PyPI - arthexis - Versions diffs - 0.1.9__py3-none-any.whl → 0.1.26__py3-none-any.whl - Mend

arthexis 0.1.9py3-none-any.whl → 0.1.26py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of arthexis might be problematic. Click here for more details.

Files changed (112) hide show

arthexis-0.1.26.dist-info/METADATA +272 -0
arthexis-0.1.26.dist-info/RECORD +111 -0
{arthexis-0.1.9.dist-info → arthexis-0.1.26.dist-info}/licenses/LICENSE +674 -674
config/__init__.py +5 -5
config/active_app.py +15 -15
config/asgi.py +29 -29
config/auth_app.py +7 -7
config/celery.py +32 -25
config/context_processors.py +67 -68
config/horologia_app.py +7 -7
config/loadenv.py +11 -11
config/logging.py +59 -48
config/middleware.py +71 -25
config/offline.py +49 -49
config/settings.py +676 -492
config/settings_helpers.py +109 -0
config/urls.py +228 -159
config/wsgi.py +17 -17
core/admin.py +4052 -2066
core/admin_history.py +50 -50
core/admindocs.py +192 -151
core/apps.py +350 -223
core/auto_upgrade.py +72 -0
core/backends.py +311 -124
core/changelog.py +403 -0
core/entity.py +149 -133
core/environment.py +60 -43
core/fields.py +168 -75
core/form_fields.py +75 -0
core/github_helper.py +188 -25
core/github_issues.py +183 -172
core/github_repos.py +72 -0
core/lcd_screen.py +78 -78
core/liveupdate.py +25 -25
core/log_paths.py +114 -100
core/mailer.py +89 -83
core/middleware.py +91 -91
core/models.py +5041 -2195
core/notifications.py +105 -105
core/public_wifi.py +267 -227
core/reference_utils.py +107 -0
core/release.py +940 -346
core/rfid_import_export.py +113 -0
core/sigil_builder.py +149 -131
core/sigil_context.py +20 -20
core/sigil_resolver.py +250 -284
core/system.py +1425 -230
core/tasks.py +538 -199
core/temp_passwords.py +181 -0
core/test_system_info.py +202 -43
core/tests.py +2673 -1069
core/tests_liveupdate.py +17 -17
core/urls.py +11 -11
core/user_data.py +681 -495
core/views.py +2484 -789
core/widgets.py +213 -51
nodes/admin.py +2236 -445
nodes/apps.py +98 -70
nodes/backends.py +160 -53
nodes/dns.py +203 -0
nodes/feature_checks.py +133 -0
nodes/lcd.py +165 -165
nodes/models.py +2375 -870
nodes/reports.py +411 -0
nodes/rfid_sync.py +210 -0
nodes/signals.py +18 -0
nodes/tasks.py +141 -46
nodes/tests.py +5045 -1489
nodes/urls.py +29 -13
nodes/utils.py +172 -73
nodes/views.py +1768 -304
ocpp/admin.py +1775 -481
ocpp/apps.py +25 -25
ocpp/consumers.py +1843 -630
ocpp/evcs.py +844 -928
ocpp/evcs_discovery.py +158 -0
ocpp/models.py +1417 -640
ocpp/network.py +398 -0
ocpp/reference_utils.py +42 -0
ocpp/routing.py +11 -9
ocpp/simulator.py +745 -368
ocpp/status_display.py +26 -0
ocpp/store.py +603 -403
ocpp/tasks.py +479 -31
ocpp/test_export_import.py +131 -130
ocpp/test_rfid.py +1072 -540
ocpp/tests.py +5494 -2296
ocpp/transactions_io.py +197 -165
ocpp/urls.py +50 -50
ocpp/views.py +2024 -912
pages/admin.py +1123 -396
pages/apps.py +45 -10
pages/checks.py +40 -40
pages/context_processors.py +151 -85
pages/defaults.py +13 -0
pages/forms.py +221 -0
pages/middleware.py +213 -153
pages/models.py +720 -252
pages/module_defaults.py +156 -0
pages/site_config.py +137 -0
pages/tasks.py +74 -0
pages/tests.py +4009 -1389
pages/urls.py +38 -20
pages/utils.py +93 -12
pages/views.py +1736 -762
arthexis-0.1.9.dist-info/METADATA +0 -168
arthexis-0.1.9.dist-info/RECORD +0 -92
core/workgroup_urls.py +0 -17
core/workgroup_views.py +0 -94
nodes/actions.py +0 -70
{arthexis-0.1.9.dist-info → arthexis-0.1.26.dist-info}/WHEEL +0 -0
{arthexis-0.1.9.dist-info → arthexis-0.1.26.dist-info}/top_level.txt +0 -0

core/backends.py CHANGED Viewed

@@ -1,124 +1,311 @@
-"""Custom authentication backends for the core app."""
-import contextlib
-import ipaddress
-import socket
-from django.contrib.auth import get_user_model
-from django.contrib.auth.backends import ModelBackend
-from .models import EnergyAccount
-class RFIDBackend:
-    """Authenticate using a user's RFID."""
-    def authenticate(self, request, rfid=None, **kwargs):
-        if not rfid:
-            return None
-        account = (
-            EnergyAccount.objects.filter(
-                rfids__rfid=rfid.upper(), rfids__allowed=True, user__isnull=False
-            )
-            .select_related("user")
-            .first()
-        )
-        if account:
-            return account.user
-        return None
-    def get_user(self, user_id):
-        User = get_user_model()
-        try:
-            return User.objects.get(pk=user_id)
-        except User.DoesNotExist:
-            return None
-def _collect_local_ip_addresses():
-    """Return IP addresses assigned to the current machine."""
-    hosts = {socket.gethostname().strip()}
-    with contextlib.suppress(Exception):
-        hosts.add(socket.getfqdn().strip())
-    addresses = set()
-    for host in filter(None, hosts):
-        with contextlib.suppress(OSError):
-            _, _, ip_list = socket.gethostbyname_ex(host)
-            for candidate in ip_list:
-                with contextlib.suppress(ValueError):
-                    addresses.add(ipaddress.ip_address(candidate))
-        with contextlib.suppress(OSError):
-            for info in socket.getaddrinfo(host, None, family=socket.AF_UNSPEC):
-                sockaddr = info[-1]
-                if not sockaddr:
-                    continue
-                raw_address = sockaddr[0]
-                if isinstance(raw_address, bytes):
-                    with contextlib.suppress(UnicodeDecodeError):
-                        raw_address = raw_address.decode()
-                if isinstance(raw_address, str):
-                    if "%" in raw_address:
-                        raw_address = raw_address.split("%", 1)[0]
-                    with contextlib.suppress(ValueError):
-                        addresses.add(ipaddress.ip_address(raw_address))
-    return tuple(sorted(addresses, key=str))
-class LocalhostAdminBackend(ModelBackend):
-    """Allow default admin credentials only from local networks."""
-    _ALLOWED_NETWORKS = [
-        ipaddress.ip_network("::1/128"),
-        ipaddress.ip_network("127.0.0.0/8"),
-        ipaddress.ip_network("192.168.0.0/16"),
-    ]
-    _LOCAL_IPS = _collect_local_ip_addresses()
-    def authenticate(self, request, username=None, password=None, **kwargs):
-        if username == "admin" and password == "admin" and request is not None:
-            forwarded = request.META.get("HTTP_X_FORWARDED_FOR")
-            if forwarded:
-                remote = forwarded.split(",")[0].strip()
-            else:
-                remote = request.META.get("REMOTE_ADDR", "")
-            try:
-                ip = ipaddress.ip_address(remote)
-            except ValueError:
-                return None
-            allowed = any(ip in net for net in self._ALLOWED_NETWORKS)
-            if not allowed and ip in self._LOCAL_IPS:
-                allowed = True
-            if not allowed:
-                return None
-            User = get_user_model()
-            user, created = User.all_objects.get_or_create(
-                username="admin",
-                defaults={
-                    "is_staff": True,
-                    "is_superuser": True,
-                },
-            )
-            arthexis_user = (
-                User.all_objects.filter(username="arthexis").exclude(pk=user.pk).first()
-            )
-            if created:
-                if arthexis_user and user.operate_as_id is None:
-                    user.operate_as = arthexis_user
-                user.set_password("admin")
-                user.save()
-            elif not user.check_password("admin"):
-                return None
-            elif arthexis_user and user.operate_as_id is None:
-                user.operate_as = arthexis_user
-                user.save(update_fields=["operate_as"])
-            return user
-        return super().authenticate(request, username, password, **kwargs)
-    def get_user(self, user_id):
-        User = get_user_model()
-        try:
-            return User.all_objects.get(pk=user_id)
-        except User.DoesNotExist:
-            return None
+"""Custom authentication backends for the core app."""
+import contextlib
+import ipaddress
+import os
+import socket
+import subprocess
+import sys
+from django.conf import settings
+from django.contrib.auth import get_user_model
+from django.contrib.auth.backends import ModelBackend
+from django.core.exceptions import DisallowedHost
+from django.http.request import split_domain_port
+from django_otp.plugins.otp_totp.models import TOTPDevice
+from .models import EnergyAccount, RFID
+from . import temp_passwords
+TOTP_DEVICE_NAME = "authenticator"
+class TOTPBackend(ModelBackend):
+    """Authenticate using a TOTP code from an enrolled authenticator app."""
