Book Image

Flask Framework Cookbook

By : Shalabh Aggarwal
Book Image

Flask Framework Cookbook

By: Shalabh Aggarwal

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Flask Framework Cookbook
Shalabh Aggarwal
Nov, 2014 | 258 pages
No titles found
Table of Contents (19 chapters)
Flask Framework Cookbook
Flask Framework Cookbook
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Flask Configurations
Flask Configurations
Introduction
Environment setup with virtualenv
Handling basic configurations
Class-based settings
Organization of static files
Being deployment specific with instance folders
Composition of views and models
Creating a modular web app with blueprints
Making a Flask app installable using setuptools
2
Templating with Jinja2
Templating with Jinja2
Introduction
Bootstrap layout
Block composition and layout inheritance
Creating a custom context processor
Creating a custom Jinja2 filter
Creating a custom macro for forms
Advanced date and time formatting
3
Data Modeling in Flask
Data Modeling in Flask
Introduction
Creating a SQLAlchemy DB instance
Creating a basic product model
Creating a relational category model
Database migration using Alembic and Flask-Migrate
Model data indexing with Redis
Opting the NoSQL way with MongoDB
4
Working with Views
Working with Views
Introduction
Writing function-based views and URL routes
Class-based views
URL routing and product-based pagination
Rendering to templates
Dealing with XHR requests
Decorator to handle requests beautifully
Creating custom 404 and 500 handlers
Flashing messages for better user feedback
SQL-based searching
5
Webforms with WTForms
Webforms with WTForms
Introduction
SQLAlchemy model data as form representation
Validating fields on the server side
Creating a common forms set
Creating custom fields and validation
Creating a custom widget
Uploading files via forms
Cross-site Request Forgery protection
6
Authenticating in Flask
Authenticating in Flask
Introduction
Simple session-based authentication
Authenticating using the Flask-Login extension
Using OpenID for authentication
Using Facebook for authentication
Using Google for authentication
Using Twitter for authentication
7
RESTful API Building
RESTful API Building
Introduction
Creating a class-based REST interface
Creating an extension-based REST interface
Creating a SQLAlchemy-independent REST API
A complete REST API example
8
Admin Interface for Flask Apps
Admin Interface for Flask Apps
Introduction
Creating a simple CRUD interface
Using the Flask-Admin extension
Registering models with Flask-Admin
Creating custom forms and actions
WYSIWYG for textarea integration
Creating user roles
9
Internationalization and Localization
Internationalization and Localization
Introduction
Adding a new language
Lazy evaluation and the gettext/ngettext functions
Global language-switching action
10
Debugging, Error Handling, and Testing
Debugging, Error Handling, and Testing
Introduction
Setting up basic file logging
Sending e-mails on the occurrence of errors
Using Sentry to monitor exceptions
Debugging with pdb
Creating our first simple test
Writing more tests for views and logic
Nose library integration
Using mocking to avoid real API access
Determining test coverage
Using profiling to find bottlenecks
11
Deployment and Post Deployment
Deployment and Post Deployment
Introduction
Deploying with Apache
Deploying with uWSGI and Nginx
Deploying with Gunicorn and Supervisor
Deploying with Tornado
Using Fabric for deployment
S3 storage for file uploads
Deploying with Heroku
Deploying with AWS Elastic Beanstalk
Application monitoring with Pingdom
Application performance management and monitoring with New Relic
12
Other Tips and Tricks
Other Tips and Tricks
Introduction
Full-text search with Whoosh
Full-text search with Elasticsearch
Working with signals
Using caching with your application
E-mail support for Flask applications
Understanding asynchronous operations
Working with Celery
Index
Index

Cross-site Request Forgery protection

In the first recipe of this chapter, we learned that CSRF is an important part of webform security. We will talk about it in detail now. CSRF stands for Cross-Site Request Forgery, which basically means that someone can hack into the request that carries a cookie and use this to trigger some destructive action. We won't be discussing CSRF in detail here, as ample resources are available on the Internet to learn about this. We will talk about how WTForms will help us in preventing CSRF. Flask does not provide any security from CSRF by default, as this has to be handled at the form validation level, which is not provided by Flask. However, this is done by the Flask-WTF extension for us.

Note

More about CSRF can be read at http://en.wikipedia.org/wiki/Cross-site_request_forgery.

How to do it…

Flask-WTF, by default, provides a form that is CSRF protected. If we have a look at the recipes so far, we will notice that we have explicitly told our form to not be...

Previous Section
End of Chapter 5
Next Chapter