django-restit 4.1.82__py3-none-any.whl → 4.1.83__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. account/models/member.py +3 -1
  2. account/rpc/auth.py +10 -3
  3. {django_restit-4.1.82.dist-info → django_restit-4.1.83.dist-info}/METADATA +1 -1
  4. {django_restit-4.1.82.dist-info → django_restit-4.1.83.dist-info}/RECORD +7 -7
  5. rest/__init__.py +1 -1
  6. {django_restit-4.1.82.dist-info → django_restit-4.1.83.dist-info}/LICENSE.md +0 -0
  7. {django_restit-4.1.82.dist-info → django_restit-4.1.83.dist-info}/WHEEL +0 -0
account/models/member.py CHANGED
@@ -250,9 +250,10 @@ class Member(User, RestModel, MetaDataModel):
250
250
  if c >= settings.LOCK_PASSWORD_ATTEMPTS:
251
251
  self.block("multiple incorrect password attempts", request=request)
252
252
  else:
253
+ self.log("login_failed", "incorrect password", request, method="login", level=31)
253
254
  self.reportIncident(
254
255
  "account", f"incorrect password for {self.username}", level=8,
255
- error_code=401,
256
+ error_code=498,
256
257
  request=request)
257
258
  c = RemoteEvents.hincrby("users:failed:ip", request.ip, 1)
258
259
 
@@ -707,6 +708,7 @@ class Member(User, RestModel, MetaDataModel):
707
708
  self.reportIncident(
708
709
  "account", f"account '{self.username}' blocked: {reason}", level=2,
709
710
  request=request,
711
+ error_code=499,
710
712
  details=reason)
711
713
 
712
714
  def unblock(self, request=None):
account/rpc/auth.py CHANGED
@@ -23,7 +23,7 @@ def member_login(request):
23
23
  password = request.DATA.get('password', None)
24
24
  if username and password:
25
25
  return member_login_uname_pword(request, username, password)
26
- return rv.restPermissionDenied(request, "Invalid credentials", 401)
26
+ return rv.restPermissionDenied(request, f"Invalid credentials {username}/{auth_code}", 401)
27
27
 
28
28
 
29
29
  @rd.urlPOST(r'^jwt/login$')
@@ -44,8 +44,8 @@ def jwt_login(request):
44
44
  if resp is not None:
45
45
  return resp
46
46
  if not member.login(request=request, password=password, use_jwt=True):
47
- member.log("login_failed", "incorrect password", request, method="login", level=31)
48
- return rv.restPermissionDenied(request, error="Invalid Credentials", error_code=401)
47
+ # we do not want permission denied catcher invoked as it is already handled in login method
48
+ return rv.restStatus(request, False, error=f"Invalid Credentials {username}", error_code=401)
49
49
  return on_complete_jwt(request, member)
50
50
 
51
51
 
@@ -137,14 +137,17 @@ def checkForTOTP(request, member):
137
137
  if not member.has_totp:
138
138
  # we have a phone number so tell them to login with code
139
139
  # they will need to request a code
140
+ request.member = member
140
141
  return rv.restPermissionDenied(
141
142
  request, error=member.phone_number[-4:],
142
143
  error_code=454)
143
144
  totp_code = request.DATA.get("totp_code", None)
144
145
  if totp_code is None:
145
146
  # member.log("login_blocked", "requires MFA (TOTP)", request, method="login", level=31)
147
+ request.member = member
146
148
  return rv.restPermissionDenied(request, error="Requires MFA (TOTP)", error_code=455)
147
149
  if not member.totp_verify(totp_code):
150
+ request.member = member
148
151
  member.log("login_blocked", "Invalid MFA code", request, method="login", level=31)
149
152
  return rv.restPermissionDenied(request, error="Invalid Credentials", error_code=456)
150
153
  return None
@@ -160,6 +163,7 @@ def member_login_uname_pword(request, username, password):
160
163
  if resp is not None:
161
164
  return resp
162
165
  if not member.login(request=request, password=password, use_jwt=False):
166
+ request.member = member
163
167
  member.log("login_failed", "incorrect password", request, method="login", level=31)
164
168
  return rv.restPermissionDenied(request, error="Password or Username is incorrect", error_code=401)
165
169
 
@@ -258,9 +262,11 @@ def member_check_can_login(request, member):
258
262
  if not member:
259
263
  return rv.restPermissionDenied(request, error="Password or Username is incorrect", error_code=422)
260
264
  if not member.is_active:
265
+ request.member = member
261
266
  member.log("login_blocked", "account is not active", request, method="login", level=31)
262
267
  return rv.restPermissionDenied(request, error="Account disabled", error_code=410)
263
268
  if member.is_blocked:
269
+ request.member = member
264
270
  member.log("login_blocked", "account is locked out", request, method="login", level=31)
265
271
  return rv.restPermissionDenied(request, error="Account locked out", error_code=411)
266
272
  return None
@@ -320,6 +326,7 @@ def member_forgot_password_code(request, member):
320
326
  sms_msg="Your login code is:\n{}".format(code)):
321
327
  member.log("requested", "user requested password reset code", request, method="login_token", level=8)
322
328
  return rv.restStatus(request, True)
329
+ request.member = member
323
330
  member.log("error", "No valid email/phone, check users profile!", request, method="login_token", level=6)
324
331
  return rv.restPermissionDenied(request, error="No valid email/phone, check users profile!")
325
332
 
