flask-security

I have Users and Roles in my Flask app thanks to Flask-Security. For some roles I would like to hide certain fields in the forms created by Flask-Admin. I know about customizing ModelViews with eg. form_create_rules = ('title', 'file') but while instantiating a ModelView there isn't access to the current request so current_user.has_role(USER_ROLE) can't be called. Is there any other way to achieve this? pjcunningham One way of achieving this is to create multiple view classes and register these view classes against their appropriate roles. See this answer on how to register roles to views.

I want to use keycloak to authenticate my users in our Superset environment. Superset is using flask-openid, as implemented in flask-security: http://flask-appbuilder.readthedocs.io/en/latest/_modules/flask_appbuilder/security/manager.html https://pythonhosted.org/Flask-OpenID/ To enable a different user authentication than the regular one (database), you need to override the AUTH_TYPE parameter in your superset_config.py file. You will also need to provide a reference to your openid-connect realm and enable user registration. As I understand, it should look something like this: from flask

I've already configured SECURITY_PASSWORD_SALT and use "bcrypt". But every time i reload the page print encrypt_password('mypassword') will print different values, so i can't verify user input password via verify_password(form.password.data, user.password) . But I can login from flask-security built-in login view Here is code to demonstrate the strange behavior of encrypt_password : from flask import Flask, render_template from flask.ext.sqlalchemy import SQLAlchemy from flask.ext.security import Security, SQLAlchemyUserDatastore, \ UserMixin, RoleMixin, login_required from flask.ext.security