Project description

flask-paranoid

Simple user session protection.

Quick Start

Here is a simple application that uses Flask-Paranoid to protect the user session:

from flask import Flask
from flask_paranoid import Paranoid

app = Flask(__name__)
app.config['SECRET_KEY'] = 'top-secret!'

paranoid = Paranoid(app)
paranoid.redirect_view = '/'

@app.route('/')
def index():
    return render_template('index.html')

When a client connects to this application, a "paranoid" token will be generated according to the IP address and user agent. In all subsequent requests, the token will be recalculated and checked against the one computed for the first request. If the session cookie is stolen and the attacker tries to use it from another location, the generated token will be different, and in that case the extension will clear the session and block the request.

Resources

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

0.3.0

Apr 2, 2022

0.2.0

Nov 17, 2017

0.1.0

Jul 2, 2017

0.0.1

Nov 17, 2017

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-Paranoid-0.3.0.tar.gz (4.3 kB view hashes)

Uploaded Apr 2, 2022 Source

Built Distribution

Flask_Paranoid-0.3.0-py3-none-any.whl (4.5 kB view hashes)

Uploaded Apr 2, 2022 Python 3

Hashes for Flask-Paranoid-0.3.0.tar.gz

Hashes for Flask-Paranoid-0.3.0.tar.gz
Algorithm	Hash digest
SHA256	`46c049ba701b25f1ccf3988164e1bfb12320ab55f1de66384b012f7767bb8058`
MD5	`a7a112907060e722fb783fe1107c85e3`
BLAKE2b-256	`f0038e4eb2d4e3ffdd436a71f273dc6443c30766b55194a009264ee6eb2c5fde`

Hashes for Flask_Paranoid-0.3.0-py3-none-any.whl

Hashes for Flask_Paranoid-0.3.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`8cb48aadfbee5aefe8a75e7436f3a31e426a170a893f022a50e7e4f569ad0850`
MD5	`ae7d469133757255ff47212a4cb92ec0`
BLAKE2b-256	`f3d73c054c416a575bc1775ef506fddd0faef4af734a8047d815c7cbb600eb5a`