django-restit 4.2.75__py3-none-any.whl → 4.2.77__py3-none-any.whl

account/models/member.py

@@ -720,6 +720,10 @@ class Member(User, RestModel, MetaDataModel):
         self.security_token = crypto.randomString(8)
         self.save()
 
+    def forceLogout(self):
+        self.refreshSecurityToken()
+        self.sendEvent("logged_out", "Your user session has been terminated.")
+
     def generateAuthCode(self, length=6, expires=AUTH_CODE_EXPIRES_SECS):
         for i in range(0, 100):
             code = crypto.randomCode(length)
@@ -880,8 +884,8 @@ class Member(User, RestModel, MetaDataModel):
             if token is None:
                 token = AuthToken(member=self, role="default")
             token.generateToken()
-        elif action == "refresh_keys":
-            self.refreshSecurityToken()
+        elif action == "refresh_keys" or action == "force_logout":
+            self.forceLogout()
 
     def set_full_name(self, value):
         self.set_name(value)
@@ -1217,7 +1221,7 @@ class Member(User, RestModel, MetaDataModel):
             rh.log_print("no session for key", key)
             return None
         session_data = session.get_decoded()
-        rh.log_print(session_data)
+        # rh.log_print(session_data)
         uid = session_data.get('_auth_user_id', None)
         if uid is None:
             return None

account/rpc/auth.py

@@ -13,6 +13,7 @@ from datetime import datetime, timedelta
 
 ALLOW_BASIC_LOGIN = settings.get("ALLOW_BASIC_LOGIN", False)
 FORGET_ALWAYS_TRUE = settings.get("FORGET_ALWAYS_TRUE", True)
+JWT_UPDATE_REFRESH_TOKEN = settings.get("JWT_UPDATE_REFRESH_TOKEN", False)
 
 
 @rd.urlPOST(r'^login$')
@@ -122,7 +123,9 @@ def jwt_refresh(request):
     member.canLogin(request)
     token.refresh()
     request.jwt_token = token.access_token  # this tells the middleware to store in cookie
-    return rv.restGet(request, dict(access=token.access_token, refresh=token.refresh_token))
+    if JWT_UPDATE_REFRESH_TOKEN:
+        rtoken = token.refresh_token
+    return rv.restGet(request, dict(access=token.access_token, refresh=rtoken))
 
 
 def getMemberByUsername(username):

{django_restit-4.2.75.dist-info → django_restit-4.2.77.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: django-restit
-Version: 4.2.75
+Version: 4.2.77
 Summary: A Rest Framework for DJANGO
 License: MIT
 Author: Ian Starnes

