diff --git a/flask_security/core.py b/flask_security/core.py
index cfa9d0b..7fffed3 100644
--- a/flask_security/core.py
+++ b/flask_security/core.py
@@ -142,25 +142,34 @@ def _get_pwd_context(app):
return CryptContext(schemes=[pw_hash], default=pw_hash)
-def _get_serializer(app, salt):
- secret_key = app.config.get('SECRET_KEY', 'secret-key')
+def _get_serializer(app, name):
+ secret_key = app.config.get('SECRET_KEY')
+ salt = app.config.get('SECURITY_%s_SALT' % name.upper())
return URLSafeTimedSerializer(secret_key=secret_key, salt=salt)
-def _get_remember_token_serializer(app):
- return _get_serializer(app, app.config['SECURITY_REMEMBER_SALT'])
+def _get_state(app, datastore, **kwargs):
+ for key, value in get_config(app).items():
+ kwargs[key.lower()] = value
+
+ kwargs.update(dict(
+ app=app,
+ datastore=datastore,
+ login_manager=_get_login_manager(app),
+ principal=_get_principal(app),
+ pwd_context=_get_pwd_context(app),
+ context_processors={},
+ remember_token_serializer=_get_serializer(app, 'remember'),
+ login_serializer=_get_serializer(app, 'login'),
+ reset_serializer=_get_serializer(app, 'reset'),
+ confirm_serializer=_get_serializer(app, 'confirm')
+ ))
+
+ return _SecurityState(**kwargs)
-def _get_reset_serializer(app):
- return _get_serializer(app, app.config['SECURITY_RESET_SALT'])
-
-
-def _get_confirm_serializer(app):
- return _get_serializer(app, app.config['SECURITY_CONFIRM_SALT'])
-
-
-def _get_login_serializer(app):
- return _get_serializer(app, app.config['SECURITY_LOGIN_SALT'])
+def _context_processor():
+ return dict(url_for_security=url_for_security, security=_security)
class RoleMixin(object):
@@ -272,7 +281,7 @@ class Security(object):
if app is not None and datastore is not None:
self._state = self.init_app(app, datastore, **kwargs)
- def init_app(self, app, datastore=None, register_blueprint=True, **kwargs):
+ def init_app(self, app, datastore=None):
"""Initializes the Flask-Security extension for the specified
application and datastore implentation.
@@ -289,48 +298,12 @@ class Security(object):
identity_loaded.connect_via(app)(_on_identity_loaded)
- if register_blueprint:
- name = cv('BLUEPRINT_NAME', app=app)
- url_prefix = cv('URL_PREFIX', app=app)
- bp = create_blueprint(app, name, __name__,
- url_prefix=url_prefix,
- template_folder='templates')
- app.register_blueprint(bp)
-
- state = self._get_state(app, datastore, **kwargs)
-
+ state = _get_state(app, datastore)
+ app.register_blueprint(create_blueprint(state, __name__))
+ app.context_processor(_context_processor)
app.extensions['security'] = state
- app.context_processor(lambda: dict(url_for_security=url_for_security,
- security=state))
-
return state
- def _get_state(self, app, datastore, **kwargs):
- assert app is not None
- assert datastore is not None
-
- for key, value in get_config(app).items():
- kwargs[key.lower()] = value
-
- for key, value in [
- ('app', app),
- ('datastore', datastore),
- ('login_manager', _get_login_manager(app)),
- ('principal', _get_principal(app)),
- ('pwd_context', _get_pwd_context(app)),
- ('remember_token_serializer', _get_remember_token_serializer(app)),
- ('context_processors', {})]:
- kwargs[key] = value
-
- kwargs['login_serializer'] = (
- _get_login_serializer(app) if kwargs['passwordless'] else None)
- kwargs['reset_serializer'] = (
- _get_reset_serializer(app) if kwargs['recoverable'] else None)
- kwargs['confirm_serializer'] = (
- _get_confirm_serializer(app) if kwargs['confirmable'] else None)
-
- return _SecurityState(**kwargs)
-
def __getattr__(self, name):
return getattr(self._state, name, None)
