PyPI - django-cfg - Versions diffs - 1.2.31__py3-none-any.whl → 1.3.1__py3-none-any.whl - Mend

django-cfg 1.2.31py3-none-any.whl → 1.3.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (256) hide show

django_cfg/__init__.py +1 -1
django_cfg/apps/api/health/views.py +4 -2
django_cfg/apps/knowbase/config/settings.py +16 -15
django_cfg/apps/payments/README.md +326 -0
django_cfg/apps/payments/admin/__init__.py +20 -10
django_cfg/apps/payments/admin/api_keys_admin.py +521 -237
django_cfg/apps/payments/admin/balance_admin.py +592 -297
django_cfg/apps/payments/admin/currencies_admin.py +526 -222
django_cfg/apps/payments/admin/filters.py +306 -199
django_cfg/apps/payments/admin/payments_admin.py +465 -70
django_cfg/apps/payments/admin/subscriptions_admin.py +578 -128
django_cfg/apps/payments/admin_interface/__init__.py +18 -0
django_cfg/apps/payments/admin_interface/templates/payments/base.html +162 -0
django_cfg/apps/payments/admin_interface/templates/payments/components/dev_tool_card.html +38 -0
django_cfg/apps/payments/admin_interface/templates/payments/components/loading_spinner.html +16 -0
django_cfg/apps/payments/admin_interface/templates/payments/components/notification.html +27 -0
django_cfg/apps/payments/admin_interface/templates/payments/components/provider_card.html +86 -0
django_cfg/apps/payments/admin_interface/templates/payments/components/status_card.html +39 -0
django_cfg/apps/payments/admin_interface/templates/payments/currency_converter.html +382 -0
django_cfg/apps/payments/admin_interface/templates/payments/payment_dashboard.html +300 -0
django_cfg/apps/payments/admin_interface/templates/payments/payment_form.html +303 -0
django_cfg/apps/payments/admin_interface/templates/payments/payment_list.html +382 -0
django_cfg/apps/payments/admin_interface/templates/payments/payment_status.html +500 -0
django_cfg/apps/payments/admin_interface/templates/payments/webhook_dashboard.html +594 -0
django_cfg/apps/payments/admin_interface/views/__init__.py +23 -0
django_cfg/apps/payments/admin_interface/views/payment_views.py +259 -0
django_cfg/apps/payments/admin_interface/views/webhook_dashboard.py +37 -0
django_cfg/apps/payments/apps.py +34 -9
django_cfg/apps/payments/config/__init__.py +28 -51
django_cfg/apps/payments/config/constance/__init__.py +22 -0
django_cfg/apps/payments/config/constance/config_service.py +123 -0
django_cfg/apps/payments/config/constance/fields.py +69 -0
django_cfg/apps/payments/config/constance/settings.py +160 -0
django_cfg/apps/payments/config/django_cfg_integration.py +202 -0
django_cfg/apps/payments/config/helpers.py +130 -0
django_cfg/apps/payments/management/__init__.py +1 -3
django_cfg/apps/payments/management/commands/__init__.py +1 -3
django_cfg/apps/payments/management/commands/manage_currencies.py +303 -151
django_cfg/apps/payments/management/commands/manage_providers.py +333 -160
django_cfg/apps/payments/middleware/__init__.py +3 -1
django_cfg/apps/payments/middleware/api_access.py +329 -222
django_cfg/apps/payments/middleware/rate_limiting.py +342 -152
django_cfg/apps/payments/middleware/usage_tracking.py +249 -240
django_cfg/apps/payments/migrations/0001_initial.py +708 -536
django_cfg/apps/payments/models/__init__.py +13 -18
django_cfg/apps/payments/models/api_keys.py +121 -43
django_cfg/apps/payments/models/balance.py +150 -115
django_cfg/apps/payments/models/base.py +68 -15
django_cfg/apps/payments/models/currencies.py +172 -148
django_cfg/apps/payments/models/managers/__init__.py +44 -0
django_cfg/apps/payments/models/managers/api_key_managers.py +329 -0
django_cfg/apps/payments/models/managers/balance_managers.py +599 -0
django_cfg/apps/payments/models/managers/currency_managers.py +385 -0
django_cfg/apps/payments/models/managers/payment_managers.py +511 -0
django_cfg/apps/payments/models/managers/subscription_managers.py +641 -0
django_cfg/apps/payments/models/payments.py +235 -285
django_cfg/apps/payments/models/subscriptions.py +257 -177
django_cfg/apps/payments/models/tariffs.py +147 -40
django_cfg/apps/payments/services/__init__.py +209 -56
django_cfg/apps/payments/services/cache/__init__.py +6 -6
django_cfg/apps/payments/services/cache/{simple_cache.py → cache_service.py} +112 -12
django_cfg/apps/payments/services/core/__init__.py +10 -6
django_cfg/apps/payments/services/core/balance_service.py +435 -360
django_cfg/apps/payments/services/core/base.py +166 -0
django_cfg/apps/payments/services/core/currency_service.py +478 -0
django_cfg/apps/payments/services/core/payment_service.py +346 -467
django_cfg/apps/payments/services/core/subscription_service.py +425 -481
django_cfg/apps/payments/services/core/webhook_service.py +410 -0
django_cfg/apps/payments/services/integrations/__init__.py +29 -0
django_cfg/apps/payments/services/integrations/ngrok_service.py +47 -0
django_cfg/apps/payments/services/integrations/providers_config.py +107 -0
django_cfg/apps/payments/services/providers/__init__.py +9 -14
django_cfg/apps/payments/services/providers/base.py +234 -174
django_cfg/apps/payments/services/providers/nowpayments.py +478 -0
django_cfg/apps/payments/services/providers/registry.py +367 -301
django_cfg/apps/payments/services/types/__init__.py +78 -0
django_cfg/apps/payments/services/types/data.py +177 -0
django_cfg/apps/payments/services/types/requests.py +150 -0
django_cfg/apps/payments/services/types/responses.py +156 -0
django_cfg/apps/payments/services/types/webhooks.py +232 -0
django_cfg/apps/payments/signals/__init__.py +33 -8
django_cfg/apps/payments/signals/api_key_signals.py +210 -129
django_cfg/apps/payments/signals/balance_signals.py +174 -0
django_cfg/apps/payments/signals/payment_signals.py +128 -103
django_cfg/apps/payments/signals/subscription_signals.py +194 -142
django_cfg/apps/payments/static/payments/css/components.css +380 -0
django_cfg/apps/payments/static/payments/css/dashboard.css +188 -0
django_cfg/apps/payments/static/payments/js/components.js +545 -0
django_cfg/apps/payments/static/payments/js/utils.js +412 -0
django_cfg/apps/payments/templatetags/__init__.py +1 -1
django_cfg/apps/payments/templatetags/payment_tags.py +466 -0
django_cfg/apps/payments/urls.py +45 -48
django_cfg/apps/payments/urls_admin.py +33 -42
django_cfg/apps/payments/views/api/__init__.py +101 -0
django_cfg/apps/payments/views/api/api_keys.py +387 -0
django_cfg/apps/payments/views/api/balances.py +381 -0
django_cfg/apps/payments/views/api/base.py +298 -0
django_cfg/apps/payments/views/api/currencies.py +402 -0
django_cfg/apps/payments/views/api/payments.py +415 -0
django_cfg/apps/payments/views/api/subscriptions.py +475 -0
django_cfg/apps/payments/views/api/webhooks.py +476 -0
django_cfg/apps/payments/views/serializers/__init__.py +99 -0
django_cfg/apps/payments/views/serializers/api_keys.py +424 -0
django_cfg/apps/payments/views/serializers/balances.py +300 -0
django_cfg/apps/payments/views/serializers/currencies.py +335 -0
django_cfg/apps/payments/views/serializers/payments.py +387 -0
django_cfg/apps/payments/views/serializers/subscriptions.py +429 -0
django_cfg/apps/payments/views/serializers/webhooks.py +137 -0
django_cfg/config.py +1 -1
django_cfg/core/config.py +40 -4
django_cfg/core/generation.py +25 -4
django_cfg/core/integration/README.md +363 -0
django_cfg/core/integration/__init__.py +47 -0
django_cfg/core/integration/commands_collector.py +239 -0
django_cfg/core/integration/display/__init__.py +15 -0
django_cfg/core/integration/display/base.py +157 -0
django_cfg/core/integration/display/ngrok.py +164 -0
django_cfg/core/integration/display/startup.py +815 -0
django_cfg/core/integration/url_integration.py +123 -0
django_cfg/core/integration/version_checker.py +160 -0
django_cfg/management/commands/auto_generate.py +4 -0
django_cfg/management/commands/check_settings.py +6 -0
django_cfg/management/commands/clear_constance.py +5 -2
django_cfg/management/commands/create_token.py +6 -0
