PyPI - mdbq - Versions diffs - 4.0.103__tar.gz → 4.0.104__tar.gz - Mend

mdbq 4.0.103tar.gz → 4.0.104tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

{mdbq-4.0.103 → mdbq-4.0.104}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mdbq
-Version: 4.0.103
+Version: 4.0.104
 Home-page: https://pypi.org/project/mdbq
 Author: xigua,
 Author-email: 2587125111@qq.com

mdbq-4.0.104/mdbq/__version__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ VERSION = '4.0.104'

{mdbq-4.0.103 → mdbq-4.0.104}/mdbq/auth/auth_backend.py RENAMED Viewed

@@ -147,8 +147,8 @@ class StandaloneAuthManager:
                 ping=1,
                 charset='utf8mb4',
                 cursorclass=pymysql.cursors.DictCursor,
-                autocommit=True,  # 启用自动提交，避免锁冲突
-                init_command="SET time_zone = '+00:00'"
+                autocommit=True  # 启用自动提交，避免锁冲突
+                # 使用系统本地时区，不强制设置UTC
             )
         except Exception as e:
@@ -515,15 +515,15 @@ class StandaloneAuthManager:
                 }
             # 检查账户锁定状态
-            current_time_utc = datetime.now(timezone.utc)
+            current_time = datetime.now()
             if locked_until:
                 if locked_until.tzinfo is None:
                     locked_until = locked_until.replace(tzinfo=timezone.utc)
                 elif locked_until.tzinfo != timezone.utc:
                     locked_until = locked_until.astimezone(timezone.utc)
-                if locked_until > current_time_utc:
-                    remaining_seconds = int((locked_until - current_time_utc).total_seconds())
+                if locked_until > current_time:
+                    remaining_seconds = int((locked_until - current_time).total_seconds())
                     self._log_login_attempt(username_or_email, ip_address, user_agent, 'failure', 'account_locked', user_id)
                     self._record_ip_failure(ip_address, 'login')
                     return {
@@ -540,7 +540,7 @@ class StandaloneAuthManager:
                 if login_attempts >= self.auth_config['max_login_attempts']:
                     lockout_duration = self.auth_config['lockout_duration']
-                    locked_until = current_time_utc + timedelta(seconds=lockout_duration)
+                    locked_until = current_time + timedelta(seconds=lockout_duration)
                     cursor.execute('''
                         UPDATE users SET login_attempts = %s, locked_until = %s WHERE id = %s
                     ''', (login_attempts, locked_until, user_id))
@@ -573,7 +573,7 @@ class StandaloneAuthManager:
             # 登录成功，重置尝试次数
             cursor.execute('''
                 UPDATE users SET login_attempts = 0, locked_until = NULL, last_login = %s WHERE id = %s
-            ''', (current_time_utc, user_id))
+            ''', (current_time, user_id))
             # 记录成功登录
             self._log_login_attempt(username_or_email, ip_address, user_agent, 'success', None, user_id)
@@ -586,7 +586,7 @@ class StandaloneAuthManager:
                 'email': email,
                 'role': role,
                 'permissions': self._safe_json_parse(permissions),
-                'last_login': current_time_utc.isoformat()
+                'last_login': current_time.isoformat()
             }
         finally:
@@ -595,16 +595,16 @@ class StandaloneAuthManager:
     def generate_access_token(self, user_info):
         """生成访问令牌"""
-        now_utc = datetime.now(timezone.utc)
-        exp_utc = now_utc + timedelta(seconds=self.auth_config['access_token_expires'])
+        now = datetime.now()
+        exp = now + timedelta(seconds=self.auth_config['access_token_expires'])
         payload = {
             'user_id': user_info['user_id'],
             'username': user_info['username'],
             'role': user_info['role'],
             'permissions': user_info['permissions'],
-            'iat': int(now_utc.timestamp()),
-            'exp': int(exp_utc.timestamp()),
+            'iat': int(now.timestamp()),
+            'exp': int(exp.timestamp()),
             'type': 'access'
         }
@@ -646,7 +646,7 @@ class StandaloneAuthManager:
         cursor = conn.cursor()
         try:
-            current_time_utc = datetime.now(timezone.utc)
+            current_time = datetime.now()
             # 软删除：将该用户在该域名下的相同设备指纹的所有活跃会话标记为非活跃
             cursor.execute('''
@@ -702,7 +702,7 @@ class StandaloneAuthManager:
                   full_device_info.get('timezone_offset'),
                   full_device_info.get('language'),
                   full_device_info.get('hardware_concurrency'),
