django-restit 4.2.15__py3-none-any.whl → 4.2.17__py3-none-any.whl

account/models/member.py

@@ -88,6 +88,7 @@ class Member(User, RestModel, MetaDataModel):
             ("perms", "properties|permissions.")]
         QUERY_FIELDS_SPECIAL = {
             "ip": "auth_sessions__ip",
+            "login_country": "auth_sessions__location__country"
         }
         UNIQUE_LOOKUP = ["username", "email"]
         METADATA_FIELD_PROPERTIES = settings.USER_METADATA_PROPERTIES
@@ -474,6 +475,7 @@ class Member(User, RestModel, MetaDataModel):
 
     def disable(self, by="system", reason="", notify=True):
         self.is_active = False
+        self.security_token = None
         self.save()
         self.memberships.update(state=-25)
 

account/passkeys/core.py

@@ -6,6 +6,8 @@ try:
     import fido2
     from fido2.server import Fido2Server
     from fido2.utils import websafe_decode, websafe_encode
+    from fido2 import cbor
+    fido2.features.webauthn_json_mapping.enabled = True
 except Exception:
     pass
 
@@ -21,7 +23,6 @@ FIDO_KEY_ATTACHMENT = settings.get("FIDO_KEY_ATTACHMENT", "cross-platform")
 
 FIDO_SERVER_ID = settings.get("FIDO_SERVER_ID", settings.SERVER_NAME)
 FIDO_SERVER_NAME = settings.get("FIDO_SERVER_NAME", settings.SITE_LABEL)
-fido2.features.webauthn_json_mapping.enabled = True
 
 
 def verify_origin(id):
@@ -52,6 +53,9 @@ def registerBegin(member, request, attachment=FIDO_KEY_ATTACHMENT):
         authenticator_attachment=attachment,
         resident_key_requirement=webauthn.ResidentKeyRequirement.PREFERRED)
     rp = objict(server.rp)
+    data = objict.fromdict(dict(data))
+    data.excludeCredentials = getUserCredentials(member, websafe=True)
+    rh.debug("data", data)
     # rh.debug("registerBegin", rp, server.rp.id_hash)
     return data, state, rp
 
@@ -80,10 +84,15 @@ def registerComplete(request, fido2_state, rp_id):
     return user_key
 
 
-def getUserCredentials(member):
+def getUserCredentials(member, websafe=False):
     if member is None:
         return []
-    return [webauthn.AttestedCredentialData(websafe_decode(uk.token)) for uk in member.passkeys.all()]
+    creds = [webauthn.AttestedCredentialData(websafe_decode(uk.token)) for uk in member.passkeys.all()]
+    if websafe:
+        return [dict(
+            type="public-key",
+            id=rh.toBase64(acd.credential_id)) for acd in creds]
+    return creds
 
 
 def authBegin(request):
@@ -97,7 +106,7 @@ def authComplete(request, fido2_state, rp_id):
     credential = request.DATA.get("credential")
     upk = UserPassKey.objects.filter(uuid=credential.id, is_enabled=1).last()
     if upk is None:
-        raise Exception(f"could not find UserPassKey {credential.id}")
+        raise Exception("PassKey not found on host.")
     stored_credentials = [webauthn.AttestedCredentialData(websafe_decode(upk.token))]
     server = getServer(request, rp_id)
     cred = server.authenticate_complete(

account/rpc/passkeys.py

@@ -21,7 +21,7 @@ def rest_on_passkeys_reg_begin(request):
     # or in redis with expires in 5m?
     request.session["fido2_state"] = state
     request.session["fido2_rp_id"] = rp.id
-    return rv.restResult(request, dict(data))
+    return rv.restResult(request, data)
 
 
 @rd.url('passkeys/register/end')

{django_restit-4.2.15.dist-info → django_restit-4.2.17.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-restit
-Version: 4.2.15
+Version: 4.2.17
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes
@@ -16,6 +16,7 @@ Requires-Dist: boto3 (>=1.26.160,<2.0.0)
 Requires-Dist: django
 Requires-Dist: django-redis-cache (>=3.0.1,<4.0.0)
 Requires-Dist: django-redis-sessions (>=0.6.2,<0.7.0)
+Requires-Dist: fido2
 Requires-Dist: gevent (>=23.7.0,<24.0.0)
 Requires-Dist: hashids (>=1.3.1,<2.0.0)
 Requires-Dist: inlinestyler

{django_restit-4.2.15.dist-info → django_restit-4.2.17.dist-info}/RECORD

@@ -24,7 +24,7 @@ account/models/device.py,sha256=XipNpByreGubB5-d4ZBOoIV5Xw14b2Btcgn6fXz8HAc,4105
 account/models/feeds.py,sha256=4n4Mv8HjcXpUmMPWafHlsGbVQ1fDKdtblL1hp30sDrg,1437
 account/models/group.py,sha256=aG4qxqvuIEztZuNx5zw4R2EAQw5z8jZ4UBBpt9R3h1w,20218
 account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
-account/models/member.py,sha256=xrt9iJWvIdxVF7mxN3Ic-LOfsDIBc9nFo2NVJhbgVzs,49530
+account/models/member.py,sha256=Vv2z3QNzY201OvIRjo8tIPi4mv_T1YCuBfeRAhakRbg,49629
 account/models/membership.py,sha256=Qmp0xQa_3ObB581L83gce69t9eSfyH-mZZuGqW3ueI8,7763
 account/models/notify.py,sha256=YnZujSHJHY7B09e6FIyZIEJRWLPYk1Sk1e92tFzB1IA,12078
 account/models/passkeys.py,sha256=TJxITUi4DT4_1tW2K7ZlOcRjJuMVl2NtKz7pKQU8-Tw,1516
@@ -33,7 +33,7 @@ account/models/settings.py,sha256=gOyRWBVd3BQpjfj_hJPtqX3H46ztyRAFxBrPbv11lQg,21
 account/oauth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 account/oauth/google.py,sha256=q5M6Qhpfp9QslKRVYFZBvtG6kgXV6vYMrR5fp6Xdb9I,2078
 account/passkeys/__init__.py,sha256=FwXYJXwSJXfkLojGBcVpF1dFpgFhzDdd9N_3naYQ0cc,89
-account/passkeys/core.py,sha256=bmYNcY0hWI3DbmqDWJV8lk13RE3JOzwE0nzwhmAmbn4,3798
+account/passkeys/core.py,sha256=X8y1TCXupZZV-GF10nuPVmdpN0qYuzKe03RnaDlepP4,4116
 account/periodic.py,sha256=-u0n-7QTJgDOkasGhBAPwHAwjpqWGA-MZLEFkVTqCGU,874
 account/rpc/__init__.py,sha256=SGF0M_-H0dKh3b1apSX29BotNWAvITYccGQVC0MIjL8,336
 account/rpc/auth.py,sha256=hINQS6BC04tZS5G0A-XXn2zAWxjWnba0l3zKNKZUsJM,14934
@@ -42,7 +42,7 @@ account/rpc/group.py,sha256=Y_Ii-vlDx09neMd95AmC7xBwDf3wdFgXjB-kIG2jMdE,3472
 account/rpc/member.py,sha256=2HwARWk_1HHgZga3Y0Ii2NoTyzj1e3BuHpQ5miUQmCI,1260
 account/rpc/notify.py,sha256=Q2YWejP36egeF060Hih5uX4Psv_B8NWlLLPi7iDYlIw,3344
 account/rpc/oauth.py,sha256=qhXgrGrmg966_WTg7c4ZuldgWZEaub0dI3u102vX0wg,2669
-account/rpc/passkeys.py,sha256=84sDS_IqBQklINqZvYdEBh7-pCOv7Ea9JUKZoAgaQT0,1735
+account/rpc/passkeys.py,sha256=5x28nYILJUMMSwfVuWYL66hfoGUXahMqOwiHhM4I3Do,1729
 account/rpc/settings.py,sha256=EvPuwW63Gp_Va0ANIPAZ894tnS_JCctQ0FzqYRdKUNM,271
 account/settings.py,sha256=XEvZdcA6p_iUpDq9NmICK8rxzIQ8NViKfrpyuYgSV4o,53
 account/templates/email/base.html,sha256=GnqUkoOYLDmaL370E1M-Q0PKJ60VH0MzkcjUyg9DdyY,9709
@@ -358,7 +358,7 @@ pushit/utils.py,sha256=IeTCGa-164nmB1jIsK1lu1O1QzUhS3BKfuXHGjCW-ck,2121
 rest/.gitignore,sha256=TbEvWRMnAiajCTOdhiNrd9eeCAaIjRp9PRjE_VkMM5g,118
 rest/README.md,sha256=V3ETc-cJu8PZIbKr9xSe_pA4JEUpC8Dhw4bQeVCDJPw,5460
 rest/RemoteEvents.py,sha256=nL46U7AuxIrlw2JunphR1tsXyqi-ep_gD9CYGpYbNgE,72
-rest/__init__.py,sha256=YUjJZkCFllNo8iNv5AyvpOjypb7uYi7DkUmmmIdv5eY,121
+rest/__init__.py,sha256=iCDDA2gsIQ-HuEDv5Vhp2KFKS-VjymncBkOg3ZURSvA,121
 rest/arc4.py,sha256=y644IbF1ec--e4cUJ3KEYsewTCITK0gmlwa5mJruFC0,1967
 rest/cache.py,sha256=1Qg0rkaCJCaVP0-l5hZg2CIblTdeBSlj_0fP6vlKUpU,83
