You're reading from Mastering Flask Web and API Development Build and deploy production-ready Flask apps seamlessly across web, APIs, and mobile platforms

Product type Paperback

Published in Aug 2024

Publisher Packt

ISBN-13 9781837633227

Length 494 pages

Edition 1st Edition

Languages

Python

Tools

Flask

Concepts

Big Data

Author (1):

Sherwin John C. Tragura

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1:Learning the Flask 3.x Framework

2. Chapter 1: A Deep Dive into the Flask Framework FREE CHAPTER

3. Chapter 2: Adding Advanced Core Features

4. Chapter 3: Creating REST Web Services

5. Chapter 4: Utilizing Flask Extensions

6. Part 2:Building Advanced Flask 3.x Applications

7. Chapter 5: Building Asynchronous Transactions

8. Chapter 6: Developing Computational and Scientific Applications

9. Chapter 7: Using Non-Relational Data Storage

10. Chapter 8: Building Workflows with Flask

11. Chapter 9: Securing Flask Applications

12. Part 3:Testing, Deploying, and Building Enterprise-Grade Applications

13. Chapter 10: Creating Test Cases for Flask

14. Chapter 11: Deploying Flask Applications

15. Chapter 12: Integrating Flask with Other Tools and Frameworks

16. Index

Why subscribe?

17. Other Books You May Enjoy

Managing user credentials

The most common procedure for protecting any application from attacks is to control access to the user’s sensitive details, such as their username and password. Direct use of saved raw user credentials for login validation will not protect the application from attacks unless the application derives passphrases from the passwords, saves them into the database, and applies them for user validation instead.

This topic will cover password hashing using Hashlib and Bcrypt, password encryption using symmetric cryptography, and utilizing the sqlalchemy_utils module for the seamless and automatic encryption of sensitive data.

Encrypting user passwords

Generating a passphrase from the username and password of the user is the typical and easiest way to protect the application from attackers who want to crack down or hack a user account. In Flask, there are two ways to generate a passphrase from user credentials: