I am using Flask-Security to build a web app that has a public REST API. I am trying to figure out how to add user registration and login using REST calls only.
It is fairly easy to create a user using user_datastore.create_user
. But how can I then login the user, using a REST call?
If flask_security.utils.login_user
took username+password or a token as an argument, it would be easy, but it takes a user object instead?
The documentation shows how to register and login using forms and views, but I need to be able to register and login from an IOS device (using RESTkit).
You will either want to use flask_security.decorators.auth_token_required
along with SECURITY_TOKEN_AUTHENTICATION_KEY
or SECURITY_TOKEN_AUTHENTICATION_HEADER
(depending on whether you want to pass the token in the URL or in a header) or you can override flask_security.core.UserMixin.get_auth_token
for your User
class and Flask-Security will do the right thing.