mbkauthepy is a fully featured, secure, and extensible authentication system for Python Flask applications.
Ported from the Node.js version to provide seamless multi-language support for full-stack apps.
Current Version:
1.6.8(Python) - Recommended for compatibility withmbkauthe(JavaScript)1.3.1
Note: This project is actively maintained. We welcome contributions and feedback to improve its features and stability.
- β¨ Features
- π§ Multi-language Support
- π¦ Installation
- π Quickstart
- βοΈ Configuration (.env)
- 𧩠Middleware & Decorators
- π§ͺ API Endpoints
- ποΈ Database Schema
- π Security Notes
- π License
- π Contact & Support
- π€ Contributing
| Feature | Description |
|---|---|
| π§ Multi-language Support | Use in both Python (mbkauthe) and JavaScript (mbkauthe via npm) |
| π Secure Auth | Session-based authentication with secure cookies and optional 2FA |
| π§βπ€βπ§ Role-based Access | Decorators for validating roles and permissions on protected routes |
| π 2FA Support | Time-based One-Time Password (TOTP) with pyotp |
| π reCAPTCHA v2 Support | Protect login routes with Google reCAPTCHA |
| πͺ Cookie Management | Secure session cookies with custom expiration, domain, etc. |
| π PostgreSQL Integration | Optimized with connection pooling via psycopg2 |
| π Password Security | Bcrypt hash support (or optional plaintext in dev/test mode) |
| π§ Profile Data Access | Built-in helper to fetch user profile details from DB |
This package is designed to work seamlessly with both Python and JavaScript applications.
- The JavaScript version is available on npm as
mbkauthe. - The Python version is available on PyPI as
mbkauthepy.
- Python Version: mbkauthepy GitHub
- JavaScript Version: mbkauthe GitHub
-
Maaz Waheed (Python Version)
- GitHub: @42Wor
- Email: [email protected] / [email protected]
-
Muhammad Bin Khalid (JavaScript Version)
- GitHub: @MIbnEKhalid
- For questions or contributions:
- Support Page: mbktechstudio.com/Support
- Email: [email protected] / [email protected]
We welcome issues and pull requests! Feel free to contribute or ask any questions.
Note: This project is developed and maintained by Maaz Waheed and Muhammad Bin Khalid.
python -m venv venv
source venv/bin/activate # Linux/macOS
# .\venv\Scripts\activate # Windowspip install -r requirements.txtpip install mbkauthepyfrom flask import Flask, render_template, session
from dotenv import load_dotenv
from mbkauthepy import configure_mbkauthe, validate_session
load_dotenv()
app = Flask(__name__)
app.config['SECRET_KEY'] = 'your-secret-key'
configure_mbkauthe(app)
@app.route('/')
def home():
return render_template('index.html')
@app.route('/dashboard')
@validate_session
def dashboard():
user = session['user']
return f"Welcome {user['username']}!"
if __name__ == '__main__':
app.run(debug=True)FLASK_SECRET_KEY=my-flask-secret
mbkautheVar='{
"APP_NAME": "MBKAUTH_PYTHON_DEMO",
"IS_DEPLOYED": "false",
"LOGIN_DB": "postgresql://username:password@host:port/database",
"MBKAUTH_TWO_FA_ENABLE": "false",
"COOKIE_EXPIRE_TIME": "2", # In days
"DOMAIN": "mbktechstudio.com", # Use your actual domain in production
"Main_SECRET_TOKEN": "your-secret-token-for-terminate-api", # Added for terminateAllSessions auth
"loginRedirectURL": "/",
"EncryptedPassword": "False"
}'β
You can override behavior by editing this JSON string directly in .env.
| Decorator | Purpose |
|---|---|
@validate_session |
Ensures valid session is active |
@check_role_permission("Role") |
Checks if user has required role |
@validate_session_and_role("Role") |
Shortcut for validating both |
@authenticate_token |
Verifies request via API token header |
@authapi(required_role=None) |
Decorator for API authentication with optional role enforcement |
| Example: |
from src.mbkauthe import validate_session, check_role_permission, validate_session_and_role, authenticate_token
@app.route('/admin')
@validate_session_and_role("SuperAdmin")
def admin_panel():
return "Welcome to the admin panel"
@app.route('/dashboard')
@validate_session
def dashboard():
user = session['user']
return f"Welcome {user['username']}"
@app.route('/secured-admin')
@validate_session_and_role("SuperAdmin")
def secured_admin():
return "Secured Area"
@app.route('/terminate-sessions')
@authenticate_token
def terminate_sessions():
return {"success": True}
# Example of fetching user data
data = get_user_data("johndoe", ["FullName", "email"])These are available by default after calling configure_mbkauthe(app):
| Method | Endpoint | function | Description |
|---|---|---|---|
| POST | /mbkauthe/api/login |
mbkauthe.login() |
Authenticate and create session |
| GET | /mbkauthe/api/logout |
mbkauthe.logout() |
Terminate current session |
| POST | /mbkauthe/api/terminateAllSessions |
mbkauthe.terminate_all_sessions() |
Clears all sessions (admin only) |
| GET | /mbkauthe/i or /mbkauthe/info |
mbkauthe.mbkauthe_info() |
Current package version or metadata from the installed package |
| GET | mbkauthe.login_page() |
/mbkauthe/login |
login page in package |
| GET | /mbkauthe/2fa |
mbkauthe.two_fa_page() |
2FA verification page |
| POST | /mbkauthe/api/verify-2fa |
mbkauthe.verify_2fa() |
Verify 2FA code |
π See docs/db.md for schema & setup scripts.
- π Set
EncryptedPassword: "true"for production use. - β
Always use long random
SESSION_SECRET_KEY. - π Use HTTPS in deployment (
IS_DEPLOYED: "true"). - π« Avoid plaintext passwords outside dev/testing.
Note: Encrypted password support is under development. Stay tuned for updates!
Mozilla Public License 2.0
See LICENSE for full legal text.
Developed by Maaz Waheed
- GitHub: @42Wor
- Email: [email protected] / [email protected]
- Issues / PRs welcome!
Contributions are welcome! Please follow these steps:
- Fork the repository.
- Create a new branch (
git checkout -b feature-branch). - Make your changes.
- Commit your changes (
git commit -m 'Add some feature'). - Push to the branch (
git push origin feature-branch). - Create a new Pull Request.
Would you like me to generate:
- β
A
requirements.txt - β
The
.envtemplate - β Diagrams (e.g., session flow, DB schema)
- β Frontend login template in HTML?
Let me know which extras you want!