UserManager Settings¶
Below is a complete list of configurable Flask-User settings.
| The UserManager__Settings class mixes into the UserManager class.
| Mixins allow for maintaining code and docs across several files.
-
class
UserManager__Settings
¶ Flask-User settings and their defaults.
Feature settings
-
USER_ENABLE_EMAIL
= True¶ - Allow users to login and register with an email address
-
USER_ENABLE_MULTIPLE_EMAILS
= False¶ - Allow users to associate multiple email addresses with one user account.Depends on USER_ENABLE_EMAIL=True
-
USER_ENABLE_USERNAME
= True¶ - Allow users to login and register with a username
-
USER_ENABLE_CHANGE_USERNAME
= True¶ - Allow users to change their username.Depends on USER_ENABLE_USERNAME=True.
-
USER_ENABLE_CHANGE_PASSWORD
= True¶ - Allow users to change their password.
-
USER_ENABLE_CONFIRM_EMAIL
= True¶ - Enable email confirmation emails to be sent.Depends on USER_ENABLE_EMAIL=True.
-
USER_ENABLE_FORGOT_PASSWORD
= True¶ - Allow users to reset their passwords.Depends on USER_ENABLE_EMAIL=True.
-
USER_ENABLE_INVITE_USER
= False¶ - Allow unregistered users to be invited.
-
USER_ENABLE_REGISTER
= True¶ - Allow unregistered users to register.
-
USER_ENABLE_REMEMBER_ME
= True¶ - Remember user sessions across browser restarts.
Generic settings and their defaults
-
USER_APP_NAME
= 'USER_APP_NAME'¶ The application name displayed in email templates and page template footers.
-
USER_AUTO_LOGIN
= True¶ Automatic sign-in if the user session has not expired.
-
USER_AUTO_LOGIN_AFTER_CONFIRM
= True¶ Automatic sign-in after a user confirms their email address.
-
USER_AUTO_LOGIN_AFTER_REGISTER
= True¶ Automatic sign-in after a user registers.
-
USER_AUTO_LOGIN_AFTER_RESET_PASSWORD
= True¶ Automatic sign-in after a user resets their password.
-
USER_AUTO_LOGIN_AT_LOGIN
= True¶ Automatic sign-in at the login form (if the user session has not expired).
-
USER_EMAIL_SENDER_EMAIL
= ''¶ - Sender’s email address, used by the EmailAdapters.Required for sending emails.Derived from MAIL_DEFAULT_SENDER or DEFAULT_MAIL_SENDER when specified.
-
USER_EMAIL_SENDER_NAME
= ''¶ - Sender’s name, user by the EmailAdapters.Optional. Defaults to USER_APP_NAME setting.
-
USER_IFIND_MODE
= 'ifind'¶ - The way Flask-User handles case insensitive searches.Valid options are:- ‘ifind’ (default): Use the case insensitive ifind_first_object()- ‘nocase_collation’: username and email fields must be configuredwith an case insensitve collation (collation=’NOCASE’ in SQLAlchemy)so that a regular find_first_object() can be performed.
-
USER_SEND_PASSWORD_CHANGED_EMAIL
= True¶ - Send notification email after a password change.Depends on USER_ENABLE_EMAIL=True.
-
USER_SEND_REGISTERED_EMAIL
= True¶ - Send notification email after a registration.Depends on USER_ENABLE_EMAIL=True.
-
USER_SEND_USERNAME_CHANGED_EMAIL
= True¶ - Send notification email after a username change.Depends on USER_ENABLE_EMAIL=True.
-
USER_REQUIRE_INVITATION
= False¶ - Only invited users may register.Depends on USER_ENABLE_EMAIL=True.
-
USER_ALLOW_LOGIN_WITHOUT_CONFIRMED_EMAIL
= False¶ - Ensure that users can login only with a confirmed email address.Depends on USER_ENABLE_EMAIL=True.
This setting works in tandem with the
@allow_unconfirmed_emails
view decorator to allow users without confirmed email addresses to access certain views.Caution
UseUSER_ALLOW_LOGIN_WITHOUT_CONFIRMED_EMAIL=True
and@allow_unconfirmed_email
with caution, as they relax security requirements.Make sure that decorated views never call other views directly. Allways seredirect()
to ensure proper view protection.
-
USER_REQUIRE_RETYPE_PASSWORD
= True¶ - Require users to retype their password.Affects registration, change password and reset password forms.
-
USER_SHOW_EMAIL_DOES_NOT_EXIST
= False¶ - Show ‘Email does not exist’ message instead of ‘Incorrect Email or password’.Depends on USER_ENABLE_EMAIL=True.
-
USER_SHOW_USERNAME_DOES_NOT_EXIST
= False¶ - Show ‘Username does not exist’ message instead of ‘Incorrect Username or password’.Depends on USER_ENABLE_USERNAME=True.
-
USER_CONFIRM_EMAIL_EXPIRATION
= 172800¶ - Email confirmation token expiration in seconds.Default is 2 days (2*24*3600 seconds).
-
USER_INVITE_EXPIRATION
= 7776000¶ - Invitation token expiration in seconds.Default is 90 days (90*24*3600 seconds).
