Modules¶
Filter access to Flask web applications based on originating IP address.
This package contains a minimum viable implementation of a whitelist filter appropriate for restricting access to Heroku-hosted application based on the requestor’s IP address.
This package trusts the last IP address in the X-Forwarded-For header and is therefore appropriate only for applications that are running behind a trusted load balancer.
ipfilter¶
Restrict access to Flask applications by requestor IP address.
-
class
flask_ipfilter.ipfilter.
IPFilter
(flask_app=None, ruleset=None)¶ Bases:
object
An IP address filter for Flask applications.
-
init_app
(flask_app)¶ Connect the whitelist filter to a Flask application.
This is called in the
__init__()
function if the app parameter is passed at that time, but can be called later in order to allow a whitelist to be set up before the Flask app is created.- Parameters
app – Required reference to the Flask application to which we will apply the filter.
-
whitelist¶
IPFilter Whitelist.
-
class
flask_ipfilter.whitelist.
Whitelist
¶ Bases:
object
A ruleset that denies requests by default.
Hosts and networks will be allowed only if they have been explicitly permitted with the
permit()
function.-
evaluate
(ip_address)¶ Determine whether an IP address is allowed.
- Parameters
ip_address – The IP address to check. This must be something that
ipaddress
can convert into anip_address
.- Returns
True if access should be allowed and False otherwise.
-
permit
(ip_address)¶ Add a new host or network to the whitelist.
- Parameters
ip_address – The IP address to allow. The address parameter accepts anything that the
ipaddress
module can take as a parameter toip_address
orip_network
.
-
blacklist¶
IPFilter Whitelist.
-
class
flask_ipfilter.blacklist.
Blacklist
¶ Bases:
object
A ruleset that allows requests by default.
Hosts and networks will be denied only if they have been explicitly permitted with the
deny()
function.-
deny
(ip_address)¶ Add a new host or network to the blacklist.
- Parameters
ip_address – The IP address to deny. The address parameter accepts anything that the
ipaddress
module can take as a parameter toip_address
orip_network
.
-
evaluate
(ip_address)¶ Determine whether an IP address is allowed.
- Parameters
ip_address – The IP address to check. This must be something that
ipaddress
can convert into anip_address
.- Returns
True if access should be allowed and False otherwise.
-
callback¶
IPFilter Whitelist.
-
class
flask_ipfilter.callback.
Callback
(callback)¶ Bases:
object
A ruleset that allows requests by default.
Hosts and networks will be denied only if they have been explicitly permitted with the
deny()
function.-
evaluate
(ip_address)¶ Determine whether an IP address is allowed.
- Parameters
ip_address – The IP address to check. This must be something that
ipaddress
can convert into anip_address
.- Returns
True if access should be allowed and False otherwise.
-
update
(callback)¶ Update the callback function.
-