django_cfg/management/commands/list_urls.py +6 -0
django_cfg/management/commands/migrate_all.py +6 -0
django_cfg/management/commands/migrator.py +3 -0
django_cfg/management/commands/rundramatiq.py +6 -0
django_cfg/management/commands/runserver_ngrok.py +51 -29
django_cfg/management/commands/script.py +6 -0
django_cfg/management/commands/show_config.py +12 -2
django_cfg/management/commands/show_urls.py +4 -0
django_cfg/management/commands/superuser.py +6 -0
django_cfg/management/commands/task_clear.py +4 -1
django_cfg/management/commands/task_status.py +3 -1
django_cfg/management/commands/test_email.py +3 -0
django_cfg/management/commands/test_telegram.py +6 -0
django_cfg/management/commands/test_twilio.py +6 -0
django_cfg/management/commands/tree.py +6 -0
django_cfg/management/commands/validate_config.py +155 -149
django_cfg/models/constance.py +31 -11
django_cfg/models/payments.py +175 -492
django_cfg/modules/django_logger.py +160 -146
django_cfg/modules/django_unfold/dashboard.py +64 -16
django_cfg/registry/core.py +1 -0
django_cfg/template_archive/django_sample.zip +0 -0
django_cfg/utils/smart_defaults.py +222 -571
django_cfg/utils/toolkit.py +51 -11
{django_cfg-1.2.31.dist-info → django_cfg-1.3.1.dist-info}/METADATA +4 -1
{django_cfg-1.2.31.dist-info → django_cfg-1.3.1.dist-info}/RECORD +153 -185
django_cfg/apps/payments/__init__.py +0 -8
django_cfg/apps/payments/admin/tariffs_admin.py +0 -199
django_cfg/apps/payments/config/module.py +0 -70
django_cfg/apps/payments/config/providers.py +0 -105
django_cfg/apps/payments/config/settings.py +0 -96
django_cfg/apps/payments/config/utils.py +0 -52
django_cfg/apps/payments/decorators.py +0 -291
django_cfg/apps/payments/management/commands/README.md +0 -146
django_cfg/apps/payments/management/commands/currency_stats.py +0 -304
django_cfg/apps/payments/managers/__init__.py +0 -23
django_cfg/apps/payments/managers/api_key_manager.py +0 -35
django_cfg/apps/payments/managers/balance_manager.py +0 -361
django_cfg/apps/payments/managers/currency_manager.py +0 -306
django_cfg/apps/payments/managers/payment_manager.py +0 -192
django_cfg/apps/payments/managers/subscription_manager.py +0 -37
django_cfg/apps/payments/managers/tariff_manager.py +0 -29
django_cfg/apps/payments/migrations/0002_network_providercurrency_and_more.py +0 -241
django_cfg/apps/payments/migrations/0003_add_usd_rate_cache.py +0 -30
django_cfg/apps/payments/models/events.py +0 -73
django_cfg/apps/payments/serializers/__init__.py +0 -57
django_cfg/apps/payments/serializers/api_keys.py +0 -51
django_cfg/apps/payments/serializers/balance.py +0 -59
django_cfg/apps/payments/serializers/currencies.py +0 -63
django_cfg/apps/payments/serializers/payments.py +0 -62
django_cfg/apps/payments/serializers/subscriptions.py +0 -71
django_cfg/apps/payments/serializers/tariffs.py +0 -56
django_cfg/apps/payments/services/billing/__init__.py +0 -8
django_cfg/apps/payments/services/cache/base.py +0 -30
django_cfg/apps/payments/services/core/fallback_service.py +0 -432
django_cfg/apps/payments/services/internal_types.py +0 -461
django_cfg/apps/payments/services/middleware/__init__.py +0 -8
django_cfg/apps/payments/services/monitoring/__init__.py +0 -22
django_cfg/apps/payments/services/monitoring/api_schemas.py +0 -76
django_cfg/apps/payments/services/monitoring/provider_health.py +0 -372
django_cfg/apps/payments/services/providers/cryptapi/__init__.py +0 -4
django_cfg/apps/payments/services/providers/cryptapi/config.py +0 -8
django_cfg/apps/payments/services/providers/cryptapi/models.py +0 -192
django_cfg/apps/payments/services/providers/cryptapi/provider.py +0 -439
django_cfg/apps/payments/services/providers/cryptomus/__init__.py +0 -4
django_cfg/apps/payments/services/providers/cryptomus/models.py +0 -176
django_cfg/apps/payments/services/providers/cryptomus/provider.py +0 -429
django_cfg/apps/payments/services/providers/cryptomus/provider_v2.py +0 -564
django_cfg/apps/payments/services/providers/models/__init__.py +0 -34
django_cfg/apps/payments/services/providers/models/currencies.py +0 -190
django_cfg/apps/payments/services/providers/nowpayments/__init__.py +0 -4
django_cfg/apps/payments/services/providers/nowpayments/models.py +0 -196
django_cfg/apps/payments/services/providers/nowpayments/provider.py +0 -380
django_cfg/apps/payments/services/providers/stripe/__init__.py +0 -4
django_cfg/apps/payments/services/providers/stripe/models.py +0 -184
django_cfg/apps/payments/services/providers/stripe/provider.py +0 -109
django_cfg/apps/payments/services/security/__init__.py +0 -34
django_cfg/apps/payments/services/security/error_handler.py +0 -635
django_cfg/apps/payments/services/security/payment_notifications.py +0 -342
django_cfg/apps/payments/services/security/webhook_validator.py +0 -474
django_cfg/apps/payments/static/payments/css/payments.css +0 -340
django_cfg/apps/payments/static/payments/js/notifications.js +0 -202
django_cfg/apps/payments/static/payments/js/payment-utils.js +0 -318
django_cfg/apps/payments/static/payments/js/theme.js +0 -86
django_cfg/apps/payments/tasks/__init__.py +0 -12
django_cfg/apps/payments/tasks/webhook_processing.py +0 -177
django_cfg/apps/payments/templates/admin/payments/currency/change_list.html +0 -50
django_cfg/apps/payments/templates/payments/base.html +0 -182
django_cfg/apps/payments/templates/payments/components/payment_card.html +0 -201
django_cfg/apps/payments/templates/payments/components/payment_qr_code.html +0 -109
django_cfg/apps/payments/templates/payments/components/progress_bar.html +0 -43
django_cfg/apps/payments/templates/payments/components/provider_stats.html +0 -40
django_cfg/apps/payments/templates/payments/components/status_badge.html +0 -34
django_cfg/apps/payments/templates/payments/components/status_overview.html +0 -148
django_cfg/apps/payments/templates/payments/dashboard.html +0 -258
django_cfg/apps/payments/templates/payments/dashboard_simple_test.html +0 -35
django_cfg/apps/payments/templates/payments/payment_create.html +0 -579
django_cfg/apps/payments/templates/payments/payment_detail.html +0 -373
django_cfg/apps/payments/templates/payments/payment_list.html +0 -354
django_cfg/apps/payments/templates/payments/stats.html +0 -261
django_cfg/apps/payments/templates/payments/test.html +0 -213
django_cfg/apps/payments/templatetags/payments_tags.py +0 -315
django_cfg/apps/payments/utils/__init__.py +0 -43
django_cfg/apps/payments/utils/billing_utils.py +0 -342
django_cfg/apps/payments/utils/config_utils.py +0 -239
django_cfg/apps/payments/utils/middleware_utils.py +0 -228
django_cfg/apps/payments/utils/validation_utils.py +0 -94
django_cfg/apps/payments/views/__init__.py +0 -63
django_cfg/apps/payments/views/api_key_views.py +0 -164
django_cfg/apps/payments/views/balance_views.py +0 -75
django_cfg/apps/payments/views/currency_views.py +0 -122
django_cfg/apps/payments/views/payment_views.py +0 -149
django_cfg/apps/payments/views/subscription_views.py +0 -135
django_cfg/apps/payments/views/tariff_views.py +0 -131
django_cfg/apps/payments/views/templates/__init__.py +0 -25
django_cfg/apps/payments/views/templates/ajax.py +0 -451
django_cfg/apps/payments/views/templates/base.py +0 -212
django_cfg/apps/payments/views/templates/dashboard.py +0 -60
django_cfg/apps/payments/views/templates/payment_detail.py +0 -102
django_cfg/apps/payments/views/templates/payment_management.py +0 -158
django_cfg/apps/payments/views/templates/qr_code.py +0 -174
django_cfg/apps/payments/views/templates/stats.py +0 -244
django_cfg/apps/payments/views/templates/utils.py +0 -181
django_cfg/apps/payments/views/webhook_views.py +0 -266
django_cfg/apps/payments/viewsets.py +0 -66
django_cfg/core/integration.py +0 -160
django_cfg/template_archive/.gitignore +0 -1
django_cfg/template_archive/__init__.py +0 -0
django_cfg/urls.py +0 -33
{django_cfg-1.2.31.dist-info → django_cfg-1.3.1.dist-info}/WHEEL +0 -0
