I really like flask-script and so I thought I'd write a little blog entry about it. I've done a basic script intro and before I show a few more examples I thought I'd ask what everyone else is using it for (if they are). I use mine for ingesting stuff and anything else that you would run on a crontab, a bit like Django's 'tasks'. I'm sure there are other good uses too. Would you care to show any examples? Has anyone integrated it with Fabric for example? Col Oh yeah, the basic script article is here: http://terse-words.blogspot.com/2011/06/simple-flask-script-example.html
Hi all, I've just finished writing my first Flask extension. I've tried to follow the guidelines as closely as possible. I'm new to Flask and Python as well so any feedback is very much appreciated. My intent with this extension is to provide bcrypt support to Flask applications. As I understand it, bcrypt is considered to be stronger than some other hashing algos for password hashing as its intentionally "deoptimized" key scheduler is intended to make brute forcing techniques more difficult. http://pypi.python.org/pypi/Flask-Bcrypt https://github.com/maxcountryman/flask-bcrypt Regards, Max Countryman
Have you seen http://www.quora.com/What-websites-have-the-best-new-user-onboarding-flows ? cheers, Amirouche. 2011/6/13 Max Countryman <maxc@me.com> > Hi all, > > I've just finished writing my first Flask extension. I've tried to follow > the guidelines as closely as possible. I'm new to Flask and Python as well > so any feedback is very much appreciated. > > My intent with this extension is to provide bcrypt support to Flask > applications. As I understand it, bcrypt is considered to be stronger than > some other hashing algos for password hashing as its intentionally > "deoptimized" key scheduler is intended to make brute forcing techniques > more difficult. > > http://pypi.python.org/pypi/Flask-Bcrypt > > https://github.com/maxcountryman/flask-bcrypt > > Regards, > > > Max Countryman >
I messed up it's wrong link. here is the link I wanted to share http://rondam.blogspot.com/2011/06/possible-flaw-in-open-source-bcrypt.html <http://rondam.blogspot.com/2011/06/possible-flaw-in-open-source-bcrypt.html> cheers, Amirouche. 2011/6/15 Amirouche Boubekki <amirouche.boubekki@gmail.com> > Have you seen > http://www.quora.com/What-websites-have-the-best-new-user-onboarding-flows > ? > > cheers, > > Amirouche. > > > 2011/6/13 Max Countryman <maxc@me.com> > >> Hi all, >> >> I've just finished writing my first Flask extension. I've tried to follow >> the guidelines as closely as possible. I'm new to Flask and Python as well >> so any feedback is very much appreciated. >> >> My intent with this extension is to provide bcrypt support to Flask >> applications. As I understand it, bcrypt is considered to be stronger than >> some other hashing algos for password hashing as its intentionally >> "deoptimized" key scheduler is intended to make brute forcing techniques >> more difficult. >> >> http://pypi.python.org/pypi/Flask-Bcrypt >> >> https://github.com/maxcountryman/flask-bcrypt >> >> Regards, >> >> >> Max Countryman >> > >
The Hacker News thread for this article has thoroughly debunked this now it seems: http://news.ycombinator.com/item?id=2654977 tl;dr although it truncates it is negligible (not dangerous) and apparently supported by the white paper. The key expansion is where the real magic happens, having an internal state size of 33344 bits. Regards, Max Sent from my iPhone On Jun 14, 2011, at 18:09, Amirouche Boubekki <amirouche.boubekki@gmail.com> wrote: > I messed up it's wrong link. > > here is the link I wanted to share http://rondam.blogspot.com/2011/06/possible-flaw-in-open-source-bcrypt.html > > cheers, > > Amirouche. > > 2011/6/15 Amirouche Boubekki <amirouche.boubekki@gmail.com> > Have you seen http://www.quora.com/What-websites-have-the-best-new-user-onboarding-flows ? > > cheers, > > Amirouche. > > > 2011/6/13 Max Countryman <maxc@me.com> > Hi all, > > I've just finished writing my first Flask extension. I've tried to follow the guidelines as closely as possible. I'm new to Flask and Python as well so any feedback is very much appreciated. > > My intent with this extension is to provide bcrypt support to Flask applications. As I understand it, bcrypt is considered to be stronger than some other hashing algos for password hashing as its intentionally "deoptimized" key scheduler is intended to make brute forcing techniques more difficult. > > http://pypi.python.org/pypi/Flask-Bcrypt > > https://github.com/maxcountryman/flask-bcrypt > > Regards, > > > Max Countryman > >
Hi Max, Why is this a flask extension? It doesn’t look like it is at all specific to flask applications, and so should either be released as a normal python package, or the additional functionality integrated back into the original package. Regards, Peter On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: > Hi all, > > I've just finished writing my first Flask extension. I've tried to follow > the guidelines as closely as possible. I'm new to Flask and Python as well > so any feedback is very much appreciated. > > My intent with this extension is to provide bcrypt support to Flask > applications. As I understand it, bcrypt is considered to be stronger than > some other hashing algos for password hashing as its intentionally > "deoptimized" key scheduler is intended to make brute forcing techniques > more difficult. > > http://pypi.python.org/pypi/Flask-Bcrypt > > https://github.com/maxcountryman/flask-bcrypt > > Regards, > > > Max Countryman > -- Peter Ward http://flowblok.id.au/ BIT III, Sydney University
Hi Peter, I've packaged it as an extension purely for convenience as bcrypt doesn't seem to be supported in werkzeug.security. Regards, Max Sent from my iPhone On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: > Hi Max, > > Why is this a flask extension? It doesn’t look like it is at all specific to flask applications, and so should either be released as a normal python package, or the additional functionality integrated back into the original package. > > Regards, > Peter > > On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: > Hi all, > > I've just finished writing my first Flask extension. I've tried to follow the guidelines as closely as possible. I'm new to Flask and Python as well so any feedback is very much appreciated. > > My intent with this extension is to provide bcrypt support to Flask applications. As I understand it, bcrypt is considered to be stronger than some other hashing algos for password hashing as its intentionally "deoptimized" key scheduler is intended to make brute forcing techniques more difficult. > > http://pypi.python.org/pypi/Flask-Bcrypt > > https://github.com/maxcountryman/flask-bcrypt > > Regards, > > > Max Countryman > > > > -- > Peter Ward > http://flowblok.id.au/ > BIT III, Sydney University
On Sun, 12 Jun 2011 18:17:23 -0700 Max Countryman <maxc@me.com> wrote: What is the advantage of this over installing the py-bcrypt library? http://code.google.com/p/py-bcrypt/ Nicholas Holley > Hi Peter, > > I've packaged it as an extension purely for convenience as bcrypt > doesn't seem to be supported in werkzeug.security. > > Regards, > > > Max > > Sent from my iPhone > > On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: > > > Hi Max, > > > > Why is this a flask extension? It doesn’t look like it is at all > > specific to flask applications, and so should either be released as > > a normal python package, or the additional functionality integrated > > back into the original package. > > > > Regards, > > Peter > > > > On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: > > Hi all, > > > > I've just finished writing my first Flask extension. I've tried to > > follow the guidelines as closely as possible. I'm new to Flask and > > Python as well so any feedback is very much appreciated. > > > > My intent with this extension is to provide bcrypt support to Flask > > applications. As I understand it, bcrypt is considered to be > > stronger than some other hashing algos for password hashing as its > > intentionally "deoptimized" key scheduler is intended to make brute > > forcing techniques more difficult. > > > > http://pypi.python.org/pypi/Flask-Bcrypt > > > > https://github.com/maxcountryman/flask-bcrypt > > > > Regards, > > > > > > Max Countryman > > > > > > > > -- > > Peter Ward > > http://flowblok.id.au/ > > BIT III, Sydney University