 rest/crypto/__init__.py,sha256=Tl0U11rgj1eBYqd6OXJ2_XSdNLumW_JkBZnaJqI6Ldw,72
@@ -373,9 +373,9 @@ rest/extra/__init__.py,sha256=YzmNsch5H5FFLkUK9mIAKyoRK_rJCA9HGb0kubp4h30,54
 rest/extra/json_metadata.py,sha256=p_ffzmANmOFix_oC3voR6_NNTjcn7-T7aXcH-I4_Npg,1078
 rest/fields.py,sha256=_v1TJVc6vyWlqmwFRJ6mtuR5Fo-lS0KcUhPWIrzKZUo,9719
 rest/forms.py,sha256=66Wm5cdy8tKib_mGicjq_yd-gNVMFWRECnrDksnNnwU,6316
-rest/helpers.py,sha256=S2jo13NkDz00D7mPdMd9e-HceoSNu0jcfAhke_1IvtU,27796
+rest/helpers.py,sha256=3zYt3NVQosv7r0MWsxQHpWjMRQ9xk1P_wxqrVJIPwZc,28021
 rest/joke.py,sha256=0PpKaX2iN7jlS62kgjfmmqkFBYLPURz15aQ8R7OJkJ8,260
-rest/jwtoken.py,sha256=1ruZGPTXnodb85ywPd8ZmRiRYCskopA8EhcbX7Adixc,2298
+rest/jwtoken.py,sha256=2BjRrnQSzm7ydHgYl6LIjfGW1YPmqjt-gDIo21O0WTk,2388
 rest/log.py,sha256=hd1_4HBOS395sfXJIL6BTw9yekm1SLgBwYx_PdfIhKA,20930
 rest/mail.py,sha256=O9x4ggr5pQjpjJP1zwV6sv5-2_JNTvU877GLih6ceBY,7737
 rest/mailman.py,sha256=v5O1G5s3HiAKmz-J1z0uT6_q3xsONPpxVl9saEyQQ2I,9174
@@ -390,13 +390,13 @@ rest/middleware/request.py,sha256=JchRNy5L-bGd-7h-KFYekGRvREe2eCkZXKOYqIkP2hI,41
 rest/middleware/session.py,sha256=zHSoQpIzRLmpqr_JvW406wzpvU3W3gDbm5JhtzLAMlE,10240
 rest/middleware/session_store.py,sha256=1nSdeXK8PyuYgGgIufqrS6j6QpIrQ7zbMNT0ol75e6U,1901
 rest/models/__init__.py,sha256=M8pvFDq-WCF-QcM58X7pMufYYe0aaQ3U0PwGe9TKbbY,130
-rest/models/base.py,sha256=F_Tl8Wgso53T-vgwsPgMXIiZPEic7F99739M2QIO0OM,66456
+rest/models/base.py,sha256=Os_qWTvFedZQddulSsSdebheLIg9EGiYOGijofscTxQ,66539
 rest/models/cacher.py,sha256=eKz8TINVhWEqKhJGMsRkKZTtBUIv5rN3NHbZwOC56Uk,578
 rest/models/metadata.py,sha256=ui0962oaWbYGIbkNs7oaUGKyaca9epsW2H-ywgyH7rg,12631
 rest/net.py,sha256=LTF4ip-ur8C2G7NETVOg7ioACegBGo4sDJA18PfF5kQ,1691
 rest/regexes.yaml,sha256=VoGb4E-P_K9f82Yzcpltgzekpt9usRtwu9PYlo46nUw,149463
 rest/requestex.py,sha256=qtm6vpvbHzNYqMj8271TyelnWagZ5i0q50TfXW943F8,15834
-rest/rpc.py,sha256=1rfwBnqt-NN0o4M4IhpZbEI4QfQDQFEUbFGzY8haFCo,3714
+rest/rpc.py,sha256=os1hDll9c-tQMh2r4ZwWeVOiDT50pVPxX0iqXHqpxC8,3951
 rest/search.py,sha256=QVjk2b5tZLgf1zM2MHvJTyRjwUbY5ZD7HXSTmSPXtvU,8362
 rest/serializers/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 rest/serializers/collection.py,sha256=86AaICz8JylFUzhqouRpp_7v0cNzWcZpsW9yWZQ3w6Q,4648
@@ -490,7 +490,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.15.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.15.dist-info/METADATA,sha256=2-dS4Q3qnwlkM2FYOHgc-sxCd6eERTTmVUsxeYZ6ilA,7573
-django_restit-4.2.15.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
-django_restit-4.2.15.dist-info/RECORD,,
+django_restit-4.2.17.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.17.dist-info/METADATA,sha256=ip7XGy-01eL9WI3vHoccBRjfVumkF-oHlm5gdWUkrhA,7594
+django_restit-4.2.17.dist-info/WHEEL,sha256=Zb28QaM1gQi8f4VCBhsUklF61CTlNYfs9YAZn-TOGFk,88
+django_restit-4.2.17.dist-info/RECORD,,

