phovea-security-flask
Advanced tools
Security manager implementation based on Flask-Login. Additionally, a login module is provided that can be used at client-side.
Please note that this project has been archived and is no longer being maintained. There is an active development under https://github.com/datavisyn/tdp_core and we will also contribute our future changes to it.
git clone https://github.com/phovea/phovea_security_flask.git
cd phovea_security_flask
npm install
npm test
npm run build
| Username | Password |
|---|---|
| admin | admin |
| sam | sam |
New users are added to phovea_security_flask/config.json.
The python script encryptor.py hashes a given password and prints password, salt, and hashed password.
Alternatively, you can provide users via environment variables:
The UserStore class in phovea_security_flask/dummy_store.py reads all environment variables starting with PHOVEA_USER_ and uses the remainder of the enviroment variable key as username. The environment variable's key has to contain: SALT;HASHED_PW;ROLE1 (multiple roles can be added by seperating them with a semicolon), e.g.:
export PHOVEA_USER_bruce.banner="08c52b567cb947c98be6de6e9ad3919f;2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7;avenger;scientist
Defines the following user:
bruce.banner08c52b567cb947c98be6de6e9ad3919f2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7avenger, scientistNOTE: User credentials defined as environment variables override all users defined in the config.json. This behaviour can be used to define development users inside the config.json, and provide users for production via environment variables when deployed.
This repository is part of Phovea, a platform for developing web-based visualization applications. For tutorials, API docs, and more information about the build and deployment process, see the documentation page.
FAQs
Unknown package
We found that phovea-security-flask demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OWASP’s 2025 Top 10 introduces Software Supply Chain Failures as a new category, reflecting rising concern over dependency and build system risks.
Research
/Security News
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.