Also Nicholas, I should have mentioned, the extension does in fact use py-bcrypt (you'll notice it's listed as a requirement in setup.py). So again, this extension is a set of convenience functions. Regards, Max -- Max Countryman +1-917-971-8472 On Sunday, June 12, 2011 at 10:29 PM, Nicholas Holley wrote: > On Sun, 12 Jun 2011 18:17:23 -0700 > Max Countryman <maxc@me.com (mailto:maxc@me.com)> wrote: > > What is the advantage of this over installing the py-bcrypt library? > > http://code.google.com/p/py-bcrypt/ > > Nicholas Holley > > > Hi Peter, > > > > I've packaged it as an extension purely for convenience as bcrypt > > doesn't seem to be supported in werkzeug.security. > > > > Regards, > > > > > > Max > > > > Sent from my iPhone > > > > On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com (mailto:peteraward@gmail.com)> wrote: > > > > > Hi Max, > > > > > > Why is this a flask extension? It doesn’t look like it is at all > > > specific to flask applications, and so should either be released as > > > a normal python package, or the additional functionality integrated > > > back into the original package. > > > > > > Regards, > > > Peter > > > > > > On 13 June 2011 00:26, Max Countryman <maxc@me.com (mailto:maxc@me.com)> wrote: > > > Hi all, > > > > > > I've just finished writing my first Flask extension. I've tried to > > > follow the guidelines as closely as possible. I'm new to Flask and > > > Python as well so any feedback is very much appreciated. > > > > > > My intent with this extension is to provide bcrypt support to Flask > > > applications. As I understand it, bcrypt is considered to be > > > stronger than some other hashing algos for password hashing as its > > > intentionally "deoptimized" key scheduler is intended to make brute > > > forcing techniques more difficult. > > > > > > http://pypi.python.org/pypi/Flask-Bcrypt > > > > > > https://github.com/maxcountryman/flask-bcrypt > > > > > > Regards, > > > > > > > > > Max Countryman > > > > > > > > > > > > -- > > > Peter Ward > > > http://flowblok.id.au/ > > > BIT III, Sydney University
Thanks Max. I would've never known about bcrypt if it weren't for you. I'll definitely use bcrypt in the future. On Mon, Jun 13, 2011 at 4:45 PM, Max Countryman <maxc@me.com> wrote: > Also Nicholas, > > I should have mentioned, the extension does in fact use py-bcrypt (you'll > notice it's listed as a requirement in setup.py). So again, this extension > is a set of convenience functions. > > Regards, > > > Max > > -- > Max Countryman > +1-917-971-8472 > > On Sunday, June 12, 2011 at 10:29 PM, Nicholas Holley wrote: > > On Sun, 12 Jun 2011 18:17:23 -0700 > Max Countryman <maxc@me.com> wrote: > > What is the advantage of this over installing the py-bcrypt library? > > http://code.google.com/p/py-bcrypt/ > > Nicholas Holley > > Hi Peter, > > I've packaged it as an extension purely for convenience as bcrypt > doesn't seem to be supported in werkzeug.security. > > Regards, > > > Max > > Sent from my iPhone > > On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: > > Hi Max, > > Why is this a flask extension? It doesn’t look like it is at all > specific to flask applications, and so should either be released as > a normal python package, or the additional functionality integrated > back into the original package. > > Regards, > Peter > > On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: > Hi all, > > I've just finished writing my first Flask extension. I've tried to > follow the guidelines as closely as possible. I'm new to Flask and > Python as well so any feedback is very much appreciated. > > My intent with this extension is to provide bcrypt support to Flask > applications. As I understand it, bcrypt is considered to be > stronger than some other hashing algos for password hashing as its > intentionally "deoptimized" key scheduler is intended to make brute > forcing techniques more difficult. > > http://pypi.python.org/pypi/Flask-Bcrypt > > https://github.com/maxcountryman/flask-bcrypt > > Regards, > > > Max Countryman > > > > -- > Peter Ward > http://flowblok.id.au/ > BIT III, Sydney University > > >
So glad to have introduced it to you, Chris! I realize I probably should have included a link to the white paper in case anyone is curious and wanting to do some in-depth investigation of it so here it is: http://www.usenix.org/events/usenix99/provos/provos_html/index.html Sent from my iPhone On Jun 14, 2011, at 1:01, Chris Aliipule <guitarift@gmail.com> wrote: > Thanks Max. I would've never known about bcrypt if it weren't for you. I'll definitely use bcrypt in the future. > > On Mon, Jun 13, 2011 at 4:45 PM, Max Countryman <maxc@me.com> wrote: > Also Nicholas, > > I should have mentioned, the extension does in fact use py-bcrypt (you'll notice it's listed as a requirement in setup.py). So again, this extension is a set of convenience functions. > > Regards, > > > Max > > -- > Max Countryman > +1-917-971-8472 > On Sunday, June 12, 2011 at 10:29 PM, Nicholas Holley wrote: > >> On Sun, 12 Jun 2011 18:17:23 -0700 >> Max Countryman <maxc@me.com> wrote: >> >> What is the advantage of this over installing the py-bcrypt library? >> >> http://code.google.com/p/py-bcrypt/ >> >> Nicholas Holley >> >>> Hi Peter, >>> >>> I've packaged it as an extension purely for convenience as bcrypt >>> doesn't seem to be supported in werkzeug.security. >>> >>> Regards, >>> >>> >>> Max >>> >>> Sent from my iPhone >>> >>> On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: >>> >>>> Hi Max, >>>> >>>> Why is this a flask extension? It doesn’t look like it is at all >>>> specific to flask applications, and so should either be released as >>>> a normal python package, or the additional functionality integrated >>>> back into the original package. >>>> >>>> Regards, >>>> Peter >>>> >>>> On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: >>>> Hi all, >>>> >>>> I've just finished writing my first Flask extension. I've tried to >>>> follow the guidelines as closely as possible. I'm new to Flask and >>>> Python as well so any feedback is very much appreciated. >>>> >>>> My intent with this extension is to provide bcrypt support to Flask >>>> applications. As I understand it, bcrypt is considered to be >>>> stronger than some other hashing algos for password hashing as its >>>> intentionally "deoptimized" key scheduler is intended to make brute >>>> forcing techniques more difficult. >>>> >>>> http://pypi.python.org/pypi/Flask-Bcrypt >>>> >>>> https://github.com/maxcountryman/flask-bcrypt >>>> >>>> Regards, >>>> >>>> >>>> Max Countryman >>>> >>>> >>>> >>>> -- >>>> Peter Ward >>>> http://flowblok.id.au/ >>>> BIT III, Sydney University > >
Just to add to the list, this is what first introduced me to bcrypt. It's a good, quick read! http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html Michael Campagnaro On Wed, Jun 15, 2011 at 5:57 PM, Max Countryman <maxc@me.com> wrote: > So glad to have introduced it to you, Chris! > > I realize I probably should have included a link to the white paper in case > anyone is curious and wanting to do some in-depth investigation of it so > here it is: <http://www.usenix.org/events/usenix99/provos/provos_html/index.html> > http://www.usenix.org/events/usenix99/provos/provos_html/index.html > > Sent from my iPhone > > On Jun 14, 2011, at 1:01, Chris