PyPI - mdbq - Versions diffs - 4.0.96__tar.gz → 4.0.98__tar.gz - Mend

mdbq 4.0.96tar.gz → 4.0.98tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of mdbq might be problematic. Click here for more details.

Files changed (44) hide show

{mdbq-4.0.96 → mdbq-4.0.98}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mdbq
-Version: 4.0.96
+Version: 4.0.98
 Home-page: https://pypi.org/project/mdbq
 Author: xigua,
 Author-email: 2587125111@qq.com

mdbq-4.0.98/mdbq/__version__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ VERSION = '4.0.98'

{mdbq-4.0.96 → mdbq-4.0.98}/mdbq/auth/auth_backend.py RENAMED Viewed

@@ -223,6 +223,8 @@ class StandaloneAuthManager:
                     user_id BIGINT UNSIGNED NOT NULL,
                     device_id VARCHAR(255) CHARACTER SET ascii NOT NULL,
                     device_fingerprint VARCHAR(255) CHARACTER SET ascii NOT NULL,
+                    login_domain VARCHAR(255) NOT NULL DEFAULT '' COMMENT '登录时的域名',
+                    session_version INT UNSIGNED NOT NULL DEFAULT 1 COMMENT '会话版本号',
                     device_name VARCHAR(255) NOT NULL DEFAULT 'Unknown Device',
                     custom_name VARCHAR(255) DEFAULT NULL COMMENT '用户自定义设备名称',
                     device_type ENUM('mobile', 'desktop', 'tablet', 'unknown') NOT NULL DEFAULT 'unknown',
@@ -242,13 +244,15 @@ class StandaloneAuthManager:
                     trust_level ENUM('trusted', 'normal', 'suspicious') NOT NULL DEFAULT 'normal' COMMENT '设备信任级别',
                     UNIQUE KEY uk_device_sessions_device_id (device_id),
-                    UNIQUE KEY uk_device_sessions_user_fingerprint (user_id, device_fingerprint),
+                    UNIQUE KEY uk_device_sessions_user_fingerprint_domain_version (user_id, device_fingerprint, login_domain, session_version),
                     KEY idx_device_sessions_user_id (user_id),
                     KEY idx_device_sessions_user_device (user_id, device_id),
                     KEY idx_device_sessions_last_activity (last_activity),
                     KEY idx_device_sessions_is_active (is_active),
                     KEY idx_device_sessions_fingerprint (device_fingerprint),
                     KEY idx_device_sessions_trust_level (trust_level),
+                    KEY idx_device_sessions_login_domain (login_domain),
+                    KEY idx_device_sessions_user_domain (user_id, login_domain),
                     CONSTRAINT fk_device_sessions_user_id
                         FOREIGN KEY (user_id)
@@ -621,7 +625,7 @@ class StandaloneAuthManager:
         except jwt.InvalidTokenError:
             return None
-    def create_or_update_device_session(self, user_id, ip_address, user_agent, device_info=None):
+    def create_or_update_device_session(self, user_id, ip_address, user_agent, device_info=None, login_domain=''):
         """创建或更新设备会话"""
         # 解析用户代理获取基本信息
         parsed_ua = self._parse_user_agent(user_agent)
@@ -634,7 +638,8 @@ class StandaloneAuthManager:
             **(device_info or {})
         }
-        device_fingerprint = self._generate_device_fingerprint(full_device_info)
+        # 生成包含域名的设备指纹
+        device_fingerprint = self._generate_device_fingerprint(full_device_info, login_domain)
         device_id = secrets.token_urlsafe(32)
         conn = self.pool.connection()
@@ -643,79 +648,63 @@ class StandaloneAuthManager:
         try:
             current_time_utc = datetime.now(timezone.utc)
-            # 检查设备是否已存在
+            # 软删除：将该用户在该域名下的相同设备指纹的所有活跃会话标记为非活跃
             cursor.execute('''
-                SELECT id, device_id FROM device_sessions
-                WHERE user_id = %s AND device_fingerprint = %s AND is_active = 1
-            ''', (user_id, device_fingerprint))
+                UPDATE device_sessions
+                SET is_active = 0
+                WHERE user_id = %s AND device_fingerprint = %s AND login_domain = %s AND is_active = 1
+            ''', (user_id, device_fingerprint, login_domain))
-            existing_session = cursor.fetchone()
+            # 获取下一个版本号
+            cursor.execute('''
+                SELECT COALESCE(MAX(session_version), 0) + 1 as next_version
+                FROM device_sessions
+                WHERE user_id = %s AND device_fingerprint = %s AND login_domain = %s
+            ''', (user_id, device_fingerprint, login_domain))