+    def authenticate(self, request, username=None, otp_token=None, **kwargs):
+        if not username or otp_token in (None, ""):
+            return None
+        token = str(otp_token).strip().replace(" ", "")
+        if not token:
+            return None
+        UserModel = get_user_model()
+        try:
+            user = UserModel._default_manager.get_by_natural_key(username)
+        except UserModel.DoesNotExist:
+            return None
+        if not user.is_active:
+            return None
+        device_qs = TOTPDevice.objects.filter(user=user, confirmed=True)
+        if TOTP_DEVICE_NAME:
+            device = device_qs.filter(name=TOTP_DEVICE_NAME).order_by("-id").first()
+        else:
+            device = None
+        if device is None:
+            device = device_qs.order_by("-id").first()
+        if device is None:
+            return None
+        try:
+            verified = device.verify_token(token)
+        except Exception:
+            return None
+        if not verified:
+            return None
+        user.otp_device = device
+        return user
+    def get_user(self, user_id):
+        UserModel = get_user_model()
+        try:
+            return UserModel._default_manager.get(pk=user_id)
+        except UserModel.DoesNotExist:
+            return None
+class RFIDBackend:
+    """Authenticate using a user's RFID."""
+    def authenticate(self, request, rfid=None, **kwargs):
+        if not rfid:
+            return None
+        rfid_value = str(rfid).strip().upper()
+        if not rfid_value:
+            return None
+        tag = RFID.matching_queryset(rfid_value).filter(allowed=True).first()
+        if not tag:
+            return None
+        update_fields: list[str] = []
+        if tag.adopt_rfid(rfid_value):
+            update_fields.append("rfid")
+        if update_fields:
+            tag.save(update_fields=update_fields)
+        command = (tag.external_command or "").strip()
+        if command:
+            env = os.environ.copy()
+            env["RFID_VALUE"] = rfid_value
+            env["RFID_LABEL_ID"] = str(tag.pk)
+            env["RFID_ENDIANNESS"] = getattr(tag, "endianness", RFID.BIG_ENDIAN)
+            try:
+                completed = subprocess.run(
+                    command,
+                    shell=True,
+                    check=False,
+                    capture_output=True,
+                    text=True,
+                    env=env,
+                )
+            except Exception:
+                return None
+            if completed.returncode != 0:
+                return None
+        account = (
+            EnergyAccount.objects.filter(
+                rfids__pk=tag.pk, rfids__allowed=True, user__isnull=False
+            )
+            .select_related("user")
+            .first()
+        )
+        if account:
+            post_command = (getattr(tag, "post_auth_command", "") or "").strip()
+            if post_command:
+                env = os.environ.copy()
+                env["RFID_VALUE"] = rfid_value
+                env["RFID_LABEL_ID"] = str(tag.pk)
+                env["RFID_ENDIANNESS"] = getattr(tag, "endianness", RFID.BIG_ENDIAN)
+                with contextlib.suppress(Exception):
+                    subprocess.Popen(
+                        post_command,
+                        shell=True,
+                        env=env,
+                        stdout=subprocess.DEVNULL,
+                        stderr=subprocess.DEVNULL,
+                    )
+            return account.user
+        return None
+    def get_user(self, user_id):
+        User = get_user_model()
+        try:
+            return User.objects.get(pk=user_id)
+        except User.DoesNotExist:
+            return None
+def _collect_local_ip_addresses():
+    """Return IP addresses assigned to the current machine."""
+    hosts = {socket.gethostname().strip()}
+    with contextlib.suppress(Exception):
+        hosts.add(socket.getfqdn().strip())
+    addresses = set()
+    for host in filter(None, hosts):
+        with contextlib.suppress(OSError):
+            _, _, ip_list = socket.gethostbyname_ex(host)
+            for candidate in ip_list:
+                with contextlib.suppress(ValueError):
+                    addresses.add(ipaddress.ip_address(candidate))
+        with contextlib.suppress(OSError):
+            for info in socket.getaddrinfo(host, None, family=socket.AF_UNSPEC):
+                sockaddr = info[-1]
+                if not sockaddr:
+                    continue
+                raw_address = sockaddr[0]
+                if isinstance(raw_address, bytes):
+                    with contextlib.suppress(UnicodeDecodeError):
+                        raw_address = raw_address.decode()
+                if isinstance(raw_address, str):
+                    if "%" in raw_address:
+                        raw_address = raw_address.split("%", 1)[0]
+                    with contextlib.suppress(ValueError):
+                        addresses.add(ipaddress.ip_address(raw_address))
+    return tuple(sorted(addresses, key=str))
+class LocalhostAdminBackend(ModelBackend):
+    """Allow default admin credentials only from local networks."""
+    _ALLOWED_NETWORKS = (