Aliipule <guitarift@gmail.com> wrote: > > Thanks Max. I would've never known about bcrypt if it weren't for you. I'll > definitely use bcrypt in the future. > > On Mon, Jun 13, 2011 at 4:45 PM, Max Countryman < <maxc@me.com>maxc@me.com > > wrote: > >> Also Nicholas, >> >> I should have mentioned, the extension does in fact use py-bcrypt (you'll >> notice it's listed as a requirement in setup.py). So again, this extension >> is a set of convenience functions. >> >> Regards, >> >> >> Max >> >> -- >> Max Countryman >> +1-917-971-8472 >> >> On Sunday, June 12, 2011 at 10:29 PM, Nicholas Holley wrote: >> >> On Sun, 12 Jun 2011 18:17:23 -0700 >> Max Countryman < <maxc@me.com>maxc@me.com> wrote: >> >> What is the advantage of this over installing the py-bcrypt library? >> >> <http://code.google.com/p/py-bcrypt/>http://code.google.com/p/py-bcrypt/ >> >> Nicholas Holley >> >> Hi Peter, >> >> I've packaged it as an extension purely for convenience as bcrypt >> doesn't seem to be supported in werkzeug.security. >> >> Regards, >> >> >> Max >> >> Sent from my iPhone >> >> On Jun 12, 2011, at 18:06, Peter Ward < <peteraward@gmail.com> >> peteraward@gmail.com> wrote: >> >> Hi Max, >> >> Why is this a flask extension? It doesn’t look like it is at all >> specific to flask applications, and so should either be released as >> a normal python package, or the additional functionality integrated >> back into the original package. >> >> Regards, >> Peter >> >> On 13 June 2011 00:26, Max Countryman < <maxc@me.com>maxc@me.com> wrote: >> Hi all, >> >> I've just finished writing my first Flask extension. I've tried to >> follow the guidelines as closely as possible. I'm new to Flask and >> Python as well so any feedback is very much appreciated. >> >> My intent with this extension is to provide bcrypt support to Flask >> applications. As I understand it, bcrypt is considered to be >> stronger than some other hashing algos for password hashing as its >> intentionally "deoptimized" key scheduler is intended to make brute >> forcing techniques more difficult. >> >> <http://pypi.python.org/pypi/Flask-Bcrypt> >> http://pypi.python.org/pypi/Flask-Bcrypt >> >> <https://github.com/maxcountryman/flask-bcrypt> >> https://github.com/maxcountryman/flask-bcrypt >> >> Regards, >> >> >> Max Countryman >> >> >> >> -- >> Peter Ward >> <http://flowblok.id.au>http://flowblok.id.au/ >> BIT III, Sydney University >> >> >> >
Great link, Michael. Thanks! Sent from my iPhone On Jun 16, 2011, at 9:29, Michael Campagnaro <mikecampo@gmail.com> wrote: > Just to add to the list, this is what first introduced me to bcrypt. It's a good, quick read! http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html > > Michael Campagnaro > > > > On Wed, Jun 15, 2011 at 5:57 PM, Max Countryman <maxc@me.com> wrote: > So glad to have introduced it to you, Chris! > > I realize I probably should have included a link to the white paper in case anyone is curious and wanting to do some in-depth investigation of it so here it is: http://www.usenix.org/events/usenix99/provos/provos_html/index.html > > Sent from my iPhone > > On Jun 14, 2011, at 1:01, Chris Aliipule <guitarift@gmail.com> wrote: > >> Thanks Max. I would've never known about bcrypt if it weren't for you. I'll definitely use bcrypt in the future. >> >> On Mon, Jun 13, 2011 at 4:45 PM, Max Countryman <maxc@me.com> wrote: >> Also Nicholas, >> >> I should have mentioned, the extension does in fact use py-bcrypt (you'll notice it's listed as a requirement in setup.py). So again, this extension is a set of convenience functions. >> >> Regards, >> >> >> Max >> >> -- >> Max Countryman >> +1-917-971-8472 >> On Sunday, June 12, 2011 at 10:29 PM, Nicholas Holley wrote: >> >>> On Sun, 12 Jun 2011 18:17:23 -0700 >>> Max Countryman <maxc@me.com> wrote: >>> >>> What is the advantage of this over installing the py-bcrypt library? >>> >>> http://code.google.com/p/py-bcrypt/ >>> >>> Nicholas Holley >>> >>>> Hi