flask-paranoid

Simple user session protection

MIT License

Downloads
36.4K
Stars
77
Committers
3
View Code on GitHub View on X
Ecosystems: Python

flask-paranoid

Simple user session protection.

Quick Start

Here is a simple application that uses Flask-Paranoid to protect the user session:

from flask import Flask
from flask_paranoid import Paranoid

app = Flask(__name__)
app.config['SECRET_KEY'] = 'top-secret!'

paranoid = Paranoid(app)
paranoid.redirect_view = '/'

@app.route('/')
def index():
    return render_template('index.html')

When a client connects to this application, a "paranoid" token will be generated according to the IP address and user agent. In all subsequent requests, the token will be recalculated and checked against the one computed for the first request. If the session cookie is stolen and the attacker tries to use it from another location, the generated token will be different, and in that case the extension will clear the session and block the request.

Resources

Package Rankings
Top 6.06% on Pypi.org
Top 8.11% on Proxy.golang.org
Badges
Extracted from project README
Build status codecov
Related Projects
sample-flask-best-practices

Flask Best Practices for Deployment | AppSeed

26 Apr 2022 24
flask-chat

A simple chat in flask

02 Dec 2017 7
flask-login

Flask user session management.

11 Mar 2012 3,501
flaskSaaS

A great starting point to build your SaaS in Flask & Python, with Stripe subscription billing 🚀

13 Feb 2019 622
flask-login-example

A very simple Flask application that demonstrates how to integrate OpenID connect into user sessi...

01 Jul 2018 12
flask-paseto-extended

PASETO (Platform-Agnostic Security Token) for Flask applications.

08 Oct 2021 5
Simple-Flask-Api

Simple Api using flask.

07 Apr 2022 4
codingwiz-dev

A lightweight blog app built with Python and Flask. Source Code from my Python and Flask Web Deve...

30 May 2019 9
Flask-HTTPAuth

Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes

18 May 2013 1,251
pytest-flask

A set of pytest fixtures to test Flask applications

03 Sep 2014 476
flask-security

Quick and simple security for Flask applications

19 Apr 2016 634
flask-example

A minimal web app developed with Flask

01 Jul 2017 107
python_base_app

Framework for Python apps with simple web frontend

02 Mar 2019 2
flask-restless-security

Concise skeleton for development of Flask, Flask-Restless, SQLAlchemy, JWT based REST APIs.

16 Aug 2014 160
flask-social-blueprint

An OAuth based authentication blueprint for flask. Easy to extend and override.

11 Apr 2014 83