{django_restit-4.1.82.dist-info → django_restit-4.1.83.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: django-restit
3
- Version: 4.1.82
3
+ Version: 4.1.83
4
4
  Summary: A Rest Framework for DJANGO
5
5
  License: MIT
6
6
  Author: Ian Starnes
{django_restit-4.1.82.dist-info → django_restit-4.1.83.dist-info}/RECORD RENAMED
@@ -23,7 +23,7 @@ account/models/device.py,sha256=XipNpByreGubB5-d4ZBOoIV5Xw14b2Btcgn6fXz8HAc,4105
23
23
  account/models/feeds.py,sha256=4n4Mv8HjcXpUmMPWafHlsGbVQ1fDKdtblL1hp30sDrg,1437
24
24
  account/models/group.py,sha256=04T5Oy9fU7QadBBC1aD1Vy0Pb26hANqxicWWx003A-4,20047
25
25
  account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
26
- account/models/member.py,sha256=iW0ciEsX-bM2EzVLOu4-Gl3pqmcSYpwD8AS3MOhbuXA,48768
26
+ account/models/member.py,sha256=1PyHrOadU2Kzl-GR-m5OzHD8ZROhubZ7fr2e8LfFgYE,48890
27
27
  account/models/membership.py,sha256=Qmp0xQa_3ObB581L83gce69t9eSfyH-mZZuGqW3ueI8,7763
28
28
  account/models/notify.py,sha256=YnZujSHJHY7B09e6FIyZIEJRWLPYk1Sk1e92tFzB1IA,12078
29
29
  account/models/session.py,sha256=swhxcx_lWzOpGCmfifXoACgWYqmKmS7eZsD9s9jSToc,3509
@@ -32,7 +32,7 @@ account/oauth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
32
32
  account/oauth/google.py,sha256=q5M6Qhpfp9QslKRVYFZBvtG6kgXV6vYMrR5fp6Xdb9I,2078
33
33
  account/periodic.py,sha256=-u0n-7QTJgDOkasGhBAPwHAwjpqWGA-MZLEFkVTqCGU,874
34
34
  account/rpc/__init__.py,sha256=L_AqHC0WbgUgLoqvNz6pY0E34eqh7sRaX77I6TxhRZ4,152
35
- account/rpc/auth.py,sha256=mKPcILyD4VGbHXXZ4FbE5tr83QMoY-uMFp5mKoa4ucI,14297
35
+ account/rpc/auth.py,sha256=B1opyf8wLUehT-4cTtekMyAHRlZvwqAU6HL9VNu_Mr4,14558
36
36
  account/rpc/device.py,sha256=fbbZFp3cUdhVXvD7gVFOqFWj4hKS3bjZKD_aF5fQxd8,2852
37
37
  account/rpc/group.py,sha256=Y_Ii-vlDx09neMd95AmC7xBwDf3wdFgXjB-kIG2jMdE,3472
38
38
  account/rpc/member.py,sha256=oKdXSGhQ7AOPTwisZ5RvHhQ1SdZoXWlBQY0lIlDXJY0,1150
@@ -351,7 +351,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
351
351
  rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
352
352
  rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
353
353
  rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
354
- rest/__init__.py,sha256=XOgIgJdG91p71NagFE18aCiFtoifASsm05iJfwy3cKU,121
354
+ rest/__init__.py,sha256=i41KA-r3ZBWJff5yXjNVo-lZd8vd7o871IvVtuQ9JIs,121
355
355
  rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
356
356
  rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
357
357
  rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
@@ -483,7 +483,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
483
483
  ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
484
484
  ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
485
485
  ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
486
- django_restit-4.1.82.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
487
- django_restit-4.1.82.dist-info/METADATA,sha256=8MgUs15csTiyqFhpgK0C8YKkAyuqAhePyYW7Kry70cw,7573
488
- django_restit-4.1.82.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
489
- django_restit-4.1.82.dist-info/RECORD,,
486
+ django_restit-4.1.83.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
487
+ django_restit-4.1.83.dist-info/METADATA,sha256=h78fY6BxpLcwK34yFcQkJ5qlQSI_LW_g7unWCNFzqDQ,7573
488
+ django_restit-4.1.83.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
489
+ django_restit-4.1.83.dist-info/RECORD,,
rest/__init__.py CHANGED
@@ -1,4 +1,4 @@
1
1
  from .uberdict import UberDict # noqa: F401
2
2
  from .settings_helper import settings # noqa: F401
3
3
 
4
- __version__ = "4.1.82"
4
+ __version__ = "4.1.83"