-            if existing_session:
-                # 更新现有设备会话
-                device_session_id = existing_session['id']
-                device_id = existing_session['device_id']
-                cursor.execute('''
-                    UPDATE device_sessions
-                    SET current_ip = %s, user_agent = %s, last_activity = %s,
-                        device_name = %s, device_type = %s, platform = %s, browser = %s,
-                        browser_version = %s, screen_resolution = %s, timezone_offset = %s,
-                        language = %s, hardware_concurrency = %s
-                    WHERE id = %s
-                ''', (ip_address, user_agent, current_time_utc,
-                      full_device_info.get('device_name', 'Unknown Device'),
-                      full_device_info.get('device_type', 'unknown'),
-                      full_device_info.get('platform'),
-                      full_device_info.get('browser'),
-                      full_device_info.get('browser_version'),
-                      full_device_info.get('screen_resolution'),
-                      full_device_info.get('timezone_offset'),
-                      full_device_info.get('language'),
-                      full_device_info.get('hardware_concurrency'),
-                      device_session_id))
-            else:
-                # 检查设备数量限制
-                cursor.execute('''
-                    SELECT COUNT(*) as active_count FROM device_sessions
-                    WHERE user_id = %s AND is_active = 1
-                ''', (user_id,))
-                active_count = cursor.fetchone()['active_count']
-                if active_count >= self.auth_config['max_concurrent_devices']:
-                    # 踢出最旧的设备
-                    cursor.execute('''
-                        SELECT id FROM device_sessions
-                        WHERE user_id = %s AND is_active = 1
-                        ORDER BY last_activity ASC
-                        LIMIT %s
-                    ''', (user_id, active_count - self.auth_config['max_concurrent_devices'] + 1))
-                    old_sessions = cursor.fetchall()
-                    for old_session in old_sessions:
-                        self._revoke_device_session(cursor, old_session['id'], 'device_limit')
-                # 创建新设备会话
+            next_version = cursor.fetchone()['next_version']
+            # 检查设备数量限制
+            cursor.execute('''
+                SELECT COUNT(*) as active_count FROM device_sessions
+                WHERE user_id = %s AND is_active = 1
+                        ''', (user_id,))
+            active_count = cursor.fetchone()['active_count']
+            if active_count >= self.auth_config['max_concurrent_devices']:
+                # 踢出最旧的设备
                 cursor.execute('''
-                    INSERT INTO device_sessions (
-                        user_id, device_id, device_fingerprint, device_name, device_type,
-                        platform, browser, browser_version, screen_resolution, timezone_offset,
-                        language, hardware_concurrency, current_ip, first_ip, user_agent, last_activity
-                    ) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)
-                ''', (user_id, device_id, device_fingerprint,
-                      full_device_info.get('device_name', 'Unknown Device'),
-                      full_device_info.get('device_type', 'unknown'),
-                      full_device_info.get('platform'),
-                      full_device_info.get('browser'),
-                      full_device_info.get('browser_version'),
-                      full_device_info.get('screen_resolution'),
-                      full_device_info.get('timezone_offset'),
-                      full_device_info.get('language'),
-                      full_device_info.get('hardware_concurrency'),
-                      ip_address, ip_address, user_agent, current_time_utc))
+                    SELECT id FROM device_sessions
+                    WHERE user_id = %s AND is_active = 1
+                    ORDER BY last_activity ASC
+                    LIMIT %s
+                ''', (user_id, active_count - self.auth_config['max_concurrent_devices'] + 1))
-                device_session_id = cursor.lastrowid
+                old_sessions = cursor.fetchall()
