Skip to main content

Secure and robust input handling with TTY validation and bot protection.

Project description

securify

Secure and robust input handling for Python applications.

securify is a lightweight library designed to make user interactions more secure. Its primary goal is to provide reliable ways to capture sensitive information, like passwords, while enforcing strict security constraints.

Key Features

  • Security First: Enforces interactive terminal (TTY) usage to prevent insecure input processing.
  • Bot Protection: Built-in time delay checks to prevent automated script attacks.
  • Double-Entry Verification: Simple logic to ensure users enter identical passwords.
  • Developer Friendly: Fully type-hinted, 100% test coverage, and clean exception hierarchies.

Installation

pip install .

Quick Start

The core of the library is the PasswordDoubleCheck class. It ensures that a password is typed correctly twice and that the user is actually sitting at a terminal.

from securify.input.password import PasswordDoubleCheck
from securify.input.exceptions import PasswordError

# Initialize with a 1.5-second minimum delay
checker = PasswordDoubleCheck(min_delay=1.5)

try:
    password = checker()
    print("Password successfully verified!")
except PasswordError as e:
    # Handles Mismatch, Speed, or Terminal errors
    print(f"Verification failed: {e}")

Technical Background: Why TTY?

By default, securify rejects input that does not come from a real terminal. This ensures that the tool only processes input from a secure, interactive source.

If the input is provided through a pipe or another non-interactive process, the checker will reject the operation. This prevents the application from being used in insecure workflows where passwords might be handled through unsafe channels.

Development

securify is built with a focus on stability and cross-version compatibility. It is tested against Python 3.11 up to 3.15-alpha.

Running Tests

We use tox to manage environments and pytest for testing:

tox

Building Documentation

The documentation is built with Sphinx:

cd doc
make html

License

LGPLv2 or above.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ftw_securify-0.1.3.tar.gz (36.2 MB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ftw_securify-0.1.3-py3-none-any.whl (7.4 kB view details)

Uploaded Python 3

File details

Details for the file ftw_securify-0.1.3.tar.gz.

File metadata

  • Download URL: ftw_securify-0.1.3.tar.gz
  • Upload date:
  • Size: 36.2 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ftw_securify-0.1.3.tar.gz
Algorithm Hash digest
SHA256 87fc5ac10fbab6843497dca7bcc3b57ff615a5f2b2a570d8a46cee14dd058e2c
MD5 e6cd135b8d317ccd03f5864008fb3f1f
BLAKE2b-256 3eed6c243ada71a42e6461b81e458b53926d4316954f73a15e187574659dda0a

See more details on using hashes here.

Provenance

The following attestation bundles were made for ftw_securify-0.1.3.tar.gz:

Publisher: ci.yml on fitzz-ftw/securify

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ftw_securify-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: ftw_securify-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 7.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for ftw_securify-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 015716e3c45523a6b2b359298b2506481ccbc90a0bb57a11f5ab2bb5800f34d4
MD5 b324af1f34cbab8aa9e452cc2de9ef43
BLAKE2b-256 cfa63fa3c280f045d519c9d294b16f1e3f948c1c96125a5e0b4a39a32c816b76

See more details on using hashes here.

Provenance

The following attestation bundles were made for ftw_securify-0.1.3-py3-none-any.whl:

Publisher: ci.yml on fitzz-ftw/securify

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page