Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
phovea-security-flask
Advanced tools
phovea-security-flask
- Version
- 8.0.0
- Maintainers
- 1
DEPRECATED: phovea_security_flask
Security manager implementation based on Flask-Login. Additionally, a login module is provided that can be used at client-side.
DEPRECATION Information
Please note that this project has been archived and is no longer being maintained. There is an active development under https://github.com/datavisyn/tdp_core and we will also contribute our future changes to it.
Installation
git clone https://github.com/phovea/phovea_security_flask.git
cd phovea_security_flask
npm install
Testing
npm test
Building
npm run build
Default users
| Username | Password |
|---|---|
| admin | admin |
| sam | sam |
Add new users
Config File
New users are added to phovea_security_flask/config.json.
The python script encryptor.py hashes a given password and prints password, salt, and hashed password.
Environment Variables
Alternatively, you can provide users via environment variables:
The UserStore class in phovea_security_flask/dummy_store.py reads all environment variables starting with PHOVEA_USER_ and uses the remainder of the enviroment variable key as username. The environment variable's key has to contain: SALT;HASHED_PW;ROLE1 (multiple roles can be added by seperating them with a semicolon), e.g.:
export PHOVEA_USER_bruce.banner="08c52b567cb947c98be6de6e9ad3919f;2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7;avenger;scientist
Defines the following user:
- Username:
bruce.banner - Salt:
08c52b567cb947c98be6de6e9ad3919f - Hashed password:
2c946ca1b8574d506ee5e7b3b22e350bc8c93b9df647d17e4429e727529c63a62d1fb274ca5a7499bd33c0844e437631728ee9fcba14b41204f21ec8cda523f7 - Roles:
avenger, scientist
NOTE: User credentials defined as environment variables override all users defined in the config.json. This behaviour can be used to define development users inside the config.json, and provide users for production via environment variables when deployed.
This repository is part of Phovea, a platform for developing web-based visualization applications. For tutorials, API docs, and more information about the build and deployment process, see the documentation page.
FAQs
Unknown package
We found that phovea-security-flask demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025
Security News
Meet Socket at Black Hat Europe and BSides London 2025
Socket is heading to London! Stop by our booth or schedule a meeting to see what we've been working on.
By Anders Søndergaard - Nov 11, 2025