-                  ip_address, ip_address, user_agent, current_time_utc))
+                  ip_address, ip_address, user_agent, current_time))
             device_session_id = cursor.lastrowid
@@ -716,9 +716,9 @@ class StandaloneAuthManager:
         """生成刷新令牌"""
         token = secrets.token_urlsafe(64)
         token_hash = hashlib.sha256(token.encode()).hexdigest()
-        current_time_utc = datetime.now(timezone.utc)
-        expires_at = current_time_utc + timedelta(seconds=self.auth_config['refresh_token_expires'])
-        absolute_expires_at = current_time_utc + timedelta(days=self.auth_config['absolute_refresh_expires_days'])
+        current_time = datetime.now()
+        expires_at = current_time + timedelta(seconds=self.auth_config['refresh_token_expires'])
+        absolute_expires_at = current_time + timedelta(days=self.auth_config['absolute_refresh_expires_days'])
         conn = self.pool.connection()
         cursor = conn.cursor()
@@ -737,7 +737,7 @@ class StandaloneAuthManager:
                     rotation_count, max_rotations, created_at
                 ) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)
             ''', (token_hash, token, user_info['user_id'], device_session_id, expires_at,
-                  absolute_expires_at, 0, self.auth_config['max_refresh_rotations'], current_time_utc))
+                  absolute_expires_at, 0, self.auth_config['max_refresh_rotations'], current_time))
             return token
@@ -758,8 +758,7 @@ class StandaloneAuthManager:
             try:
                 # 验证刷新令牌
-                current_time_utc = datetime.now(timezone.utc)
-                current_time_naive = current_time_utc.replace(tzinfo=None)
+                current_time = datetime.now()
                 cursor.execute('''
                     SELECT rt.user_id, rt.device_session_id, rt.expires_at, rt.absolute_expires_at,
@@ -775,7 +774,7 @@ class StandaloneAuthManager:
                       AND rt.rotation_count < rt.max_rotations
                       AND rt.is_revoked = 0
                       AND ds.is_active = 1
-                ''', (token_hash, current_time_naive, current_time_naive))
+                ''', (token_hash, current_time, current_time))
                 result = cursor.fetchone()
@@ -787,7 +786,7 @@ class StandaloneAuthManager:
                     UPDATE device_sessions
                     SET last_activity = %s
                     WHERE id = %s
-                ''', (current_time_utc, result['device_session_id']))
+                ''', (current_time, result['device_session_id']))
                 # 生成新的tokens
                 user_info = {
@@ -803,7 +802,7 @@ class StandaloneAuthManager:
                 # 生成新的refresh token（轮换）
                 new_token = secrets.token_urlsafe(64)
                 new_token_hash = hashlib.sha256(new_token.encode()).hexdigest()
-                token_expires_at = current_time_utc + timedelta(seconds=self.auth_config['refresh_token_expires'])
+                token_expires_at = current_time + timedelta(seconds=self.auth_config['refresh_token_expires'])
                 # 删除旧token并插入新token
                 cursor.execute('''
@@ -818,7 +817,7 @@ class StandaloneAuthManager:
                     ) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)
                 ''', (new_token_hash, new_token, result['user_id'], result['device_session_id'],
                       token_expires_at, result['absolute_expires_at'],
-                      result['rotation_count'] + 1, result['max_rotations'], current_time_utc))
+                      result['rotation_count'] + 1, result['max_rotations'], current_time))
                 return {
                     'access_token': access_token,
@@ -1013,7 +1012,7 @@ class StandaloneAuthManager:
             # 生成重置令牌
             reset_token = secrets.token_urlsafe(32)
-            expires_at = datetime.now(timezone.utc) + timedelta(hours=1)  # 1小时有效期
+            expires_at = datetime.now() + timedelta(hours=1)  # 1小时有效期
             # 保存重置令牌
             cursor.execute('''
@@ -1429,6 +1428,7 @@ class StandaloneAuthManager:
     def logout_device(self, user_id, device_id=None, ip_address=None, user_agent=None, device_info=None, login_domain=''):
         """
+        【已废弃】
         登出设备（支持两种识别方式）
         Args:

{mdbq-4.0.103 → mdbq-4.0.104}/mdbq.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mdbq
-Version: 4.0.103
+Version: 4.0.104
 Home-page: https://pypi.org/project/mdbq
 Author: xigua,
 Author-email: 2587125111@qq.com