Peter, >>>> >>>> I've packaged it as an extension purely for convenience as bcrypt >>>> doesn't seem to be supported in werkzeug.security. >>>> >>>> Regards, >>>> >>>> >>>> Max >>>> >>>> Sent from my iPhone >>>> >>>> On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: >>>> >>>>> Hi Max, >>>>> >>>>> Why is this a flask extension? It doesn’t look like it is at all >>>>> specific to flask applications, and so should either be released as >>>>> a normal python package, or the additional functionality integrated >>>>> back into the original package. >>>>> >>>>> Regards, >>>>> Peter >>>>> >>>>> On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: >>>>> Hi all, >>>>> >>>>> I've just finished writing my first Flask extension. I've tried to >>>>> follow the guidelines as closely as possible. I'm new to Flask and >>>>> Python as well so any feedback is very much appreciated. >>>>> >>>>> My intent with this extension is to provide bcrypt support to Flask >>>>> applications. As I understand it, bcrypt is considered to be >>>>> stronger than some other hashing algos for password hashing as its >>>>> intentionally "deoptimized" key scheduler is intended to make brute >>>>> forcing techniques more difficult. >>>>> >>>>> http://pypi.python.org/pypi/Flask-Bcrypt >>>>> >>>>> https://github.com/maxcountryman/flask-bcrypt >>>>> >>>>> Regards, >>>>> >>>>> >>>>> Max Countryman >>>>> >>>>> >>>>> >>>>> -- >>>>> Peter Ward >>>>> http://flowblok.id.au/ >>>>> BIT III, Sydney University >> >> >
Convenience. Nothing beyond that. It's a drop-in replacement for the hashing functions provided by Flask. Should work with existing applications without any editing beyond importing. Sent from my iPhone On Jun 12, 2011, at 22:29, Nicholas Holley <nick.holley@gmail.com> wrote: > On Sun, 12 Jun 2011 18:17:23 -0700 > Max Countryman <maxc@me.com> wrote: > > What is the advantage of this over installing the py-bcrypt library? > > http://code.google.com/p/py-bcrypt/ > > Nicholas Holley > >> Hi Peter, >> >> I've packaged it as an extension purely for convenience as bcrypt >> doesn't seem to be supported in werkzeug.security. >> >> Regards, >> >> >> Max >> >> Sent from my iPhone >> >> On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: >> >>> Hi Max, >>> >>> Why is this a flask extension? It doesn’t look like it is at all >>> specific to flask applications, and so should either be released as >>> a normal python package, or the additional functionality integrated >>> back into the original package. >>> >>> Regards, >>> Peter >>> >>> On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: >>> Hi all, >>> >>> I've just finished writing my first Flask extension. I've tried to >>> follow the guidelines as closely as possible. I'm new to Flask and >>> Python as well so any feedback is very much appreciated. >>> >>> My intent with this extension is to provide bcrypt support to Flask >>> applications. As I understand it, bcrypt is considered to be >>> stronger than some other hashing algos for password hashing as its >>> intentionally "deoptimized" key scheduler is intended to make brute >>> forcing techniques more difficult. >>> >>> http://pypi.python.org/pypi/Flask-Bcrypt >>> >>> https://github.com/maxcountryman/flask-bcrypt >>> >>> Regards, >>> >>> >>> Max Countryman >>> >>> >>> >>> -- >>> Peter Ward >>> http://flowblok.id.au/ >>> BIT III, Sydney University >