{django_cfg-1.2.31.dist-info → django_cfg-1.3.1.dist-info}/entry_points.txt +0 -0
{django_cfg-1.2.31.dist-info → django_cfg-1.3.1.dist-info}/licenses/LICENSE +0 -0

django_cfg/apps/payments/services/security/webhook_validator.py DELETED Viewed

@@ -1,474 +0,0 @@
-"""
-Enhanced Webhook Signature Validation Service.
-Critical Foundation Security Component.
-"""
-import json
-import hmac
-import hashlib
-from django_cfg.modules.django_logger import get_logger
-import time
-from typing import Dict, Any, Optional, Tuple
-from datetime import datetime, timedelta
-from django.core.cache import cache
-from django.utils import timezone
-from django.conf import settings
-from django_cfg.apps.payments.config import get_payments_config
-from django_cfg.apps.payments.models.events import PaymentEvent
-from ...models.payments import UniversalPayment
-logger = get_logger("webhook_validator")
-class WebhookValidator:
-    """
-    Secure webhook signature validation with replay attack protection.
-    Foundation Security Component - CRITICAL for system security.
-    """
-    def __init__(self):
-        self.config = get_payments_config()
-        self.nonce_cache_timeout = 3600  # 1 hour nonce validity
-        self.max_timestamp_drift = 300   # 5 minutes max timestamp drift
-    def validate_webhook(
-        self,
-        provider: str,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str],
-        raw_body: bytes = None
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        Comprehensive webhook validation with security checks.
-        Returns:
-            Tuple[bool, Optional[str]]: (is_valid, error_message)
-        """
-        try:
-            # Step 1: Provider-specific signature validation
-            signature_valid, signature_error = self._validate_provider_signature(
-                provider, webhook_data, request_headers, raw_body
-            )
-            if not signature_valid:
-                self._log_security_event('signature_validation_failed', provider, signature_error)
-                return False, signature_error
-            # Step 2: Replay attack protection
-            replay_valid, replay_error = self._validate_against_replay(
-                provider, webhook_data, request_headers
-            )
-            if not replay_valid:
-                self._log_security_event('replay_attack_detected', provider, replay_error)
-                return False, replay_error
-            # Step 3: Timestamp validation
-            timestamp_valid, timestamp_error = self._validate_timestamp(
-                webhook_data, request_headers
-            )
-            if not timestamp_valid:
-                self._log_security_event('timestamp_validation_failed', provider, timestamp_error)
-                return False, timestamp_error
-            # Step 4: Rate limiting check
-            rate_limit_valid, rate_limit_error = self._check_rate_limits(
-                provider, request_headers
-            )
-            if not rate_limit_valid:
-                self._log_security_event('rate_limit_exceeded', provider, rate_limit_error)
-                return False, rate_limit_error
-            # All validations passed
-            self._log_security_event('webhook_validated', provider, 'Validation successful')
-            return True, None
-        except Exception as e:
-            error_msg = f"Webhook validation error: {str(e)}"
-            logger.error(f"Critical validation error for {provider}: {e}", exc_info=True)
-            self._log_security_event('validation_exception', provider, error_msg)
-            return False, error_msg
-    def _validate_provider_signature(
-        self,
-        provider: str,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str],
-        raw_body: bytes = None
-    ) -> Tuple[bool, Optional[str]]:
-        """Validate signature based on provider-specific method."""
