https://github.com/Flask-Middleware/flask-security/releases

.. image:: https://img.shields.io/pypi/dm/flask-security-too.svg
    :target: https://pypi.python.org/pypi/flask-security-too
    :alt: Downloads

.. image:: https://img.shields.io/github/license/Flask-Middleware/flask-security.svg
    :target: https://github.com/Flask-Middleware/flask-security/blob/master/LICENSE
    :alt: License

.. image:: https://readthedocs.org/projects/flask-security-too/badge/?version=latest
    :target: https://flask-security-too.readthedocs.io/en/latest/?badge=latest
    :alt: Documentation Status

.. image:: https://img.shields.io/badge/code%20style-black-000000.svg
    :target: https://github.com/python/black

.. image:: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white
    :target: https://github.com/pre-commit/pre-commit
    :alt: pre-commit

Quickly add security features to your Flask application.

Notes on this repo
------------------
This is a independently maintained version of Flask-Security based on the 3.0.0
version of the `Original <https://github.com/mattupstate/flask-security>`_

Goals
+++++
* Regain momentum for this critical piece of the Flask eco-system. To that end the
  the plan is to put out small, frequent releases starting with pulling the simplest
  and most obvious changes that have already been vetted in the upstream version, as
  well as other pull requests. This was completed with the June 29 2019 3.2.0 release.
* Continue work to get Flask-Security to be usable from Single Page Applications,
  such as those built with Vue and Angular, that have no html forms. This is true as of the 3.3.0
  release.
* Use `OWASP <https://github.com/OWASP/ASVS>`_ to guide best practice and default configurations.
* Be more opinionated and 'batteries' included by reducing reliance on abandoned projects and
  bundling in support for common use cases.
* Follow the `Pallets <https://github.com/pallets>`_ lead on supported versions, documentation
  standards and any other guidelines for extensions that they come up with.
* Continue to add newer authentication/authorization standards:
    * 'Social Auth' integrated (using authlib) (5.1)
    * WebAuthn support (5.0)
    * Two-Factor recovery codes (5.0)
    * First-class support for username as identity (4.1)
    * Support for fresheness decorator to ensure sensitive operations have new authentication (4.0)
    * Support for email normalization and validation (4.0)
    * Unified signin (username, phone, passwordless) feature (3.4)


Contributing
++++++++++++
Issues and pull requests are welcome. Other maintainers are also welcome. Unlike
the original Flask-Security - issue pull requests against the *master* branch.
Please consult these `contributing`_ guidelines.

.. _contributing: https://github.com/Flask-Middleware/flask-security/blob/master/CONTRIBUTING.rst

Installing
----------
Install and update using `pip <https://pip.pypa.io/en/stable/quickstart/>`_:

::

    pip install -U Flask-Security-Too


Resources
---------

- `Documentation <https://flask-security-too.readthedocs.io/>`_
- `Releases <https://pypi.org/project/Flask-Security-Too/>`_
- `Issue Tracker <https://github.com/Flask-Middleware/flask-security/issues>`_
- `Code <https://github.com/Flask-Middleware/flask-security/>`_
Commit History @HEAD

»»
Tree @HEAD (Download .tar.gz)

Commit History @HEAD
