Use an API key model of authentication

[artgoldberg]

The system I'm building requires an API key authentication model.
This means that a login succeeds if and only if the password (which we call an API key) is contained in a set of valid API keys.
We can ask users to provide an id (email), but it's not used for authentication.

How should flask-login be used to achieve this?

Thanks
Arthur

[davidism]

Flask-Login doesn't dictate how your authentication scheme works. You validate credentials however you need to, then call login_user. If you mean instead that you expect users to send a key as a header with each request, then you would use request_loader instead of user_loader to then load the appropriate user object.