Add support for user impersonation #1100
Description
The basic idea for the impersonation feature is to allow administrators to temporarily log in as another user to troubleshoot issues, provide support, or verify functionality from the user's perspective without knowing their password.
Without impersonation, administrators must either:
- Ask for the user's credentials (a security risk)
- Reset the user's password (disruptive)
- Try to recreate issues without the exact context (inefficient)
I feel like this feature goes well into the core flask-security;
- Cannot be properly implemented as an extension without modifying core authentication logic
- Is a standard security-related administrative function in (at least enterprise) applications
- Complements the existing authentication and authorization features
- Requires integration with the core session/authentication mechanisms to function properly
From what I see in the code right now, implementation would include:
- endpoint to start impersonation of a specific user
- endpoint to end impersonation and return to the original user
- helper functions to check if impersonation is active
- security controls to restrict impersonation to authorized roles
- audit logging of impersonation activities (introducing new signals)
- support for both session auth as well as auth tokens (as mentioned in #pallets-eco thread)
new configuration settings could be:
"IMPERSONATION_ENABLED": True
"IMPERSONATION_URL": "/impersonate"
"IMPERSONATION_EXIT_URL": "/impersonate-exit"
"IMPERSONATION_REQUIRED_ROLE": "admin"
"IMPERSONATION_TEMPLATE": "security/impersonate.html"