Welcome to Flask-Security

Flask-Security: add a drop of security to your Flask application.

Flask-Security allows you to quickly add common security mechanisms to your Flask application. They include:

  1. Session based authentication
  2. Role and Permission management
  3. Password hashing
  4. Basic HTTP authentication
  5. Token based authentication
  6. Token based account activation (optional)
  7. Token based password recovery / resetting (optional)
  8. Two-factor authentication (optional/alpha)
  9. Unified sign in (optional)
  10. User registration (optional)
  11. Login tracking (optional)
  12. JSON/Ajax Support

Many of these features are made possible by integrating various Flask extensions and libraries. They include:

  1. Flask-Login
  2. Flask-Mail
  3. Flask-Principal
  4. Flask-WTF
  5. itsdangerous
  6. passlib
  7. PyQRCode

Additionally, it assumes you’ll be using a common library for your database connections and model definitions. Flask-Security supports the following Flask extensions out of the box for data persistence:

  1. Flask-SQLAlchemy
  2. Flask-MongoEngine
  3. Peewee Flask utils
  4. PonyORM