-
USER_RESET_PASSWORD_EXPIRATION
= 172800¶ - Reset password token expiration in seconds.Default is 2 days (2*24*3600 seconds).
-
USER_USER_SESSION_EXPIRATION
= 3600¶ - User session token expiration in seconds.Default is 1 hour (1*3600 seconds).
Password hash settings
-
USER_PASSLIB_CRYPTCONTEXT_SCHEMES
= ['bcrypt']¶ - List of accepted password hashes.See Passlib CryptContext docs on Constructor Keyword `’schemes’`` <http://passlib.readthedocs.io/en/stable/lib/passlib.context.html?highlight=cryptcontext#constructor-keywords>`_Example:
['bcrypt', 'argon2']
Creates new hashes with ‘bcrypt’ and verifies existing hashes with ‘bcrypt’ and ‘argon2’.
-
USER_PASSLIB_CRYPTCONTEXT_KEYWORDS
= {}¶ - Dictionary of CryptContext keywords and hash options.Example:
dict(bcrypt__rounds=12, argon2__time_cost=2, argon2__memory_cost=512)
-
USER_CHANGE_PASSWORD_URL
= '/user/change-password'¶
-
USER_CHANGE_USERNAME_URL
= '/user/change-username'¶
-
USER_CONFIRM_EMAIL_URL
= '/user/confirm-email/<token>'¶
-
USER_EDIT_USER_PROFILE_URL
= '/user/edit_user_profile'¶
-
USER_EMAIL_ACTION_URL
= '/user/email/<id>/<action>'¶
-
USER_FORGOT_PASSWORD_URL
= '/user/forgot-password'¶
-
USER_INVITE_USER_URL
= '/user/invite'¶
-
USER_LOGIN_URL
= '/user/sign-in'¶
-
USER_LOGOUT_URL
= '/user/sign-out'¶
-
USER_MANAGE_EMAILS_URL
= '/user/manage-emails'¶
-
USER_REGISTER_URL
= '/user/register'¶
-
USER_RESEND_EMAIL_CONFIRMATION_URL
= '/user/resend-email-confirmation'¶
-
USER_RESET_PASSWORD_URL
= '/user/reset-password/<token>'¶ Template file settings
-
USER_CHANGE_PASSWORD_TEMPLATE
= 'flask_user/change_password.html'¶
-
USER_CHANGE_USERNAME_TEMPLATE
= 'flask_user/change_username.html'¶
-
USER_EDIT_USER_PROFILE_TEMPLATE
= 'flask_user/edit_user_profile.html'¶
-
USER_FORGOT_PASSWORD_TEMPLATE
= 'flask_user/forgot_password.html'¶
-
USER_INVITE_USER_TEMPLATE
= 'flask_user/invite_user.html'¶
-
USER_LOGIN_TEMPLATE
= 'flask_user/login.html'¶
-
USER_LOGIN_AUTH0_TEMPLATE
= 'flask_user/login_auth0.html'¶
-
USER_MANAGE_EMAILS_TEMPLATE
= 'flask_user/manage_emails.html'¶
-
USER_REGISTER_TEMPLATE
= 'flask_user/register.html'¶
-
USER_RESEND_CONFIRM_EMAIL_TEMPLATE
= 'flask_user/resend_confirm_email.html'¶
-
USER_RESET_PASSWORD_TEMPLATE
= 'flask_user/reset_password.html'¶ Email template file settings
-
USER_CONFIRM_EMAIL_TEMPLATE
= 'flask_user/emails/confirm_email'¶
-
USER_INVITE_USER_EMAIL_TEMPLATE
= 'flask_user/emails/invite_user'¶
-
USER_PASSWORD_CHANGED_EMAIL_TEMPLATE
= 'flask_user/emails/password_changed'¶
-
USER_REGISTERED_EMAIL_TEMPLATE
= 'flask_user/emails/registered'¶
-
USER_RESET_PASSWORD_EMAIL_TEMPLATE
= 'flask_user/emails/reset_password'¶
-
USER_USERNAME_CHANGED_EMAIL_TEMPLATE
= 'flask_user/emails/username_changed'¶ FLask endpoint settings
-
USER_AFTER_CHANGE_PASSWORD_ENDPOINT
= ''¶
-
USER_AFTER_CHANGE_USERNAME_ENDPOINT
= ''¶
-
USER_AFTER_CONFIRM_ENDPOINT
= ''¶
-
USER_AFTER_EDIT_USER_PROFILE_ENDPOINT
= ''¶
-
USER_AFTER_FORGOT_PASSWORD_ENDPOINT
= ''¶
-
USER_AFTER_LOGIN_ENDPOINT
= ''¶
-
USER_AFTER_LOGOUT_ENDPOINT
= ''¶
-
USER_AFTER_REGISTER_ENDPOINT
= ''¶
-
USER_AFTER_RESEND_EMAIL_CONFIRMATION_ENDPOINT
= ''¶
-
USER_AFTER_RESET_PASSWORD_ENDPOINT
= ''¶
-
USER_AFTER_INVITE_ENDPOINT
= ''¶
-
USER_UNAUTHENTICATED_ENDPOINT
= 'user.login'¶
-
USER_UNAUTHORIZED_ENDPOINT
= ''¶
-