Thanks for explaining your motivation - what about adding optional support for bcrypt in werkzeug.security? On 13 June 2011 11:17, Max Countryman <maxc@me.com> wrote: > Hi Peter, > > I've packaged it as an extension purely for convenience as bcrypt doesn't > seem to be supported in werkzeug.security. > > Regards, > > > Max > > Sent from my iPhone > > On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: > > Hi Max, > > Why is this a flask extension? It doesn’t look like it is at all specific > to flask applications, and so should either be released as a normal python > package, or the additional functionality integrated back into the original > package. > > Regards, > Peter > > On 13 June 2011 00:26, Max Countryman < <maxc@me.com>maxc@me.com> wrote: > >> Hi all, >> >> I've just finished writing my first Flask extension. I've tried to follow >> the guidelines as closely as possible. I'm new to Flask and Python as well >> so any feedback is very much appreciated. >> >> My intent with this extension is to provide bcrypt support to Flask >> applications. As I understand it, bcrypt is considered to be stronger than >> some other hashing algos for password hashing as its intentionally >> "deoptimized" key scheduler is intended to make brute forcing techniques >> more difficult. >> >> <http://pypi.python.org/pypi/Flask-Bcrypt> >> http://pypi.python.org/pypi/Flask-Bcrypt >> >> <https://github.com/maxcountryman/flask-bcrypt> >> https://github.com/maxcountryman/flask-bcrypt >> >> Regards, >> >> >> Max Countryman >> > > > > -- > Peter Ward > <http://flowblok.id.au/>http://flowblok.id.au/ > BIT III, Sydney University > > -- Peter Ward http://flowblok.id.au/ BIT III, Sydney University
That would be ideal. Not sure if this is wanted but I'd be happy to add it if so. In the meantime the extension is available. Sent from my iPhone On Jun 12, 2011, at 21:01, Peter Ward <peteraward@gmail.com> wrote: > Thanks for explaining your motivation - what about adding optional support for bcrypt in werkzeug.security? > > On 13 June 2011 11:17, Max Countryman <maxc@me.com> wrote: > Hi Peter, > > I've packaged it as an extension purely for convenience as bcrypt doesn't seem to be supported in werkzeug.security. > > Regards, > > > Max > > Sent from my iPhone > > On Jun 12, 2011, at 18:06, Peter Ward <peteraward@gmail.com> wrote: > >> Hi Max, >> >> Why is this a flask extension? It doesn’t look like it is at all specific to flask applications, and so should either be released as a normal python package, or the additional functionality integrated back into the original package. >> >> Regards, >> Peter >> >> On 13 June 2011 00:26, Max Countryman <maxc@me.com> wrote: >> Hi all, >> >> I've just finished writing my first Flask extension. I've tried to follow the guidelines as closely as possible. I'm new to Flask and Python as well so any feedback is very much appreciated. >> >> My intent with this extension is to provide bcrypt support to Flask applications. As I understand it, bcrypt is considered to be stronger than some other hashing algos for password hashing as its intentionally "deoptimized" key scheduler is intended to make brute forcing techniques more difficult. >> >> http://pypi.python.org/pypi/Flask-Bcrypt >> >> https://github.com/maxcountryman/flask-bcrypt >> >> Regards, >> >> >> Max Countryman >> >> >> >> -- >> Peter Ward >> http://flowblok.id.au/ >> BIT III, Sydney University > > > > -- > Peter Ward > http://flowblok.id.au/ > BIT III, Sydney University
On 07/06/2011 14:19, Col Wilson wrote: > I really like flask-script and so I thought I'd write a little blog > entry about it. > > I've done a basic script intro and before I show a few more examples I > thought I'd ask what everyone else is using it for (if they are). I use > mine for ingesting stuff and anything else that you would run on a > crontab, a bit like Django's 'tasks'. I use mine most of all for dropping into "shell mode": a Python intepreter with models available and a session loaded. I also use it for reloading / saving / syncing my data between my laptop and a remote server. TJG
Thanks for the idea: http://terse-words.blogspot.com/2011/06/adding-shell-access-to-our-flask-script.html On Tue, Jun 7, 2011 at 2:24 PM, Tim Golden <mail@timgolden.me.uk> wrote: > On 07/06/2011 14:19, Col Wilson wrote: > > I really like flask-script and so I thought I'd write a little blog > > entry about it. > > > > I've done a basic script intro and before I show a few more examples I > > thought I'd ask what everyone else is using it for (if they are). I use > > mine for ingesting stuff and anything else that you would run on a > > crontab, a bit like Django's 'tasks'. > > I use mine most of all for dropping into "shell mode": a Python > intepreter with models available and a session loaded. I also > use it for reloading / saving / syncing my data between my > laptop and a remote server. > > TJG >