-        if provider == 'cryptapi':
-            return self._validate_cryptapi_signature(webhook_data, request_headers)
-        elif provider == 'cryptomus':
-            return self._validate_cryptomus_signature(webhook_data, request_headers, raw_body)
-        elif provider == 'nowpayments':
-            return self._validate_nowpayments_signature(webhook_data, request_headers, raw_body)
-        elif provider == 'test':
-            return True, None  # Allow test webhooks in development
-        else:
-            return False, f"Unknown provider: {provider}"
-    def _validate_cryptapi_signature(
-        self,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str]
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        CryptAPI signature validation with nonce verification.
-        CRITICAL FIX: Proper nonce validation to prevent replay attacks.
-        """
-        # Get security nonce from webhook data
-        security_nonce = webhook_data.get('nonce')
-        if not security_nonce:
-            return False, "Missing security nonce in CryptAPI webhook"
-        # Validate nonce format and uniqueness
-        nonce_valid, nonce_error = self._validate_nonce(security_nonce, 'cryptapi')
-        if not nonce_valid:
-            return False, f"Invalid security nonce: {nonce_error}"
-        # Check required fields
-        required_fields = ['order_id', 'value_coin', 'confirmations']
-        missing_fields = [field for field in required_fields if field not in webhook_data]
-        if missing_fields:
-            return False, f"Missing required fields: {', '.join(missing_fields)}"
-        # Validate order_id format
-        order_id = webhook_data.get('order_id')
-        if not self._validate_order_id_format(order_id):
-            return False, f"Invalid order_id format: {order_id}"
-        # CryptAPI specific validation: check if address exists in our system
-        address_in = webhook_data.get('address')
-        if address_in and not self._validate_payment_address(address_in, 'cryptapi'):
-            return False, f"Unknown payment address: {address_in}"
-        return True, None
-    def _validate_cryptomus_signature(
-        self,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str],
-        raw_body: bytes = None
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        Cryptomus webhook signature validation.
-        Uses HMAC-SHA256 signature verification.
-        """
-        # Get webhook secret from configuration
-        if not self.config or not hasattr(self.config, 'providers'):
-            return False, "Cryptomus configuration not found"
-        cryptomus_config = self.config.providers.get('cryptomus')
-        if not cryptomus_config:
-            return False, "Cryptomus provider not configured"
-        webhook_secret = getattr(cryptomus_config, 'webhook_secret', None)
-        if not webhook_secret:
-            logger.warning("Cryptomus webhook secret not configured, skipping validation")
-            return True, None  # Allow if not configured (development mode)
-        # Get signature from headers
-        signature = request_headers.get('HTTP_X_CRYPTOMUS_SIGNATURE')
-        if not signature:
-            return False, "Missing Cryptomus signature header"
-        # Calculate expected signature
-        if raw_body:
-            payload = raw_body
-        else:
-            payload = json.dumps(webhook_data, separators=(',', ':'), sort_keys=True).encode()
-        expected_signature = hmac.new(
-            webhook_secret.encode(),
-            payload,
-            hashlib.sha256
-        ).hexdigest()
-        # Secure comparison
-        if not hmac.compare_digest(signature, expected_signature):
-            return False, "Invalid Cryptomus signature"
-        # Validate required fields
-        required_fields = ['order_id', 'status']
-        missing_fields = [field for field in required_fields if field not in webhook_data]
-        if missing_fields:
-            return False, f"Missing required fields: {', '.join(missing_fields)}"
-        return True, None
-    def _validate_nowpayments_signature(
-        self,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str],
-        raw_body: bytes = None
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        NowPayments IPN signature validation.
-        Uses HMAC-SHA512 signature verification.
-        """
-        # Get IPN secret from configuration
-        if not self.config or not hasattr(self.config, 'providers'):
-            return False, "NowPayments configuration not found"
-        nowpayments_config = self.config.providers.get('nowpayments')
-        if not nowpayments_config:
-            return False, "NowPayments provider not configured"
-        ipn_secret = getattr(nowpayments_config, 'ipn_secret', None)
-        if not ipn_secret:
-            logger.warning("NowPayments IPN secret not configured, skipping validation")
-            return True, None  # Allow if not configured (development mode)
-        # Get signature from headers
-        signature = request_headers.get('HTTP_X_NOWPAYMENTS_SIG')
-        if not signature:
-            return False, "Missing NowPayments signature header"
-        # Calculate expected signature
-        if raw_body:
-            payload = raw_body.decode('utf-8')
-        else:
-            payload = json.dumps(webhook_data, separators=(',', ':'), sort_keys=True)
-        expected_signature = hmac.new(
-            ipn_secret.encode(),
-            payload.encode(),
-            hashlib.sha512
-        ).hexdigest()
-        # Secure comparison
-        if not hmac.compare_digest(signature, expected_signature):
-            return False, "Invalid NowPayments signature"
-        return True, None
-    def _validate_against_replay(
-        self,
-        provider: str,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str]
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        Protect against replay attacks using idempotency keys.
-        """
-        # Generate idempotency key
-        idempotency_key = self._generate_idempotency_key(provider, webhook_data, request_headers)
-        # Check if we've seen this webhook before
-        cache_key = f"webhook_idempotency:{idempotency_key}"
-        if cache.get(cache_key):
-            return False, f"Replay attack detected: duplicate webhook {idempotency_key}"
-        # Store idempotency key to prevent replays
-        cache.set(cache_key, True, timeout=self.nonce_cache_timeout)
-        return True, None
-    def _validate_timestamp(
-        self,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str]
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        Validate webhook timestamp to prevent old webhook replay.
-        """
-        # Try different timestamp fields
-        timestamp_fields = ['timestamp', 'created_at', 'updated_at', 'time']
-        webhook_timestamp = None
-        for field in timestamp_fields:
-            if field in webhook_data:
-                webhook_timestamp = webhook_data[field]
-                break
-        # Also check headers
-        if not webhook_timestamp:
-            webhook_timestamp = request_headers.get('HTTP_X_TIMESTAMP')
-        if not webhook_timestamp:
-            # If no timestamp provided, skip validation (some providers don't include it)
-            return True, None
-        try:
-            # Parse timestamp (support multiple formats)
-            if isinstance(webhook_timestamp, (int, float)):
-                webhook_time = datetime.fromtimestamp(webhook_timestamp, tz=timezone.utc)
-            else:
-                # Try to parse ISO format
-                webhook_time = datetime.fromisoformat(webhook_timestamp.replace('Z', '+00:00'))
-            current_time = timezone.now()
-            time_diff = abs((current_time - webhook_time).total_seconds())
-            if time_diff > self.max_timestamp_drift:
-                return False, f"Webhook timestamp too old or too new: {time_diff}s drift"
-            return True, None
-        except Exception as e:
-            logger.warning(f"Could not validate timestamp: {e}")
-            return True, None  # Skip validation if timestamp format is unknown
-    def _check_rate_limits(
-        self,
-        provider: str,
-        request_headers: Dict[str, str]
-    ) -> Tuple[bool, Optional[str]]:
-        """
-        Check webhook rate limits to prevent abuse.
-        """
-        # Extract IP address
-        ip_address = (
-            request_headers.get('HTTP_X_FORWARDED_FOR', '').split(',')[0].strip() or
-            request_headers.get('HTTP_X_REAL_IP', '') or
-            request_headers.get('REMOTE_ADDR', 'unknown')
-        )
-        # Rate limit key
-        rate_limit_key = f"webhook_rate_limit:{provider}:{ip_address}"
-        # Check current rate
-        current_count = cache.get(rate_limit_key, 0)
-        max_webhooks_per_minute = 60  # Configurable limit
-        if current_count >= max_webhooks_per_minute:
-            return False, f"Rate limit exceeded: {current_count} webhooks/minute from {ip_address}"
-        # Increment counter
-        cache.set(rate_limit_key, current_count + 1, timeout=60)
-        return True, None
-    def _validate_nonce(self, nonce: str, provider: str) -> Tuple[bool, Optional[str]]:
-        """
-        Validate nonce format and uniqueness.
