Simple package to protect against CSRF/XSRF attacks

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for nwby from gravatar.com nwby

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Sam Newby
  • Tags csrf , xsrf , security
  • Requires: Python >=3.8, <4.0
Classifiers
Report project as malware

Project description

simple-xsrf

A simple package to create CSRF/XSRF tokens and protect against CSRF/XSRF attacks.

Installation

pip install simple-xsrf

Usage

To use this package you will need a fernet key also known as a secret key. To create a key:

from cryptography.fernet import Fernet

key = Fernet.generate_key()

Make sure to store this key in a secure place like a database so that you can access it later. You will need it to create your tokens and decrypt them

Creating a token:

from simple_xsrf.token import create_xsrf

token = create_xsrf(key)

Checking if a token is valid:

from simple_xsrf.token import is_valid

is_token_valid = is_valid(key, token_from_request, token_from_storage)

You should store your token in a storage layer such as Redis or DynamoDB to be retrived later.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for nwby from gravatar.com nwby

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: Sam Newby
  • Tags csrf , xsrf , security
  • Requires: Python >=3.8, <4.0
Classifiers

Release history Release notifications | RSS feed

This version

0.2.1

0.2.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

simple_xsrf-0.2.1.tar.gz (2.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

simple_xsrf-0.2.1-py3-none-any.whl (2.3 kB view details)

Uploaded Python 3

File details

Details for the file simple_xsrf-0.2.1.tar.gz.

File metadata

  • Download URL: simple_xsrf-0.2.1.tar.gz
  • Upload date:
  • Size: 2.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.2.2 CPython/3.10.5 Darwin/21.5.0

File hashes

Hashes for simple_xsrf-0.2.1.tar.gz
Algorithm Hash digest
SHA256 f45b281d8afa451241e89d5e98e03972b00687b273d8ca4a2921ea5d1a19f191
MD5 a7bf95c2e10052139e315070b0effe03
BLAKE2b-256 6514414ffbc377e61acb8ef5fb8104b4bed2c2bcae7ec1a58fe42a64ec1d7e9f

See more details on using hashes here.

File details

Details for the file simple_xsrf-0.2.1-py3-none-any.whl.

File metadata

  • Download URL: simple_xsrf-0.2.1-py3-none-any.whl
  • Upload date:
  • Size: 2.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.2.2 CPython/3.10.5 Darwin/21.5.0

File hashes

Hashes for simple_xsrf-0.2.1-py3-none-any.whl
Algorithm Hash digest
SHA256 a2565dacb5b7b2e42d2b7429c545cadc0a9df775fec0fed6ce1d24a312efb5d8
MD5 2b010a6b8f745309638c10c2360dd981
BLAKE2b-256 14af3a064b00d27abd2977b991d061822582e2c26bb98db731fcbc70750ae5f1

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page