Overview

AstroBuilt is a robust application that showcases essential security features required for modern software solutions, particularly those that handle sensitive user data. With a focus on user authentication, AstroBuilt implements industry-standard practices like two-factor authentication (2FA), email verification, and password checks against known breaches. This application serves as both a practical example for developers looking to strengthen their security measures and a foundational setup for those interested in enhancing their web architecture using SQLite.

The project is structured to provide an effective user experience while maintaining security protocols. From initializing the SQLite database to running the application with defined environmental variables, every step is designed to guide developers through the implementation process seamlessly. This overview highlights the significant functionalities that secure user interactions and safeguard data integrity.

Features

• Email and Password Authentication: Users can create accounts using their email and password, which ensures a straightforward registration process.
• Two-Factor Authentication (2FA): Additional security is provided through TOTP-based 2FA, which adds a layer of verification for logins.
• Password Breach Check: Integration with HaveIBeenPwned allows users to verify if their password has been compromised in the past, enhancing password security.
• Login Throttling and Rate Limiting: Prevents brute-force attacks by slowing down repetitive login attempts, protecting user accounts from unauthorized access.
• Password Reset Management: A secure process for users needing to reset their passwords, keeping their accounts safe from mishandling.
• Environment Management: Requires the setup of a .env file to utilize a secure encryption key, ensuring that sensitive data is encrypted properly.
• SQLite Database Integration: Utilizes SQLite for a lightweight and efficient database solution, making it an excellent choice for smaller applications.
• Console Logging for Error Tracking: While not comprehensive, logging to the console aids in development and troubleshooting during the application run.