flask-security(一)快速入门

很多例程都是基于flask-sqlalchemy的。

但是我使用sqlalchemy，并没有使用sqlalchemy，看中的也就是flask的灵活性。

暂时写flask的程序，但是为了以后写别的程序方便，我选择了更纯粹的ORM，sqlalchemy。

现在整理一个基于sqlalchemy的例程，算是快速入门吧。

from flask import Flask

from flask_security import Security, SQLAlchemySessionUserDatastore, \

    UserMixin, RoleMixin, login_required, auth_token_required, http_auth_required

from sqlalchemy import create_engine, Boolean, DateTime, \

    Column, Integer, String, ForeignKey

from sqlalchemy.orm import scoped_session, sessionmaker, relationship, backref

from sqlalchemy.ext.declarative import declarative_base

# 创建flask应用

app = Flask(__name__)

app.config['DEBUG'] = True

app.config['SECRET_KEY'] = 'super-secret'

app.config['SECURITY_TRACKABLE'] = True

app.config['SECURITY_REGISTERABLE'] = True

app.config['SECURITY_SEND_REGISTER_EMAIL'] = False

app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///security-dev.sqlite'

app.config['SECURITY_PASSWORD_SALT'] = ''

app.config['SECURITY_PASSWORD_HASH'] = 'sha512_crypt'

# 创建数据库连接

engine = create_engine('sqlite:///test.db', \

                       convert_unicode=True)

db_session = scoped_session(sessionmaker(autocommit=False,

                                         autoflush=False,

                                         bind=engine))

Base = declarative_base()

Base.query = db_session.query_property()

# 创建数据库

def init_db():

    Base.metadata.create_all(bind=engine)

# 创建模型

class RolesUsers(Base):

    __tablename__ = 'roles_users'

    id = Column(Integer(), primary_key=True)

    user_id = Column('user_id', Integer(), ForeignKey('user.id'))

    role_id = Column('role_id', Integer(), ForeignKey('role.id'))

class Role(Base, RoleMixin):

    __tablename__ = 'role'

    id = Column(Integer(), primary_key=True)

    name = Column(String(80), unique=True)

    description = Column(String(255))

class User(Base, UserMixin):

    __tablename__ = 'user'

    id = Column(Integer, primary_key=True)

    email = Column(String(255), unique=True)

    username = Column(String(255))

    password = Column(String(255))

    last_login_at = Column(DateTime())

    current_login_at = Column(DateTime())

    last_login_ip = Column(String(100))

    current_login_ip = Column(String(100))

    login_count = Column(Integer)

    active = Column(Boolean())

    confirmed_at = Column(DateTime())

    roles = relationship('Role', secondary='roles_users',

                         backref=backref('users', lazy='dynamic'))

# 设置flask-security

user_datastore = SQLAlchemySessionUserDatastore(db_session, User, Role)

security = Security(app, user_datastore)

# 创建测试用户

@app.before_first_request

def create_user():

    try:

        db_session.query(User).first()

    except:

        print('初始化数据库')

        init_db()

        print('创建用户')

        user_datastore.create_user(username='matt@nobien.net', password='password')

        print('提交数据')

        db_session.commit()

# 创建视图

@app.route('/')

@login_required

def home():

    return 'you\'re logged in!'

@app.route('/api')  #

@http_auth_required

@auth_token_required

def token_protected():

    return 'you\'re logged in by Token!'

if __name__ == '__main__':

    app.run()

这个示例中创建了权限表，用户表，通过多对多的关系进行了用户权限关联。

如果是小项目，就几个人使用，那么可以使用这样的权限管理。

使用者多的话，就需要RBAC进行权限管理。目前看的是casbin权限管理模块。