{django_restit-4.2.75.dist-info → django_restit-4.2.77.dist-info}/RECORD

@@ -28,7 +28,7 @@ account/models/device.py,sha256=TloXvvrx3khF3BeGFuVYn6DhXjOW0AMZb4F9Fl5nBII,5491
 account/models/feeds.py,sha256=vI7fG4ASY1M0Zjke24RdnfDcuWeATl_yR_25jPmT64g,2011
 account/models/group.py,sha256=iDD_oSgswKV_t_gXZuVK80MvICrZZqdANm2jtGtOFy8,21985
 account/models/legacy.py,sha256=zYdtv4LC0ooxPVqWM-uToPwV-lYWQLorSE6p6yn1xDw,2720
-account/models/member.py,sha256=VoMxjh4p6y9nDhTBX8O571RQD16wEesG8K4z10ran1o,52796
+account/models/member.py,sha256=v2cM7g5XoOQi_ZAlGcOcKn24zZCfAFokxUFIqNshDxc,52960
 account/models/membership.py,sha256=90EpAhOsGaqphDAkONP6j_qQ0OWSRaQsI8H7E7fgMkE,9249
 account/models/notify.py,sha256=Qzi8gLsVi8nDx8gpL4dyr0MPExYYGIDxZvHFUdCs7H4,15072
 account/models/passkeys.py,sha256=TJxITUi4DT4_1tW2K7ZlOcRjJuMVl2NtKz7pKQU8-Tw,1516
@@ -40,7 +40,7 @@ account/passkeys/__init__.py,sha256=FwXYJXwSJXfkLojGBcVpF1dFpgFhzDdd9N_3naYQ0cc,
 account/passkeys/core.py,sha256=xj-vXjSrfWDvc5MYtEmXzwaMkNHl-cXrQKVrN9soRCg,4126
 account/periodic.py,sha256=-u0n-7QTJgDOkasGhBAPwHAwjpqWGA-MZLEFkVTqCGU,874
 account/rpc/__init__.py,sha256=SGF0M_-H0dKh3b1apSX29BotNWAvITYccGQVC0MIjL8,336
-account/rpc/auth.py,sha256=3BJMQZ6dxE0U3HvFbedx0kBGzLzZjP8XkkcUcBobRTk,16483
+account/rpc/auth.py,sha256=p62tyihWvSY2zn7eaVxKcCG9qLnnZBIkwdRH81sS5_Y,16615
 account/rpc/device.py,sha256=mB14a6qvJIBnCa9ivLhPXwEt5Gk2foyqsKBtZxC506k,3070
 account/rpc/group.py,sha256=FD9GymgPY68y-gtDLsZxYVdwQJeLGpqcP4hjcDUh-GM,4022
 account/rpc/member.py,sha256=VNRSD38mmTUCbq3cCSy3qRyquzeVEwW_8zzrtS0-vAA,1817
@@ -386,7 +386,7 @@ rest/fields.py,sha256=_v1TJVc6vyWlqmwFRJ6mtuR5Fo-lS0KcUhPWIrzKZUo,9719
 rest/forms.py,sha256=66Wm5cdy8tKib_mGicjq_yd-gNVMFWRECnrDksnNnwU,6316
 rest/helpers.py,sha256=l_vA0mdY4gZmOwzmqt-qB3DcF3aKkmteerXzJd2Qq7Q,28369
 rest/joke.py,sha256=0PpKaX2iN7jlS62kgjfmmqkFBYLPURz15aQ8R7OJkJ8,260
-rest/jwtoken.py,sha256=2BjRrnQSzm7ydHgYl6LIjfGW1YPmqjt-gDIo21O0WTk,2388
+rest/jwtoken.py,sha256=6AIe9IpsOn44sodiV0OPYeTZZNhS8VRiakV-rOuCyGw,2444
 rest/log.py,sha256=hd1_4HBOS395sfXJIL6BTw9yekm1SLgBwYx_PdfIhKA,20930
 rest/mail.py,sha256=Rm40hWDYop0tMqxdN-J2NT-dCnP-f4SfCZxSO02ajzs,7965
 rest/mailman.py,sha256=v5O1G5s3HiAKmz-J1z0uT6_q3xsONPpxVl9saEyQQ2I,9174
@@ -452,7 +452,7 @@ taskqueue/migrations/0001_initial.py,sha256=JwYib8CK5ftSXlfxKZUcKEEVsXktNB5q3h-2
 taskqueue/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 taskqueue/models.py,sha256=N3_9jWHPGzs6UxlAzpjst6qPhvIs1RELTy1cMXMeXsA,22407
 taskqueue/periodic.py,sha256=2i0271khrCow3hDmlNEcoAZnesBVl40jd7MIim2Cxs4,3543
-taskqueue/rpc.py,sha256=If5E9D9AR2RqW4lHRaDuD9L9b9ZfL_PaBQ6iX91ehvU,5736
+taskqueue/rpc.py,sha256=Lf5VUoqCRkfWUAIvx_s508mjAtDPwpiWyxg0ryqWbQA,5793
 taskqueue/tq.py,sha256=PzSoDrawYcqZylruEgsK95gcJ4J_VhdM6rxg9V6_X8E,942
 taskqueue/transports/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 taskqueue/transports/email.py,sha256=H4GaomiyCck5R_AOcsrMawCl-_Bp_Zg-uWto9t1Xcoo,623
@@ -502,7 +502,7 @@ ws4redis/servers/uwsgi.py,sha256=VyhoCI1DnVFqBiJYHoxqn5Idlf6uJPHvfBKgkjs34mo,172
 ws4redis/settings.py,sha256=K0yBiLUuY81iDM4Yr-k8hbvjn5VVHu5zQhmMK8Dtz0s,1536
 ws4redis/utf8validator.py,sha256=S0OlfjeGRP75aO6CzZsF4oTjRQAgR17OWE9rgZdMBZA,5122
 ws4redis/websocket.py,sha256=R0TUyPsoVRD7Y_oU7w2I6NL4fPwiz5Vl94-fUkZgLHA,14848
-django_restit-4.2.75.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
-django_restit-4.2.75.dist-info/METADATA,sha256=JzZ59EQ9VakJIy_mZyWZ5SbCrdnxqSpI53sVs484TFU,7645
-django_restit-4.2.75.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-django_restit-4.2.75.dist-info/RECORD,,
+django_restit-4.2.77.dist-info/LICENSE.md,sha256=VHN4hhEeVOoFjtG-5fVv4jesA4SWi0Z-KgOzzN6a1ps,1068
+django_restit-4.2.77.dist-info/METADATA,sha256=uVn8E8Ts3Hiv_mvZKMK3nZois8Z1zy79o0BhcdbtGrY,7645
+django_restit-4.2.77.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+django_restit-4.2.77.dist-info/RECORD,,

rest/jwtoken.py

@@ -9,13 +9,16 @@ JWT_EXP_1_DAY = 86400
 JWT_EXP_2_DAY = 172800
 JWT_EXP_7_DAY = 604800
 JWT_EXP_30_MIN = 1800
+JWT_EXP_15_MIN = 900
 JWT_KEY = settings.SECRET_KEY
 JWT_EXPIRES = settings.get("JWT_EXPIRES", JWT_EXP_30_MIN)
 JWT_REFRESH_EXPIRES = settings.get("JWT_REFRESH_EXPIRES", JWT_EXP_2_DAY)
 
 
 class JWToken():
-    def __init__(self, token=None, user_id=None, key=JWT_KEY, device_id=None, alg="HS256", access_expires_in=JWT_EXPIRES, refresh_expires_in=JWT_REFRESH_EXPIRES):
+    def __init__(self, token=None, user_id=None, key=JWT_KEY, 
+                 device_id=None, alg="HS256", access_expires_in=JWT_EXPIRES,
+                 refresh_expires_in=JWT_REFRESH_EXPIRES):
         # takes full JWT token header.payload.signature
         self.token = token
         self.key = key

taskqueue/rpc.py

@@ -87,6 +87,7 @@ def rest_on_test(request):
 
 
 @rd.url(r'^task/status$')
+@rd.login_required
 def rest_on_task_status(request):
     out = UberDict()
     last_completed = tq.Task.objects.filter(state=tq.TASK_STATE_COMPLETED).last()
@@ -109,6 +110,7 @@ def rest_on_task_status(request):
 
 
 @rd.urlGET('workers')
+@rd.login_required
 def rest_on_runners(request):
     workers = tq.TaskWorkerClient.GET_ONLINE()
     if request.DATA.get("graph") == "detailed":
@@ -124,6 +126,7 @@ def rest_on_runners(request):
 # write a django query to 
 
 @rd.url(r'^task/stats$')
+@rd.login_required
 def rest_on_stats(request):
     now = datetime.now() 
     when = now - timedelta(days=request.DATA.get("days", 7, field_type=int))