diff --git a/flask_security/decorators.py b/flask_security/decorators.py
index e61b41c..57095cb 100644
--- a/flask_security/decorators.py
+++ b/flask_security/decorators.py
@@ -22,8 +22,6 @@ from . import utils
# Convenient references
_security = LocalProxy(lambda: current_app.extensions['security'])
-_logger = LocalProxy(lambda: current_app.logger)
-
_default_unauthorized_html = """
Unauthorized
@@ -129,8 +127,6 @@ def roles_required(*roles):
perms = [Permission(RoleNeed(role)) for role in roles]
for perm in perms:
if not perm.can():
- _logger.debug('Identity does not provide the '
- 'roles: %s' % [r for r in roles])
return _get_unauthorized_view()
return fn(*args, **kwargs)
return decorated_view
@@ -157,10 +153,6 @@ def roles_accepted(*roles):
perm = Permission(*[RoleNeed(role) for role in roles])
if perm.can():
return fn(*args, **kwargs)
- r1 = [r for r in roles]
- r2 = [r.name for r in current_user.roles]
- _logger.debug('Current user does not provide a required role. '
- 'Accepted: %s Provided: %s' % (r1, r2))
return _get_unauthorized_view()
return decorated_view
return wrapper
diff --git a/flask_security/utils.py b/flask_security/utils.py
index 428c53a..fc67e1d 100644
--- a/flask_security/utils.py
+++ b/flask_security/utils.py
@@ -37,9 +37,6 @@ _datastore = LocalProxy(lambda: _security.datastore)
_pwd_context = LocalProxy(lambda: _security.pwd_context)
-_logger = LocalProxy(lambda: current_app.logger)
-
-
def anonymous_user_required(f):
@wraps(f)
def wrapper(*args, **kwargs):
diff --git a/flask_security/views.py b/flask_security/views.py
index e03898c..7d94735 100644
--- a/flask_security/views.py
+++ b/flask_security/views.py
@@ -243,45 +243,45 @@ def reset_password(token):
**_ctx('reset_password'))
-def create_blueprint(app, name, import_name, **kwargs):
+def create_blueprint(state, import_name):
"""Creates the security extension blueprint"""
- bp = Blueprint(name, import_name, **kwargs)
+ bp = Blueprint(state.blueprint_name, import_name,
+ url_prefix=state.url_prefix,
+ template_folder='templates')
- if config_value('PASSWORDLESS', app=app):
- bp.route(config_value('LOGIN_URL', app=app),
+ bp.route(state.logout_url, endpoint='logout')(logout)
+
+ if state.passwordless:
+ bp.route(state.login_url,
methods=['GET', 'POST'],
endpoint='login')(send_login)
-
- bp.route(config_value('LOGIN_URL', app=app) + '/',
+ bp.route(state.login_url + '/',
methods=['GET'],
endpoint='token_login')(token_login)
else:
- bp.route(config_value('LOGIN_URL', app=app),
+ bp.route(state.login_url,
methods=['GET', 'POST'],
endpoint='login')(login)
- bp.route(config_value('LOGOUT_URL', app=app),
- endpoint='logout')(logout)
-
- if config_value('REGISTERABLE', app=app):
- bp.route(config_value('REGISTER_URL', app=app),
+ if state.registerable:
+ bp.route(state.register_url,
methods=['GET', 'POST'],
endpoint='register')(register)
- if config_value('RECOVERABLE', app=app):
- bp.route(config_value('RESET_URL', app=app),
+ if state.recoverable:
+ bp.route(state.reset_url,
methods=['GET', 'POST'],
endpoint='forgot_password')(forgot_password)
- bp.route(config_value('RESET_URL', app=app) + '/',
+ bp.route(state.reset_url + '/',
methods=['GET', 'POST'],
endpoint='reset_password')(reset_password)
- if config_value('CONFIRMABLE', app=app):
- bp.route(config_value('CONFIRM_URL', app=app),
+ if state.confirmable:
+ bp.route(state.confirm_url,
methods=['GET', 'POST'],
endpoint='send_confirmation')(send_confirmation)
- bp.route(config_value('CONFIRM_URL', app=app) + '/',
+ bp.route(state.confirm_url + '/',
methods=['GET', 'POST'],
endpoint='confirm_email')(confirm_email)