Explore Flask

12.5. Summary

  • Use the itsdangerous package to create and validate tokens sent to an email address.
  • You can use these tokens to validate emails when a user creates an account, changes their email or forgets their password.
  • Authenticate users using the Flask-Login extension to avoid dealing with a bunch of session management stuff yourself.
  • Always think about how a malicious user could abuse your app to do things that you didn't intend.