-        CRITICAL: Prevents replay attacks for CryptAPI.
-        """
-        # Validate nonce format
-        if not nonce or len(nonce) < 8:
-            return False, "Nonce too short"
-        if len(nonce) > 64:
-            return False, "Nonce too long"
-        # Check nonce uniqueness
-        nonce_key = f"webhook_nonce:{provider}:{nonce}"
-        if cache.get(nonce_key):
-            return False, "Nonce already used (replay attack)"
-        # Store nonce to prevent reuse
-        cache.set(nonce_key, True, timeout=self.nonce_cache_timeout)
-        return True, None
-    def _validate_order_id_format(self, order_id: str) -> bool:
-        """Validate order ID format."""
-        if not order_id:
-            return False
-        # Basic validation (customize per your order ID format)
-        if len(order_id) < 3 or len(order_id) > 50:
-            return False
-        # Allow alphanumeric, dash, underscore
-        import re
-        if not re.match(r'^[a-zA-Z0-9_-]+$', order_id):
-            return False
-        return True
-    def _validate_payment_address(self, address: str, provider: str) -> bool:
-        """
-        Validate that payment address exists in our system.
-        CRITICAL: Prevents webhooks for unknown addresses.
-        """
-        try:
-            # Check if address exists in our payments
-            return UniversalPayment.objects.filter(
-                provider=provider,
-                pay_address=address
-            ).exists()
-        except Exception as e:
-            logger.error(f"Error validating payment address: {e}")
-            return True  # Allow if validation fails (avoid false negatives)
-    def _generate_idempotency_key(
-        self,
-        provider: str,
-        webhook_data: Dict[str, Any],
-        request_headers: Dict[str, str]
-    ) -> str:
-        """Generate secure idempotency key for webhook deduplication."""
-        # Use multiple fields for uniqueness
-        payment_id = (
-            webhook_data.get('payment_id') or
-            webhook_data.get('order_id') or
-            webhook_data.get('id') or
-            webhook_data.get('uuid') or
-            'unknown'
-        )
-        # Include status to allow multiple status updates for same payment
-        status = webhook_data.get('status', 'unknown')
-        # Include timestamp for additional uniqueness
-        timestamp = (
-            webhook_data.get('timestamp') or
-            webhook_data.get('created_at') or
-            webhook_data.get('updated_at') or
-            str(int(time.time()))
-        )
-        # Create secure hash
-        key_data = f"{provider}:{payment_id}:{status}:{timestamp}"
-        return hashlib.sha256(key_data.encode()).hexdigest()[:32]
-    def _log_security_event(self, event_type: str, provider: str, details: str):
-        """Log security events for monitoring and alerting."""
-        try:
-            # Create security event log
-            PaymentEvent.objects.create(
-                event_type=f'security_{event_type}',
-                provider=provider,
-                metadata={
-                    'event_type': event_type,
-                    'provider': provider,
-                    'details': details,
-                    'timestamp': timezone.now().isoformat(),
-                    'severity': 'HIGH' if 'attack' in event_type else 'MEDIUM'
-                }
-            )
-            # Log to application logger
-            if 'attack' in event_type or 'failed' in event_type:
-                logger.warning(f"🚨 Security Event [{event_type}] {provider}: {details}")
-            else:
-                logger.info(f"🔒 Security Event [{event_type}] {provider}: {details}")
-        except Exception as e:
-            logger.error(f"Failed to log security event: {e}")
-# Singleton instance for import
-webhook_validator = WebhookValidator()

django-cfg 1.2.31__py3-none-any.whl → 1.3.1__py3-none-any.whl

django-cfg 1.2.31py3-none-any.whl → 1.3.1py3-none-any.whl