+        ipaddress.ip_network("::1/128"),
+        ipaddress.ip_network("127.0.0.0/8"),
+        ipaddress.ip_network("10.42.0.0/16"),
+        ipaddress.ip_network("192.168.0.0/16"),
+    )
+    _CONTROL_ALLOWED_NETWORKS = (ipaddress.ip_network("10.0.0.0/8"),)
+    _LOCAL_IPS = _collect_local_ip_addresses()
+    def _iter_allowed_networks(self):
+        yield from self._ALLOWED_NETWORKS
+        if getattr(settings, "NODE_ROLE", "") == "Control":
+            yield from self._CONTROL_ALLOWED_NETWORKS
+    def _is_test_environment(self, request) -> bool:
+        if os.environ.get("PYTEST_CURRENT_TEST"):
+            return True
+        if any(arg == "test" for arg in sys.argv):
+            return True
+        executable = os.path.basename(sys.argv[0]) if sys.argv else ""
+        if executable in {"pytest", "py.test"}:
+            return True
+        server_name = ""
+        if request is not None:
+            server_name = request.META.get("SERVER_NAME", "")
+        return server_name.lower() == "testserver"
+    def authenticate(self, request, username=None, password=None, **kwargs):
+        if username == "admin" and password == "admin" and request is not None:
+            try:
+                host = request.get_host()
+            except DisallowedHost:
+                return None
+            host, _port = split_domain_port(host)
+            if host.startswith("[") and host.endswith("]"):
+                host = host[1:-1]
+            try:
+                ipaddress.ip_address(host)
+            except ValueError:
+                if host.lower() == "localhost":
+                    host = "127.0.0.1"
+                elif not self._is_test_environment(request):
+                    return None
+            forwarded = request.META.get("HTTP_X_FORWARDED_FOR")
+            if forwarded:
+                remote = forwarded.split(",")[0].strip()
+            else:
+                remote = request.META.get("REMOTE_ADDR", "")
+            try:
+                ip = ipaddress.ip_address(remote)
+            except ValueError:
+                return None
+            allowed = any(ip in net for net in self._iter_allowed_networks())
+            if not allowed and ip in self._LOCAL_IPS:
+                allowed = True
+            if not allowed:
+                return None
+            User = get_user_model()
+            user, created = User.all_objects.get_or_create(
+                username="admin",
+                defaults={
+                    "is_staff": True,
+                    "is_superuser": True,
+                },
+            )
+            if not created and not user.is_active:
+                return None
+            arthexis_user = (
+                User.all_objects.filter(username="arthexis").exclude(pk=user.pk).first()
+            )
+            if created:
+                if arthexis_user and user.operate_as_id is None:
+                    user.operate_as = arthexis_user
+                user.set_password("admin")
+                user.save()
+            else:
+                if not user.check_password("admin"):
+                    if not user.password or not user.has_usable_password():
+                        user.set_password("admin")
+                        user.save(update_fields=["password"])
+                    else:
+                        return None
+                if arthexis_user and user.operate_as_id is None:
+                    user.operate_as = arthexis_user
+                    user.save(update_fields=["operate_as"])
+            return user
+        return super().authenticate(request, username, password, **kwargs)
+    def get_user(self, user_id):
+        User = get_user_model()
+        try:
+            return User.all_objects.get(pk=user_id)
+        except User.DoesNotExist:
+            return None
+class TempPasswordBackend(ModelBackend):
+    """Authenticate using a temporary password stored in a lockfile."""
+    def authenticate(self, request, username=None, password=None, **kwargs):
+        if not username or not password:
+            return None
+        UserModel = get_user_model()
+        manager = getattr(UserModel, "all_objects", UserModel._default_manager)
+        try:
+            user = manager.get_by_natural_key(username)
+        except UserModel.DoesNotExist:
+            return None
+        entry = temp_passwords.load_temp_password(user.username)
+        if entry is None:
+            return None
+        if entry.is_expired:
+            temp_passwords.discard_temp_password(user.username)
+            return None
+        if not entry.check_password(password):
+            return None
+        if not user.is_active:
+            user.is_active = True
+            user.save(update_fields=["is_active"])
+        return user
+    def get_user(self, user_id):
+        UserModel = get_user_model()
+        manager = getattr(UserModel, "all_objects", UserModel._default_manager)
+        try:
+            return manager.get(pk=user_id)
+        except UserModel.DoesNotExist:
+            return None

arthexis 0.1.9__py3-none-any.whl → 0.1.26__py3-none-any.whl

Potentially problematic release.

arthexis 0.1.9py3-none-any.whl → 0.1.26py3-none-any.whl