Book Image

Flask Framework Cookbook - Second Edition

By : Shalabh Aggarwal
Book Image

Flask Framework Cookbook - Second Edition

By: Shalabh Aggarwal

Overview of this book

Flask, the lightweight Python web framework, is popular thanks to its powerful modular design that lets you build scalable web apps. With this recipe-based guide, you’ll explore modern solutions and best practices for Flask web development. Updated to the latest version of Flask and Python 3, this second edition of Flask Framework Cookbook moves away from some of the old and obsolete libraries and introduces new recipes on cutting-edge technologies. You’ll discover different ways of using Flask to create, deploy, and manage microservices. This Flask Python book starts by covering the different configurations that a Flask application can make use of, and then helps you work with templates and learn about the ORM and view layers. You’ll also be able to write an admin interface and get to grips with debugging and logging errors. Finally, you’ll learn a variety of deployment and post-deployment techniques for platforms such as Apache, Tornado, and Heroku. By the end of this book, you’ll have gained all the knowledge you need to confidently write Flask applications and scale them using standard industry practices.

Related Content you might be interested in

Current Title:

Small book image
Flask Framework Cookbook - Second Edition
Shalabh Aggarwal
Jul, 2019 | 302 pages
Small book image
Mastering Flask Web Development
Jack Stouffer | Daniel Gaspar
Oct, 2018 | 332 pages
Small book image
Building Serverless Python Web Services with Zappa
Abdulwahid Abdulhaque Barguzar
Jul, 2018 | 324 pages
Small book image
Machine Learning Automation with TPOT
Dario Radečić
May, 2021 | 270 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Sections
Get in touch
Free Chapter
1
Flask Configurations
Flask Configurations
Setting up our environment with virtualenv
Handling basic configurations
Configuring using class-based settings
Organizing static files
Being deployment-specific with instance folders
Composition of views and models
Creating a modular web app with blueprints
Making a Flask app installable using setuptools
2
Templating with Jinja2
Templating with Jinja2
Bootstrapping the recommended layout
Implementing block composition and layout inheritance
Creating a custom context processor
Creating a custom Jinja2 filter
Creating a custom macro for forms
Advanced date and time formatting
3
Data Modeling in Flask
Data Modeling in Flask
Creating an SQLAlchemy DB instance
Creating a basic product model
Creating a relational category model
Migrating databases using Alembic and Flask-Migrate
Indexing model data with Redis
Opting for the NoSQL way with MongoDB
4
Working with Views
Working with Views
Writing function-based views and URL routes
Writing class-based views
Implementing URL routing and product-based pagination
Rendering to templates
Dealing with XHR requests
Using decorators to handle requests beautifully
Creating custom 404 and 500 handlers
Flashing messages for better user feedback
Implementing SQL-based searching
5
Webforms with WTForms
Webforms with WTForms
Representing SQLAlchemy model data as a form
Validating fields on the server side
Creating a common forms set
Creating custom fields and validation
Creating a custom widget
Uploading files via forms
Protecting applications from cross-site request forgery (CSRF)
6
Authenticating in Flask
Authenticating in Flask
Creating a simple session-based authentication
Authenticating using the Flask-Login extension
Using Facebook for authentication
Using Google for authentication
Using Twitter for authentication
Authenticating with LDAP
7
RESTful API Building
RESTful API Building
Creating a class-based REST interface
Creating an extension-based REST interface
Creating a complete RESTful API
8
Admin Interface for Flask Apps
Admin Interface for Flask Apps
Creating a simple CRUD interface
Using the Flask-Admin extension
Registering models with Flask-Admin
Creating custom forms and actions
Using a WYSIWYG editor for textarea integration
Creating user roles
9
Internationalization and Localization
Internationalization and Localization
Adding a new language
Implementing lazy evaluation and the gettext/ngettext functions
Implementing the global language switching action
10
Debugging, Error Handling, and Testing
Debugging, Error Handling, and Testing
Setting up basic file logging
Sending emails on the occurrence of errors
Using Sentry to monitor exceptions
Debugging with pdb
Creating our first simple test
Writing more tests for views and logic
Nose library integration
Using mocking to avoid real API access
Determining test coverage
Using profiling to find bottlenecks
11
Deployment and Post-Deployment
Deployment and Post-Deployment
Deploying with Apache
Deploying with uWSGI and Nginx
Deploying with Gunicorn and Supervisor
Deploying with Tornado
Using S3 storage for file uploads
Deploying with Heroku
Deploying with AWS Elastic Beanstalk
Managing and monitoring application performance with New Relic
12
Microservices and Containers
Microservices and Containers
Containerization with Docker
Orchestrating containers with Kubernetes
Going serverless with Zappa on AWS Lambda
13
Other Tips and Tricks
Other Tips and Tricks
Implementing full-text search with Whoosh
Implementing full-text search with Elasticsearch
Working with signals
Using caching with your application
Implementing email support for Flask applications
Understanding asynchronous operations
Working with Celery
14
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Protecting applications from cross-site request forgery (CSRF)

In the first recipe of this chapter, we learned that CSRF is an important part of webform security. We will now talk about this in detail. CSRF basically means that someone can hack into the request that carries a cookie and use this to trigger a destructive action. We won't be discussing CSRF in detail here, since ample resources are available on the internet to learn about this. We will talk about how WTForms will help us in preventing CSRF. Flask does not provide any security against CSRF by default, as this has to be handled at the form-validation level, which is not provided by Flask. However, in this recipe, we will see how this is done for us by means of the Flask-WTF extension.

More information about CSRF can be found at https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF).
...
Previous Section
End of Chapter 5
Next Chapter