Socket
Socket
Sign inDemoInstall

Flask-Consent

Package Overview
Dependencies
1
Maintainers
1
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

    Flask-Consent

Handle user (cookie) consent in Flask projects


Maintainers
1

Readme

GitHub Workflow Status Codacy branch grade Codacy branch coverage PyPI - Python Version PyPI - Status PyPI GitHub

About

Flask-Consent is a Flask extension that helps you handle user (cookie) consent in Flask projects.

Installation

Simply run:

pip install Flask-Consent

Usage

The most basic usage:

from flask import Flask
from flask_consent import Consent

app = Flask(__name__)
app.config['CONSENT_FULL_TEMPLATE'] = 'consent.html'
app.config['CONSENT_BANNER_TEMPLATE'] = 'consent_banner.html'
consent = Consent(app)
consent.add_standard_categories()

And add this somewhere in your Jinja2 templates: {{ flask_consent_code() }}

The add_standard_categories() adds three common categories of consent: Required, Preferences and Analytics. If you want to use your own you can simply replace that call by calls to add_category().

Use request.consent in order to act based on the given consent. For example:

from flask import request

if request.consent['required']:
    pass

Multiple domains

This package actually supports sites that are present on multiple top-level domains. Since it's not possible to set a single cookie for them this extension instead does AJAX calls to a "primary" domain in order to synchronize the state between the domains and prevent having to show the user an annoying banner multiple times. To enable this simply add the following code:

@consent.domain_loader
def domain_loader():
    return ['primary.tld', 'secondary.tld', 'extra.tld']

The primary domain used is determined using the CONSENT_PRIMARY_SERVERNAME configuration option, which by default is set to SERVER_NAME.

Configuration

OptionDefaultDescription
CONSENT_FULL_TEMPLATENoneThe template that renders the full consent page
CONSENT_BANNER_TEMPLATENoneThe template that renders the consent banner
CONSENT_CONTACT_MAILNoneAn e-mail adress that users can send questions regarding consent to
CONSENT_COOKIE_NAME_consentThe name of the cookie that stores the consent given
CONSENT_VALID_FOR_MONTHS12The number of months we wait before asking for consent again
CONSENT_PRIMARY_SERVERNAMESERVER_NAMEThe primary domain name, used for multi-domain deployments
CONSENT_PATH/consentThe path used both for accessing consent information and for AJAX calls

Templates

The templates gets access to the variables flask_consent_categories (a list fo the categories) and flask_consent_contact_mail (populated from the similarly named configuration option).

Somewhere in the template you will usually be adding a set of checkboxes:

<input type="checkbox" id="category_{{ category.name }}"
       {% if category.default %}checked="checked"{% endif %}
       {% if category.is_required %}disabled="disabled"{% endif %}
       name="flask_consent_category" value="{{ category.name }}"/>
<label for="category_{{ category.name }}">{{ category.title }}</label>

Note: The name="flask_consent_category" should not be changed, as it is used internally.

(only use category.default in the banner template, in the full template you should replace it by request.consent[category])

Development and Testing

  1. Get the code: git clone https://github.com/02JanDal/Flask-Consent.git
  2. Do your changes
  3. Test the result: tox -e py

FAQs


Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc