Flask-Principal and Flask-Login (aka Batman and Robin)
As described in the project page (https://pythonhosted.org/Flask-Principal/), Flask-Principal is a permission extension. It manages who can access what and to what extent. You usually should use it with an authentication and session manager, as is the case of Flask-Login, another extension we'll learn in this section.
Flask-Principal handles permissions through four simple entities: Identity, IdentityContext, Need, and Permission.
Identity: This implies the way Flask-Principal identifies a user.
IdentityContext: This implies the context of a user tested against Permission. It is used to verify whether the user has the right to do something. It can be used as a decorator (block unauthorized access) or as a context manager (only execute).
A Need is a criterion you need (aha moment!) to satisfy in order to do something, such as having a role or a permission. There are a few preset needs available with Principal, but you may create your own...
