Open danaki opened 6 years ago
I downgraded to 1.7, second problem disappeared. I understand that SECURITY_REGISTERABLE disables the endpoint, but how do I disable signup completely? In my project only admin is allowed to create users.
This would be private registration (allowing only x role to register users) which the current project does not support. I have this in my project but I am using a highly modified version of v1.7. Its not that difficult to implement but at this time you would need to write the code yourself to allow only admins or w/e role to be able to do this. Setting SECURITY_REGISTERABLE = False should disable the user registration however within the application. To do it manually (but still within the a web application context) you could use Flask Admin which gives you an admin page to do this if you would like to do it that way.
Flask security is
pip freeze
To reproduce:
And another problem is that after password reset, user is redirected to /login which produces "Resource doesn't exist." in my case. Seems it does not respect SECURITY_URL_PREFIX setting.