Kyle Pope
b134ad9e8b
- models/totp_usage.py: replay-prevention table, unique on (user_id, code, window) - models/backup_code.py: Argon2id-hashed recovery codes with used_at tracking - services/totp.py: Fernet encrypt/decrypt, verify_totp_code returns actual window, QR base64, backup code generation - routers/totp.py: setup (idempotent), confirm, totp-verify (mfa_token + TOTP or backup code), disable, regenerate, status - alembic/024: creates totp_usage and backup_codes tables - main.py: register totp router, import new models for Alembic discovery - requirements.txt: add pyotp>=2.9.0, qrcode[pil]>=7.4.0, cryptography>=42.0.0 - jobs/notifications.py: periodic cleanup for totp_usage (5 min) and expired user_sessions Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
18 lines
334 B
Plaintext
18 lines
334 B
Plaintext
fastapi==0.115.6
|
|
uvicorn[standard]==0.34.0
|
|
sqlalchemy[asyncio]==2.0.36
|
|
asyncpg==0.30.0
|
|
alembic==1.14.1
|
|
pydantic==2.10.4
|
|
pydantic-settings==2.7.1
|
|
bcrypt==4.2.1
|
|
argon2-cffi>=23.1.0
|
|
pyotp>=2.9.0
|
|
qrcode[pil]>=7.4.0
|
|
cryptography>=42.0.0
|
|
python-multipart==0.0.20
|
|
python-dateutil==2.9.0
|
|
itsdangerous==2.2.0
|
|
httpx==0.27.2
|
|
apscheduler==3.10.4
|