What's the common approach of adding access control to a blueprint in Flask?
For example I have a blueprint called admin
with url_prefix='/admin'
How do I force all views under /admin
must be authenticated superuser first?
To use any Flask Blueprint, you have to import it and then register it in the application using register_blueprint() . When a Flask Blueprint is registered, the application is extended with its contents. While the application is running, go to http://localhost:5000 using your web browser.
You don't have to use blueprints. Just import current_app as app in your routes.py (or views.py, whatever) and you are free to go.
A Flask blueprint helps you to create reusable instances of your application. It does so by organizing your project in modules. Those modules are then registered the main application. They help in creating an application factory.
Found it http://flask.pocoo.org/snippets/59/
from flask import Blueprint
from flask import redirect, request
from google.appengine.api import users
bp = Blueprint('admin', __name__)
@bp.before_request
def restrict_bp_to_admins():
if not users.is_current_user_admin():
return redirect(users.create_login_url(request.url))
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With