Flask-Obscure API¶
Obscure sequential IDs in URL variables and templates.
Impliments routing converters and fiters in Flask to obscure sequential integer IDs. This is base on the ‘Obscure’ python module.
- Once installed, the following converters and filters are available:
- num, hex, b32, b64, and tame
Flask Integration¶
-
class
flask_obscure.Obscure(app=None, salt=None)¶ Obscure interger IDs in URLs. A
saltvalue is needed. You can provide it when initializing the app or from the flask configuration under the parameterOBSCURE_SALT.-
decode_base32(s)¶ Decode a base32 string, returning the original integer. :param s: 7-character base32 string :returns: original integer
-
decode_base64(s)¶ Decode a base64 string, returning the original integer. :param s: 6-character base64 string :returns: oritinal integer
-
decode_hex(s)¶ Decode an 8-character hex string, returning the original integer. :param s: encoded hex string :returns: original integer
-
decode_tame(s)¶ Decode a custom base32 string, returning the original integer. :param s: custom encoded, 7-character base32 string :returns: original integer
-
encode_base32(i)¶ Obscure an integer and return a base32 string. :param i: integer :returns: 7-character base32 string.
-
encode_base64(i)¶ Obscure an integer and return a 6-char base64 string. :param i: integer :returns: 6-character base64 string
-
encode_hex(i)¶ Obscure an integer to hex string. :param i: integer :returns: 8-character hex string.
-
encode_tame(i)¶ Obscure an integer and return a base32 string. The base32 alphabet without the letters I and U to eliminate common offensive words. :param i: integer :returns: 7-character custom alphabet base32 string.
-
init_app(app, salt=None)¶ Add converters and filters to a
Flaskinstance.Parameters: - app – a
Flaskinstance - salt (integer) – random 32-bit integer for uniqueness
Raises: KeyError–OBSCURE_SALTmust be in theflask.Configif it is not given as a parameter.- app – a
-
transform(i)¶ Reversibly transform a 32-bit integer using Feistel cipher. :param i: integer :returns: transformed integer so transform(transform(i)) == i
-
Converters¶
-
class
flask_obscure.Num(map)¶ Obscure interger ID with salted value and format as an alternative, non-sequential number.
Rule(‘/customer/<num:customer_id>’)
-
to_python(value)¶ Restores original number.
Parameters: value (number string) – obscured, non-sequential number Returns: the original number Return type: integer See also
to_url
-
to_url(value)¶ Convert value to alternate, non-sequential integer format.
Parameters: value (integer) – number to obscure Returns: an obscured, non-sequential number Return type: string See also
to_python
-
-
class
flask_obscure.Hex(map)¶ Obscure numerical ID and format as hex.
Rule(‘/customer/<hex:customer_id>’)
-
class
flask_obscure.Base32(map)¶ Obscure numerical ID and format as base32.
Rule(‘/customer/<b32:customer_id>’)
-
class
flask_obscure.Base64(map)¶ Obscure numerical ID and format as url-safe base64.
Rule(‘/customer/<b64:customer_id>’)
-
class
flask_obscure.Tame(map)¶ Obscure numerical ID and format as a custom base32 with the vowels ‘I’, ‘O’, and ‘U’ removed to eliminate common offensive words.
Rule(‘/customer/<tame:customer_id>’)