rest/__init__.py

@@ -1,4 +1,4 @@
 from .uberdict import UberDict  # noqa: F401
 from .settings_helper import settings  # noqa: F401
 
-__version__ = "4.2.15"
+__version__ = "4.2.17"

rest/helpers.py

@@ -863,6 +863,13 @@ def getBlockedHosts():
     return blocked
 
 
+def toInteger(value):
+    if isinstance(value, str):
+        if "." in value:
+            return int(float(value))
+    return int(value)
+
+
 def toString(value):
     if isinstance(value, bytes):
         value = value.decode()
@@ -897,7 +904,9 @@ def hexToByteArray(value):
 def hexToString(value):
     return bytes.fromhex(value).decode('utf-8')
 
-def toBase64(value):
+def toBase64(value, as_str=True):
+    if as_str:
+        return toString(base64.b64encode(toBytes(value)))
     return base64.b64encode(toBytes(value))
 
 def fromBase64(value):

rest/jwtoken.py

@@ -6,14 +6,16 @@ from rest import settings
 
 
 JWT_EXP_1_DAY = 86400
+JWT_EXP_2_DAY = 172800
 JWT_EXP_7_DAY = 604800
 JWT_EXP_30_MIN = 1800
 JWT_KEY = settings.SECRET_KEY
-JWT_EXP_DEFAULT = settings.get("JWT_EXP_DEFAULT", JWT_EXP_30_MIN)
+JWT_EXPIRES = settings.get("JWT_EXPIRES", JWT_EXP_30_MIN)
+JWT_REFRESH_EXPIRES = settings.get("JWT_REFRESH_EXPIRES", JWT_EXP_2_DAY)
 
 
 class JWToken():
-    def __init__(self, token=None, user_id=None, key=JWT_KEY, device_id=None, alg="HS256", access_expires_in=JWT_EXP_DEFAULT, refresh_expires_in=JWT_EXP_7_DAY):
+    def __init__(self, token=None, user_id=None, key=JWT_KEY, device_id=None, alg="HS256", access_expires_in=JWT_EXPIRES, refresh_expires_in=JWT_REFRESH_EXPIRES):
         # takes full JWT token header.payload.signature
         self.token = token
         self.key = key

rest/models/base.py

@@ -1573,6 +1573,8 @@ class RestModel(object):
             ft = cls.get_field_type(fn)
             if ft == "DateTimeField":
                 value = rh.parseDateTime(value)
+            elif ft == "IntegerField":
+                value = rh.toInteger(value)
             q[key] = value
         if bool(q):
             # rh.debug("queryFromRequest", q, "default_filters:", request.default_rest_filters)

rest/rpc.py

@@ -42,6 +42,14 @@ def on_get_version(request):
     return views.restStatus(request, True, {"data": versions})
 
 
+@url('test/session')
+def on_get_my_session(request):
+    echo = request.DATA.get("echo", None)
+    if echo:
+        request.session["echo"] = echo
+    return views.restReturn(request, dict(echo=request.session.get("echo", "not set")))
+
+
 @url(r'^joke$')
 def on_get_joke(request):
     return views.restGet(request, {"joke": joke.getRandomJoke()})