bump app to latest version of python and flask and update dependencies

Author: solnsumei

.gitignore

@@ -1,11 +1,16 @@
 venv/
 idea/
 .idea
+.venv
+.code
+vscode
+.vscode
 .env
 .DS_Store
 .__pycache__/
 __pycache__/
 tests/__pycache__/
 .pytest_cache/
 migrations/
-**.db
+**.db
+instance

README.md

@@ -14,26 +14,28 @@ Initial scaffolding for a flask rest API development. Starter template for build
 
 This App was developed with the following stack:
 
-- Python
-- Flask
-- Flask-restful
-- Postgres DB
+- Python==3.12
+- Flask==3.10
+- Flask-restful==0.3.10
+- Flask-Script==2.0.6
+- Flask-SQLAlchemy==3.1.1
+- Postgres DB / SQlite
 - Gunicorn Web Server
 
 ## Requirements
-- Python 3.6+
+- Python 3.12+
 - Python pip
-- Postgres SQL
+- Postgres / SQlite
 
 ## Installation
 - fork this repository
 - create a .env file as shown in the env_example file
 - setup your database 
 - on the terminal cd into the app folder 
 - run `pip install -r requirements.txt` to install required modules
-- run `python manage.py db init ` to setup alembic migrations
-- run `python manage.py db migrate -m='<your migration message>'` to create migration files
-- then run `python manage.py db upgrade` to create tables
+- run `flask --app manage db init ` to setup alembic migrations
+- run `flask --app manage db migrate -m='<your migration message>'` to create migration files
+- then run `flask --app python manage db upgrade` to create tables
 
 ## Running the App
 - on the terminal run `gunicorn main:app`
@@ -48,5 +50,13 @@ This App was developed with the following stack:
 - You can modify the app to suit your need.
 - Happy usage.
 
+## Update Information
+- Flask-JWT has been replaced with Flask-JWT-extended
+- Flask-Scripts and dependencies removed.
+- Future versions may use Pydantic instead of Marshmallow
+
+## Contributions
+- Contributors are needed to keep developing this template with updates to its dependencies. You can reach me on my email.
+
 ## Credits
 solnsumei@gmail.com

config.py

@@ -1,9 +1,8 @@
 import os
-from os.path import join, dirname
 from dotenv import load_dotenv
 
-dotenv_path = join(dirname(__file__), '.env')
-load_dotenv(dotenv_path)
+load_dotenv()
+
 
 app_environment = os.environ.get('FLASK_ENV')
 JWT_AUTH_URL_RULE = '/api/v1/login'

main.py

@@ -1,8 +1,6 @@
-import os
 from flask import Flask, Blueprint
 from flask_restful import Api
-from flask_jwt import JWT
-from src.utils.security import authenticate, identity
+from flask_jwt_extended import JWTManager
 from src.models.basemodel import db
 
 
@@ -30,8 +28,6 @@ def create_app():
 
     flask_app.register_blueprint(admin_bp, url_prefix="/api/v1/admin")
 
-    JWT(flask_app, authenticate, identity)  # /auth
-
     @flask_app.route('/')
     def index():
         return 'Welcome to Flask Rest API Setup!'
@@ -42,6 +38,7 @@ def index():
 
 
 app = create_app()
+jwt = JWTManager(app)
 
 
 if __name__ == "__main__":

manage.py

@@ -1,11 +1,9 @@
 import importlib
 import os
-from flask_script import Manager
-from flask_migrate import Migrate, MigrateCommand
+from flask_migrate import Migrate
 from src.models.basemodel import db
 from main import create_app
 
-
 app = create_app()
 
 
@@ -24,9 +22,6 @@ def scan_models():
 
 migrate = Migrate(app, db)
 
