mirror of
https://github.com/lightningcell/flask-2fa-auth.git
synced 2026-05-26 07:08:07 +00:00
22c747f14a
- Added `track_login_location` function to monitor user login locations. - Introduced `LoginLocation` model to store login details including IP and geolocation. - Created `LocationApprovalToken` model for managing location approval tokens. - Enhanced OTP verification to include location tracking and alerts for suspicious logins. - Implemented email notifications for suspicious login attempts and location approvals. - Added `login_history` route to display user's login activity. - Updated templates for login history and email notifications. - Configured mail settings and added dependencies for email functionality. - Introduced utility classes for mail and location services.
56 lines
1.6 KiB
Plaintext
56 lines
1.6 KiB
Plaintext
# Flask 2FA Authentication Application Environment Configuration
|
|
# Copy this file to .env and modify the values as needed
|
|
|
|
# Flask Configuration
|
|
FLASK_CONFIG=development
|
|
FLASK_APP=run.py
|
|
FLASK_ENV=development
|
|
|
|
# Security Configuration (CRITICAL: Change these in production!)
|
|
SECRET_KEY=your-secret-key-change-this-in-production-use-secrets-manager-or-random-generator
|
|
|
|
# Database Configuration
|
|
DEV_DATABASE_URL=sqlite:///dev.db
|
|
DATABASE_URL=sqlite:///app.db
|
|
|
|
# Production Database Example (uncomment and modify for production)
|
|
# DATABASE_URL=postgresql://username:password@localhost/flask_2fa_prod
|
|
|
|
# Application Settings
|
|
DEBUG=True
|
|
|
|
# Mail Configuration (for location alerts and notifications)
|
|
MAIL_SERVER=smtp.gmail.com
|
|
MAIL_PORT=587
|
|
MAIL_USE_TLS=true
|
|
MAIL_USERNAME=your-email@gmail.com
|
|
MAIL_PASSWORD=your-app-password
|
|
MAIL_DEFAULT_SENDER=noreply@flask2fa.com
|
|
|
|
# Location Security Settings
|
|
MAX_LOGIN_ATTEMPTS=5
|
|
SUSPICIOUS_LOGIN_THRESHOLD_KM=100
|
|
|
|
# Security Headers (Production only)
|
|
# SESSION_COOKIE_SECURE=True
|
|
# SESSION_COOKIE_HTTPONLY=True
|
|
# SESSION_COOKIE_SAMESITE=Lax
|
|
|
|
# Logging Configuration
|
|
LOG_LEVEL=INFO
|
|
LOG_FILE=app.log
|
|
|
|
# SMTP Configuration (for future email features)
|
|
# MAIL_SERVER=smtp.gmail.com
|
|
# MAIL_PORT=587
|
|
# MAIL_USE_TLS=True
|
|
# MAIL_USERNAME=your-email@gmail.com
|
|
# MAIL_PASSWORD=your-app-password
|
|
|
|
# Development Notes:
|
|
# 1. Never commit the .env file to version control
|
|
# 2. Use strong, randomly generated SECRET_KEY in production
|
|
# 3. Use environment-specific database URLs
|
|
# 4. Enable HTTPS and secure cookies in production
|
|
# 5. Consider using external secret management services
|