GitHub/flask-2fa-auth
1
0
Fork 0
mirror of https://github.com/lightningcell/flask-2fa-auth.git synced 2026-05-26 15:13:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
0d8fc250010c9ae1cd2224d691a7cf7bd41e2fc9
flask-2fa-auth/app/__init__.py
Hamit Şimşek 22c747f14a Implement location tracking and suspicious login detection 
- Added `track_login_location` function to monitor user login locations.
- Introduced `LoginLocation` model to store login details including IP and geolocation.
- Created `LocationApprovalToken` model for managing location approval tokens.
- Enhanced OTP verification to include location tracking and alerts for suspicious logins.
- Implemented email notifications for suspicious login attempts and location approvals.
- Added `login_history` route to display user's login activity.
- Updated templates for login history and email notifications.
- Configured mail settings and added dependencies for email functionality.
- Introduced utility classes for mail and location services.
2025-05-30 00:34:17 +03:00

75 lines
2.3 KiB
Python
Raw Blame History

from flask import Flask
from flask_sqlalchemy import SQLAlchemy
from flask_migrate import Migrate
from flask_login import LoginManager
from flask_wtf.csrf import CSRFProtect
from flask_mail import Mail
from config import config
# Initialize extensions
db = SQLAlchemy()
migrate = Migrate()
login_manager = LoginManager()
csrf = CSRFProtect()
mail = Mail()
def create_app(config_name='default'):
"""
Application factory pattern for creating Flask app instances.
Security considerations:
- CSRF protection enabled globally
- Secure session configuration
- Login manager with proper security settings
"""
app = Flask(__name__)
app.config.from_object(config[config_name])
# Initialize extensions with app
db.init_app(app)
migrate.init_app(app, db)
csrf.init_app(app)
mail.init_app(app)
# Configure Flask-Login for security
login_manager.init_app(app)
login_manager.login_view = 'auth.login'
login_manager.login_message = 'Please log in to access this page.'
login_manager.login_message_category = 'info'
login_manager.session_protection = 'strong' # Enhanced session protection
# Initialize mail service
from app.utils.mail import mail_service
mail_service.init_app(app, mail)
@login_manager.user_loader
def load_user(user_id):
"""
User loader function for Flask-Login.
Uses parameterized query to prevent SQL injection.
"""
from app.models import User
return User.query.get(int(user_id))
# Register blueprints
from app.auth import bp as auth_bp
app.register_blueprint(auth_bp, url_prefix='/auth')
from app.main import bp as main_bp
app.register_blueprint(main_bp)
# Security headers middleware
@app.after_request
def security_headers(response):
"""Add security headers to all responses."""
response.headers['X-Content-Type-Options'] = 'nosniff'
response.headers['X-Frame-Options'] = 'DENY'
response.headers['X-XSS-Protection'] = '1; mode=block'
response.headers['Strict-Transport-Security'] = 'max-age=31536000; includeSubDomains'
return response
return app
# Import models to ensure they are registered with SQLAlchemy
from app import models
Reference in New Issue View Git Blame Copy Permalink