-manager = Manager(app)
-manager.add_command('db', MigrateCommand)
-
-if __name__ == '__main__':
+if __name__ == "__main__":
     scan_models()
-    manager.run()
+

requirements.txt

@@ -1,44 +1,45 @@
-alembic==1.4.3
-aniso8601==8.0.0
-attrs==20.2.0
-bcrypt==3.2.0
-cffi==1.14.3
-click==7.1.2
-dnspython==1.16.0
-eventlet==0.31.0
-Flask==1.1.2
-Flask-JWT==0.3.2
-Flask-Migrate==2.5.3
-Flask-RESTful==0.3.8
+alembic==1.14.1
+aniso8601==10.0.0
+attrs==25.1.0
+bcrypt==4.2.1
+blinker==1.9.0
+cffi==1.17.1
+click==8.1.8
+dnspython==2.7.0
+eventlet==0.39.0
+Flask==3.1.0
+Flask-JWT-Extended==4.7.1
+Flask-Migrate==4.1.0
+Flask-RESTful==0.3.10
 Flask-Script==2.0.6
-Flask-SQLAlchemy==2.4.4
-greenlet==0.4.17
-gunicorn==20.0.4
-iniconfig==1.0.1
-itsdangerous==1.1.0
-Jinja2==2.11.3
-Mako==1.2.2
-MarkupSafe==1.1.1
-marshmallow==3.8.0
-monotonic==1.5
-packaging==20.4
-passlib==1.7.2
-pluggy==0.13.1
-psycopg2-binary==2.8.6
-py==1.10.0
-pycparser==2.20
-PyJWT==1.4.2
-pyparsing==2.4.7
-pytest==6.1.0
-python-dateutil==2.8.1
-python-dotenv==0.14.0
+Flask-SQLAlchemy==3.1.1
+greenlet==3.1.1
+gunicorn==23.0.0
+iniconfig==2.0.0
+itsdangerous==2.2.0
+Jinja2==3.1.5
+Mako==1.3.9
+MarkupSafe==3.0.2
+marshmallow==3.26.1
+monotonic==1.6
+packaging==24.2
+passlib==1.7.4
+pluggy==1.5.0
+psycopg2-binary==2.9.10
+pycparser==2.22
+PyJWT==2.10.1
+pyparsing==3.2.1
+pytest==8.3.4
+python-dateutil==2.9.0.post0
+python-dotenv==1.0.1
 python-editor==1.0.4
-python-slugify==4.0.1
-pytz==2020.1
-six==1.15.0
-SQLAlchemy==1.3.19
+python-slugify==8.0.4
+pytz==2025.1
+six==1.17.0
+SQLAlchemy==2.0.38
 text-unidecode==1.3
-toml==0.10.1
-urllib3==1.26.5
-webargs==6.1.1
-Werkzeug==1.0.1
+toml==0.10.2
+typing_extensions==4.12.2
+urllib3==2.3.0
+webargs==8.6.0
+Werkzeug==3.1.3

src/api/resources/auth.py

@@ -1,5 +1,5 @@
 from flask_restful import Resource
-from werkzeug.security import safe_str_cmp
+from hmac import compare_digest
 from src.models.user import UserModel
 from src.models.schemas.user import UserSchema, user_summary
 
@@ -11,7 +11,7 @@ class Register(Resource):
     @UserSchema.validate_fields(location=('json',))
     def post(args):
 
-        if not safe_str_cmp(args['password'], args['password_confirmation']):
+        if not compare_digest(args['password'], args['password_confirmation']):
             return {
                 'success': False,
                 'errors': {
@@ -43,4 +43,3 @@ def post(args):
             'success': True,
             'user': user_summary.dump(user).data
         }, 201
-

src/middlewares/admin.py

@@ -1,12 +1,12 @@
 from functools import wraps
-from flask_jwt import current_identity
+from flask_jwt_extended import current_user
 
 
 def admin_required():
     def decorator(f):
         @wraps(f)
         def decorated_function(*args, **kwargs):
-            if not current_identity.is_admin:
+            if not current_user.is_admin:
                 return {"error": "Unauthorized user"}, 403
             return f(*args, **kwargs)
         return decorated_function

src/utils/security.py

@@ -1,4 +1,5 @@
 from src.models.user import UserModel
+from main import jwt
 
 
 def authenticate(email, password):
@@ -7,6 +8,12 @@ def authenticate(email, password):
         return user
 
 
-def identity(payload):
-    user_id = payload['identity']
+@jwt.user_identity_loader
+def user_identity_lookup(user):
+    return user.id
+
+
+@jwt.user_lookup_loader
+def identity(_jwt_header, jwt_data):
+    user_id = jwt_data['sub']
     return UserModel.find_by_id(user_id)