Flask-Consent is a Flask extension that helps you handle user (cookie) consent in Flask projects.
Simply run:
pip install Flask-Consent
The most basic usage:
from flask import Flask
from flask_consent import Consent
app = Flask(__name__)
app.config['CONSENT_FULL_TEMPLATE'] = 'consent.html'
app.config['CONSENT_BANNER_TEMPLATE'] = 'consent_banner.html'
consent = Consent(app)
consent.add_standard_categories()
And add this somewhere in your Jinja2 templates: {{ flask_consent_code() }}
The add_standard_categories() adds three common categories of consent: Required, Preferences and Analytics.
If you want to use your own you can simply replace that call by calls to add_category().
Use request.consent in order to act based on the given consent. For example:
from flask import request
if request.consent['required']:
pass
This package actually supports sites that are present on multiple top-level domains. Since it's not possible to set a single cookie for them this extension instead does AJAX calls to a "primary" domain in order to synchronize the state between the domains and prevent having to show the user an annoying banner multiple times. To enable this simply add the following code:
@consent.domain_loader
def domain_loader():
return ['primary.tld', 'secondary.tld', 'extra.tld']
The primary domain used is determined using the CONSENT_PRIMARY_SERVERNAME configuration option,
which by default is set to SERVER_NAME.
| Option | Default | Description |
|---|---|---|
CONSENT_FULL_TEMPLATE | None | The template that renders the full consent page |
CONSENT_BANNER_TEMPLATE | None | The template that renders the consent banner |
CONSENT_CONTACT_MAIL | None | An e-mail adress that users can send questions regarding consent to |
CONSENT_COOKIE_NAME | _consent | The name of the cookie that stores the consent given |
CONSENT_VALID_FOR_MONTHS | 12 | The number of months we wait before asking for consent again |
CONSENT_PRIMARY_SERVERNAME | SERVER_NAME | The primary domain name, used for multi-domain deployments |
CONSENT_PATH | /consent | The path used both for accessing consent information and for AJAX calls |
The templates gets access to the variables flask_consent_categories (a list fo the categories) and flask_consent_contact_mail
(populated from the similarly named configuration option).
Somewhere in the template you will usually be adding a set of checkboxes:
<input type="checkbox" id="category_{{ category.name }}"
{% if category.default %}checked="checked"{% endif %}
{% if category.is_required %}disabled="disabled"{% endif %}
name="flask_consent_category" value="{{ category.name }}"/>
<label for="category_{{ category.name }}">{{ category.title }}</label>
Note: The name="flask_consent_category" should not be changed, as it is used internally.
(only use category.default in the banner template, in the full template you should replace it by request.consent[category])
git clone https://github.com/02JanDal/Flask-Consent.gittox -e pyFAQs
Handle user (cookie) consent in Flask projects
We found that Flask-Consent demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.