the login process seems secure . But you didn’t check the potential existing user in the signup form, or existing email address. Unless this is managed by the underlying User schema. And you should require a minimal password complexity.
Read moreDoes Flask provide security?
Flask-Security allows you to quickly add common security mechanisms to your Flask application . They include: Session based authentication. Role and Permission management.
Read moreDoes Flask provide security?
Flask-Security allows you to quickly add common security mechanisms to your Flask application . They include: Session based authentication. Role and Permission management.
Read moreAre Flask cookies secure?
The browser will never send secure cookies with requests that are not encrypted . With Flask, you can control the secure flag on the session cookie with the SESSION_COOKIE_SECURE configuration setting. By default, it is set to False , which makes the session cookie available to both HTTP and HTTPS connections.
Read more