Configuration¶
The following configuration values are used by Flask-Security:
Core¶
|
Specifies the name for the
Flask-Security blueprint. Defaults to
|
|
Specifies the name for the command
managing users. Disable by setting
|
|
Specifies the name for the command
managing roles. Disable by setting
|
|
Specifies the URL prefix for the
Flask-Security blueprint. Defaults to
|
|
Specifies the subdomain for the
Flask-Security blueprint. Defaults to
|
|
Specifies whether or not to flash
messages during security procedures.
Defaults to |
|
Specifies the name for domain
used for translations.
Defaults to |
|
Specifies the directory containing the
|
|
Specifies the password hash algorithm to
use when hashing passwords. Recommended
values for production systems are
|
|
Specifies the HMAC salt. Defaults to
|
|
Specifies that passwords should only be
hashed once. By default, passwords are
hashed twice, first with
|
|
List of algorithms used for
creating and validating tokens.
Defaults to |
|
List of deprecated algorithms used for
creating and validating tokens.
Defaults to |
|
Specifies additional options to be passed to the hashing method. |
|
Specifies the email address to send
emails as. Defaults to value set
to |
|
Specifies the query string parameter to
read when using token authentication.
Defaults to |
|
Specifies the HTTP header to read when
using token authentication. Defaults to
|
|
Specifies the number of seconds before an authentication token expires. Defaults to None, meaning the token never expires. |
|
Specifies the default authentication
realm when using basic HTTP auth.
Defaults to |
URLs and Views¶
|
Specifies the login URL. Defaults to |
|
Specifies the logout URL. Defaults to
|
|
Specifies the register URL. Defaults to
|
|
Specifies the password reset URL. Defaults to
|
|
Specifies the password change URL. Defaults to
|
|
Specifies the email confirmation URL. Defaults
to |
|
Specifies the default view to redirect to after
a user logs in. This value can be set to a URL
or an endpoint name. Defaults to |
|
Specifies the default view to redirect to after
a user logs out. This value can be set to a URL
or an endpoint name. Defaults to |
|
Specifies the view to redirect to if a
confirmation error occurs. This value can be set
to a URL or an endpoint name. If this value is
|
|
Specifies the view to redirect to after a user
successfully registers. This value can be set to
a URL or an endpoint name. If this value is
|
|
Specifies the view to redirect to after a user
successfully confirms their email. This value
can be set to a URL or an endpoint name. If this
value is |
|
Specifies the view to redirect to after a user
successfully resets their password. This value
can be set to a URL or an endpoint name. If this
value is |
|
Specifies the view to redirect to after a user
successfully changes their password. This value
can be set to a URL or an endpoint name. If this
value is |
|
Specifies the view to redirect to if a user
attempts to access a URL/endpoint that they do
not have permission to access. If this value is
|
Template Paths¶
|
Specifies the path to the template for
the forgot password page. Defaults to
|
|
Specifies the path to the template for
the user login page. Defaults to
|
|
Specifies the path to the template for
the user registration page. Defaults to
|
|
Specifies the path to the template for
the reset password page. Defaults to
|
|
Specifies the path to the template for
the change password page. Defaults to
|
|
Specifies the path to the template for
the resend confirmation instructions
page. Defaults to
|
|
Specifies the path to the template for
the send login instructions page for
passwordless logins. Defaults to
|
Feature Flags¶
|
Specifies if users are required to confirm their email
address when registering a new account. If this value
is True, Flask-Security creates an endpoint to handle
confirmations and requests to resend confirmation
instructions. The URL for this endpoint is specified
by the |
|
Specifies if Flask-Security should create a user
registration endpoint. The URL for this endpoint is
specified by the |
|
Specifies if Flask-Security should create a password
reset/recover endpoint. The URL for this endpoint is
specified by the |
|
Specifies if Flask-Security should track basic user
login statistics. If set to |
|
Specifies if Flask-Security should enable the
change password endpoint. The URL for this endpoint is
specified by the |
Email¶
|
Sets the subject for the
confirmation email. Defaults
to |
|
Sets the subject for the
passwordless feature. Defaults
to |
|
Sets subject for the password
notice. Defaults to |
|
Sets the subject for the
password reset email. Defaults
to |
|
Sets the subject for the
password change notice.
Defaults to |
|
Sets the subject for the email
confirmation message. Defaults
to |
|
Sends email as plaintext using
|
|
Sends email as HTML using
|
Miscellaneous¶
|
Specifies which attributes of the
user object can be used for login.
Defaults to |
|
Specifies whether registration
email is sent. Defaults to
|
|
Specifies whether password change
email is sent. Defaults to
|
|
Specifies whether password reset
email is sent. Defaults to
|
|
Specifies whether password reset
notice email is sent. Defaults to
|
|
Specifies the amount of time a
user has before their confirmation
link expires. Always pluralized
the time unit for this value.
Defaults to |
|
Specifies the amount of time a
user has before their password
reset link expires. Always
pluralized the time unit for this
value. Defaults to |
|
Specifies the amount of time a
user has before a login link
expires. This is only used when
the passwordless login feature is
enabled. Always pluralized the
time unit for this value.
Defaults to |
|
Specifies if a user may login
before confirming their email when
the value of
|
|
Specifies the salt value when
generating confirmation
links/tokens. Defaults to
|
|
Specifies the salt value when
generating password reset
links/tokens. Defaults to
|
|
Specifies the salt value when
generating login links/tokens.
Defaults to |
|
Specifies the default datetime
factory. Defaults to
|
Messages¶
The following are the messages Flask-Security uses. They are tuples; the first element is the message and the second element is the error level.
The default messages and error levels can be found in core.py
.
SECURITY_MSG_ALREADY_CONFIRMED
SECURITY_MSG_CONFIRMATION_EXPIRED
SECURITY_MSG_CONFIRMATION_REQUEST
SECURITY_MSG_CONFIRMATION_REQUIRED
SECURITY_MSG_CONFIRM_REGISTRATION
SECURITY_MSG_DISABLED_ACCOUNT
SECURITY_MSG_EMAIL_ALREADY_ASSOCIATED
SECURITY_MSG_EMAIL_CONFIRMED
SECURITY_MSG_EMAIL_NOT_PROVIDED
SECURITY_MSG_FORGOT_PASSWORD
SECURITY_MSG_INVALID_CONFIRMATION_TOKEN
SECURITY_MSG_INVALID_EMAIL_ADDRESS
SECURITY_MSG_INVALID_LOGIN_TOKEN
SECURITY_MSG_INVALID_PASSWORD
SECURITY_MSG_INVALID_REDIRECT
SECURITY_MSG_INVALID_RESET_PASSWORD_TOKEN
SECURITY_MSG_LOGIN
SECURITY_MSG_LOGIN_EMAIL_SENT
SECURITY_MSG_LOGIN_EXPIRED
SECURITY_MSG_PASSWORD_CHANGE
SECURITY_MSG_PASSWORD_INVALID_LENGTH
SECURITY_MSG_PASSWORD_IS_THE_SAME
SECURITY_MSG_PASSWORD_MISMATCH
SECURITY_MSG_PASSWORD_NOT_PROVIDED
SECURITY_MSG_PASSWORD_NOT_SET
SECURITY_MSG_PASSWORD_RESET
SECURITY_MSG_PASSWORD_RESET_EXPIRED
SECURITY_MSG_PASSWORD_RESET_REQUEST
SECURITY_MSG_REFRESH
SECURITY_MSG_RETYPE_PASSWORD_MISMATCH
SECURITY_MSG_UNAUTHORIZED
SECURITY_MSG_USER_DOES_NOT_EXIST