feat: implement enterprise-grade security enhancements #416

[manasdutta04]

feat(security): comprehensive security overhaul for authentication and database #416

Security Enhancements:

• Replace chr(ord(char)*2) encryption with bcrypt hashing (12 rounds + salt)
• Move DB_PASSWORD="tejas123" to environment variables with .env support
• Replace string formatting SQL with parameterized queries (%s placeholders)
• Implement secure session tokens using secrets.token_urlsafe(32)
• Add comprehensive input validation for usernames, passwords, and data
• Create account lockout system (5 attempts, 15min lockout)

Files Added:

• software/security.py - Security manager with bcrypt and session handling
• software/validators.py - Input validation and sanitization utilities
• migration_script.py - Safe migration for existing password hashes
• .env.example - Environment configuration template
• SECURITY.md - Complete security documentation

Files Modified:

• software/main.py - Updated authentication flow with session management
• software/manage_data.py - Parameterized queries and secure operations
• software/db_config.py - Environment variable configuration
• installation/requirements.txt - Added bcrypt and python-dotenv

BREAKING CHANGE: Existing installations must run migration_script.py

[netlify[bot]]

✅ Deploy Preview for multiverse-dataverse ready!

Name	Link
🔨 Latest commit	eb1e56a8f5078510dbb1991a506a855161dd8eed
🔍 Latest deploy log	https://app.netlify.com/projects/multiverse-dataverse/deploys/6898ad5224a1780008df3692
😎 Deploy Preview	https://deploy-preview-417--multiverse-dataverse.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[github-actions[bot]]

🎉 Thank you for your contribution! Your pull request has been submitted successfully. A maintainer from team will review it soon. We appreciate your support in making better.