Comments (6)
I'm using permissions and needs and adding the needs in the same place:
def identity_loader(payload):
"""Return user object referred to in payload."""
username = payload["identity"]["username"] or None
current_user = User(username=username)
identity = Identity(username)
if hasattr(current_user, "roles"):
for role in current_user.roles:
identity.provides.add(RoleNeed(role))
identity_changed.send(current_app._get_current_object(),
identity=identity)
return current_user
curator_permission = Permission(RoleNeed("Curator"))
curator_permission.description = "User must be a Curator"
@app.route("/projectEdit/<projectID>/<tableName>", methods=["POST"])
@jwt_required()
@curator_permission.require(http_exception=403)
def projectEdit(projectID, tableName):
""" Update specified table for specified project."""
Just make sure that @jwt_required()
comes ahead of the permission.
from flask-principal.
Here is how I do it:
JWT(app, authenticate, identity_loader)
def identity_loader(payload):
user_id = payload['identity']
try:
current_user = User.query.filter_by(id=user_id).first()
identity_changed.send(current_app._get_current_object(),
identity=Identity(user_id))
except Exception as e:
db_session.rollback()
db_session.flush()
raise e
return current_user
from flask-principal.
Is there any documentation on how to do this now ?
Wanted to do the same thing and was hoping to read up on it :)
from flask-principal.
I'm also interested in this.
@mattupstate can you just provide a general overview how one would approach using flask-princpal with flask-jwt? Thanks!
from flask-principal.
If this would still be valued, I'm going to tackle it over the next few weeks or so. I could write it up and do a PR if all goes well.
from flask-principal.
Would the following be a good identity loader as well?
@principal.identity_loader
def _identity_loader():
if hasattr(current_user, 'id'):
return Identity(current_user.id)
@user_loaded_from_request.connect_via(app)
def on_user_loaded_from_request(sender, user):
identity_changed.send(
flask.current_app._get_current_object(),
identity=Identity(user.id)
)
@identity_loaded.connect
def on_identity_loaded(sender, identity):
# Set the identity user object
identity.user = current_user
if not hasattr(current_user, 'id'):
return
# Add the UserNeed to the identity
identity.provides.add(UserNeed(current_user.id))
for role in current_user.roles:
identity.provides.add(RoleNeed(role.name))
Not quite sure why it's necessary to add an identity loader as Identity
is already being instantiated in the user_loaded_from_request
function when sending the identity_changed
signal and I check for the presence of id
in the identity_loaded
function already but otherwise it doesn't work.
from flask-principal.
Related Issues (20)
- Lazy load Identity object HOT 4
- Flask 0.10.1, app_context and "_AppCtxGlobals object has no 'identity'" HOT 4
- Errors in the examples provided by the docs induced by latest changes HOT 3
- Mongo based sessions do not allow dots as key names HOT 1
- Typo in docs
- Small mistake in test_principal.py
- Update Flask-Login example to use Signals
- Intersection of required and provided needs is not sufficient HOT 6
- Is this library maintained? HOT 10
- Struggling with using `http_exception=` HOT 4
- Add classifiers for supported python versions
- deque mutated during iteration
- Fixed per-role permissions HOT 1
- LICENSE file is missing on pypi
- Make `use_sessions` and `skip_static` configurable
- is this project dead? HOT 12
- Issue with classes in sets
- skip_static only whitelists the app's static endpoint, not those from blueprints
- use mongoengine
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from flask-principal.