很多例程都是基於flask-sqlalchemy的。
但是我使用sqlalchemy,並沒有使用sqlalchemy,看中的也就是flask的靈活性。
暫時寫flask的程序,但是為了以后寫別的程序方便,我選擇了更純粹的ORM,sqlalchemy。
現在整理一個基於sqlalchemy的例程,算是快速入門吧。
from flask import Flask from flask_security import Security, SQLAlchemySessionUserDatastore, \ UserMixin, RoleMixin, login_required, auth_token_required, http_auth_required from sqlalchemy import create_engine, Boolean, DateTime, \ Column, Integer, String, ForeignKey from sqlalchemy.orm import scoped_session, sessionmaker, relationship, backref from sqlalchemy.ext.declarative import declarative_base # 創建flask應用 app = Flask(__name__) app.config['DEBUG'] = True app.config['SECRET_KEY'] = 'super-secret' app.config['SECURITY_TRACKABLE'] = True app.config['SECURITY_REGISTERABLE'] = True app.config['SECURITY_SEND_REGISTER_EMAIL'] = False app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///security-dev.sqlite' app.config['SECURITY_PASSWORD_SALT'] = '951623847' app.config['SECURITY_PASSWORD_HASH'] = 'sha512_crypt' # 創建數據庫連接 engine = create_engine('sqlite:///test.db', \ convert_unicode=True) db_session = scoped_session(sessionmaker(autocommit=False, autoflush=False, bind=engine)) Base = declarative_base() Base.query = db_session.query_property() # 創建數據庫 def init_db(): Base.metadata.create_all(bind=engine) # 創建模型 class RolesUsers(Base): __tablename__ = 'roles_users' id = Column(Integer(), primary_key=True) user_id = Column('user_id', Integer(), ForeignKey('user.id')) role_id = Column('role_id', Integer(), ForeignKey('role.id')) class Role(Base, RoleMixin): __tablename__ = 'role' id = Column(Integer(), primary_key=True) name = Column(String(80), unique=True) description = Column(String(255)) class User(Base, UserMixin): __tablename__ = 'user' id = Column(Integer, primary_key=True) email = Column(String(255), unique=True) username = Column(String(255)) password = Column(String(255)) last_login_at = Column(DateTime()) current_login_at = Column(DateTime()) last_login_ip = Column(String(100)) current_login_ip = Column(String(100)) login_count = Column(Integer) active = Column(Boolean()) confirmed_at = Column(DateTime()) roles = relationship('Role', secondary='roles_users', backref=backref('users', lazy='dynamic')) # 設置flask-security user_datastore = SQLAlchemySessionUserDatastore(db_session, User, Role) security = Security(app, user_datastore) # 創建測試用戶 @app.before_first_request def create_user(): try: db_session.query(User).first() except: print('初始化數據庫') init_db() print('創建用戶') user_datastore.create_user(username='matt@nobien.net', password='password') print('提交數據') db_session.commit() # 創建視圖 @app.route('/') @login_required def home(): return 'you\'re logged in!' @app.route('/api') # @http_auth_required @auth_token_required def token_protected(): return 'you\'re logged in by Token!' if __name__ == '__main__': app.run()
這個示例中創建了權限表,用戶表,通過多對多的關系進行了用戶權限關聯。
如果是小項目,就幾個人使用,那么可以使用這樣的權限管理。
使用者多的話,就需要RBAC進行權限管理。目前看的是casbin權限管理模塊。