O, yes the shell, I had forgotten all about that. For some reason I never use it in development (shocked hush). Syncing data with the remote server is a good example too. On Tue, Jun 7, 2011 at 2:24 PM, Tim Golden <mail@timgolden.me.uk> wrote: > On 07/06/2011 14:19, Col Wilson wrote: > > I really like flask-script and so I thought I'd write a little blog > > entry about it. > > > > I've done a basic script intro and before I show a few more examples I > > thought I'd ask what everyone else is using it for (if they are). I use > > mine for ingesting stuff and anything else that you would run on a > > crontab, a bit like Django's 'tasks'. > > I use mine most of all for dropping into "shell mode": a Python > intepreter with models available and a session loaded. I also > use it for reloading / saving / syncing my data between my > laptop and a remote server. > > TJG >
I use mine for a few things in development (drop_tables,
create_tables). and in production I have (create_admin, migrate).
I use fabric to run the production commands like
def migrate(action):
with cd('/var/www/project/'):
run('env/bin/python manage.py migrate %s' % action)
On Tue, Jun 7, 2011 at 8:28 AM, Col Wilson <colwilson@bcs.org> wrote:
> O, yes the shell, I had forgotten all about that. For some reason I never
> use it in development (shocked hush).
>
> Syncing data with the remote server is a good example too.
>
> On Tue, Jun 7, 2011 at 2:24 PM, Tim Golden <mail@timgolden.me.uk> wrote:
>>
>> On 07/06/2011 14:19, Col Wilson wrote:
>> > I really like flask-script and so I thought I'd write a little blog
>> > entry about it.
>> >
>> > I've done a basic script intro and before I show a few more examples I
>> > thought I'd ask what everyone else is using it for (if they are). I use
>> > mine for ingesting stuff and anything else that you would run on a
>> > crontab, a bit like Django's 'tasks'.
>>
>> I use mine most of all for dropping into "shell mode": a Python
>> intepreter with models available and a session loaded. I also
>> use it for reloading / saving / syncing my data between my
>> laptop and a remote server.
>>
>> TJG
>
>
Indeed that's another approach. Thanks. On Tue, Jun 7, 2011 at 4:29 PM, Adam Patterson <fakeempire@gmail.com> wrote: > I use mine for a few things in development (drop_tables, > create_tables). and in production I have (create_admin, migrate). > > I use fabric to run the production commands like > > > def migrate(action): > with cd('/var/www/project/'): > run('env/bin/python manage.py migrate %s' % action) > > > On Tue, Jun 7, 2011 at 8:28 AM, Col Wilson <colwilson@bcs.org> wrote: > > O, yes the shell, I had forgotten all about that. For some reason I never > > use it in development (shocked hush). > > > > Syncing data with the remote server is a good example too. > > > > On Tue, Jun 7, 2011 at 2:24 PM, Tim Golden <mail@timgolden.me.uk> wrote: > >> > >> On 07/06/2011 14:19, Col Wilson wrote: > >> > I really like flask-script and so I thought I'd write a little blog > >> > entry about it. > >> > > >> > I've done a basic script intro and before I show a few more examples I > >> > thought I'd ask what everyone else is using it for (if they are). I > use > >> > mine for ingesting stuff and anything else that you would run on a > >> > crontab, a bit like Django's 'tasks'. > >> > >> I use mine most of all for dropping into "shell mode": a Python > >> intepreter with models available and a session loaded. I also > >> use it for reloading / saving / syncing my data between my > >> laptop and a remote server. > >> > >> TJG > > > > >