Simple user session protection
Project description
flask-paranoid
Simple user session protection.
Quick Start
Here is a simple application that uses Flask-Paranoid to protect the user session:
from flask import Flask
from flask_paranoid import Paranoid
app = Flask(__name__)
app.config['SECRET_KEY'] = 'top-secret!'
paranoid = Paranoid(app)
paranoid.redirect_view = '/'
@app.route('/')
def index():
return render_template('index.html')
When a client connects to this application, a "paranoid" token will be generated according to the IP address and user agent. In all subsequent requests, the token will be recalculated and checked against the one computed for the first request. If the session cookie is stolen and the attacker tries to use it from another location, the generated token will be different, and in that case the extension will clear the session and block the request.
Resources
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Flask-Paranoid-0.3.0.tar.gz
(4.3 kB
view hashes)
Built Distribution
Close
Hashes for Flask_Paranoid-0.3.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8cb48aadfbee5aefe8a75e7436f3a31e426a170a893f022a50e7e4f569ad0850 |
|
MD5 | ae7d469133757255ff47212a4cb92ec0 |
|
BLAKE2b-256 | f3d73c054c416a575bc1775ef506fddd0faef4af734a8047d815c7cbb600eb5a |