diff --git a/.gitignore b/.gitignore index 3ed5b95..22901de 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,5 @@ docs/_build/ docs/_templates/ examples/**/*.db + +dist/ \ No newline at end of file diff --git a/AUTHORS b/AUTHORS deleted file mode 100644 index 8522526..0000000 --- a/AUTHORS +++ /dev/null @@ -1,15 +0,0 @@ -Flask-Identity was written by SolardiaX and welcome contributors to make it more useful. - - -Development Lead -```````````````` - -- SolardiaX - -Maintainer -`````````` - -- SolardiaX - -Patches and Suggestions -``````````````````````` diff --git a/LICENSE b/LICENSE deleted file mode 100644 index 040c879..0000000 --- a/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (C) 2012-2019 by Matthew Wright -Copyright (C) 2019-2019 by Chris Wagner - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies -of the Software, and to permit persons to whom the Software is furnished to do -so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.rst b/README.rst index 1bda4c2..c0d50ab 100644 --- a/README.rst +++ b/README.rst @@ -25,7 +25,7 @@ Flask-Identity A lightweight extension & library to security Flask applications quickly and simply. About Flask-Identity ------------------- +-------------------- Flask-Identity allows you to quickly add common security mechanisms to your Flask application. They include: diff --git a/docs/configuration.rst b/docs/configuration.rst index 2638708..166f3bb 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -71,6 +71,18 @@ These configuration are used globally across all features and should be configur Default: ``'_next'``. +.. py:data:: HASH_SALT + + Specifies the HMAC salt. This is required for all schemes that + are configured for double hashing. A good salt can be generated using: + ``secrets.SystemRandom().getrandbits(128)``. + + If this value is ``None`` (the default), then will use ``SECRET_KEY`` as salt to encrypt hash. + + Strongly recommend set it to a different value for more security. + + Defaults to ``None``. + .. py:data:: TOKEN_SALT The salt used to encrypt session, request or cookie token. diff --git a/flask_identity/config.py b/flask_identity/config.py index 6dd29a2..7d27dc9 100644 --- a/flask_identity/config.py +++ b/flask_identity/config.py @@ -53,6 +53,12 @@ #: Default: ``'_next'``. 'NEXT_KEY': '_next', + #: Specifies the HMAC salt. This is required for all schemes that + #: are configured for double hashing. A good salt can be generated using: + #: ``secrets.SystemRandom().getrandbits(128)``. + #: Defaults to ``None``. + 'HASH_SALT': None, + #: The salt used to encrypt session, request or cookie token. #: If this value is ``None`` (the default), then will use ``SECRET_KEY`` as salt #: to encrypt token.