Simple user session protection

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for miguelgrinberg from gravatar.com miguelgrinberg

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

flask-paranoid

Build status codecov

Simple user session protection.

Quick Start

Here is a simple application that uses Flask-Paranoid to protect the user session:

from flask import Flask
from flask_paranoid import Paranoid

app = Flask(__name__)
app.config['SECRET_KEY'] = 'top-secret!'

paranoid = Paranoid(app)
paranoid.redirect_view = '/'

@app.route('/')
def index():
    return render_template('index.html')

When a client connects to this application, a "paranoid" token will be generated according to the IP address and user agent. In all subsequent requests, the token will be recalculated and checked against the one computed for the first request. If the session cookie is stolen and the attacker tries to use it from another location, the generated token will be different, and in that case the extension will clear the session and block the request.

Resources

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for miguelgrinberg from gravatar.com miguelgrinberg

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.3.0

0.2.0

0.1.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-Paranoid-0.3.0.tar.gz (4.3 kB view details)

Uploaded Source

Built Distribution

Flask_Paranoid-0.3.0-py3-none-any.whl (4.5 kB view details)

Uploaded Python 3

File details

Details for the file Flask-Paranoid-0.3.0.tar.gz.

File metadata

  • Download URL: Flask-Paranoid-0.3.0.tar.gz
  • Upload date:
  • Size: 4.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.0 CPython/3.9.10

File hashes

Hashes for Flask-Paranoid-0.3.0.tar.gz
Algorithm Hash digest
SHA256 46c049ba701b25f1ccf3988164e1bfb12320ab55f1de66384b012f7767bb8058
MD5 a7a112907060e722fb783fe1107c85e3
BLAKE2b-256 f0038e4eb2d4e3ffdd436a71f273dc6443c30766b55194a009264ee6eb2c5fde

See more details on using hashes here.

File details

Details for the file Flask_Paranoid-0.3.0-py3-none-any.whl.

File metadata

File hashes

Hashes for Flask_Paranoid-0.3.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8cb48aadfbee5aefe8a75e7436f3a31e426a170a893f022a50e7e4f569ad0850
MD5 ae7d469133757255ff47212a4cb92ec0
BLAKE2b-256 f3d73c054c416a575bc1775ef506fddd0faef4af734a8047d815c7cbb600eb5a

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page