+                for old_session in old_sessions:
+                    self._revoke_device_session(cursor, old_session['id'], 'device_limit')
+            # 创建新设备会话（带版本号）
+            cursor.execute('''
+                INSERT INTO device_sessions (
+                    user_id, device_id, device_fingerprint, login_domain, session_version, device_name, device_type,
+                    platform, browser, browser_version, screen_resolution, timezone_offset,
+                    language, hardware_concurrency, current_ip, first_ip, user_agent, last_activity
+                ) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)
+            ''', (user_id, device_id, device_fingerprint, login_domain, next_version,
+                  full_device_info.get('device_name', 'Unknown Device'),
+                  full_device_info.get('device_type', 'unknown'),
+                  full_device_info.get('platform'),
+                  full_device_info.get('browser'),
+                  full_device_info.get('browser_version'),
+                  full_device_info.get('screen_resolution'),
+                  full_device_info.get('timezone_offset'),
+                  full_device_info.get('language'),
+                  full_device_info.get('hardware_concurrency'),
+                  ip_address, ip_address, user_agent, current_time_utc))
+            device_session_id = cursor.lastrowid
             return device_session_id, device_id, full_device_info.get('device_name', 'Unknown Device')
@@ -1253,9 +1242,9 @@ class StandaloneAuthManager:
             WHERE id = %s
         ''', (device_session_id,))
-    def _generate_device_fingerprint(self, device_info):
+    def _generate_device_fingerprint(self, device_info, login_domain=''):
         """
-        生成稳定的设备指纹
+        生成稳定的设备指纹（包含登录域名）
         Args:
             device_info (dict): 设备信息
@@ -1265,8 +1254,9 @@ class StandaloneAuthManager:
                 - language: 浏览器语言
                 - hardware_concurrency: CPU核心数
                 - platform: 平台信息
+            login_domain (str): 登录时的域名
         """
-        # 提取稳定的设备特征
+        # 提取稳定的设备特征（包含登录域名）
         stable_features = [
             device_info.get('user_agent', ''),
             device_info.get('screen_resolution', ''),
@@ -1274,6 +1264,7 @@ class StandaloneAuthManager:
             device_info.get('language', ''),
             str(device_info.get('hardware_concurrency', 0)),
             device_info.get('platform', ''),
+            login_domain or '',  # 登录域名作为设备指纹的一部分
         ]
         # 过滤空值并连接
@@ -1383,7 +1374,7 @@ class StandaloneAuthManager:
         try:
             cursor.execute('''
-                SELECT device_id, device_fingerprint, device_name, custom_name, device_type,
+                SELECT device_id, device_fingerprint, login_domain, device_name, custom_name, device_type,
                        platform, browser, browser_version, screen_resolution, timezone_offset,
                        language, hardware_concurrency, current_ip, first_ip,
                        last_activity, created_at, is_active, trust_level
@@ -1408,6 +1399,7 @@ class StandaloneAuthManager:
                     'device_id': device['device_id'],
                     'device_name': display_name,
                     'custom_name': device['custom_name'],
+                    'login_domain': device['login_domain'],
                     'device_type': device['device_type'],
                     'platform': device['platform'],
                     'browser': device['browser'],
@@ -1671,6 +1663,82 @@ class StandaloneAuthManager:
             cursor.close()
             conn.close()
+    def get_device_session_history(self, user_id, device_fingerprint, login_domain, limit=10):
+        """获取设备会话历史记录"""
+        conn = self.pool.connection()
+        cursor = conn.cursor()
+        try:
+            cursor.execute('''
+                SELECT device_id, session_version, device_name, current_ip, first_ip,
+                       last_activity, created_at, is_active, trust_level
+                FROM device_sessions
+                WHERE user_id = %s AND device_fingerprint = %s AND login_domain = %s
+                ORDER BY session_version DESC
+                LIMIT %s
+            ''', (user_id, device_fingerprint, login_domain, limit))
+            sessions = cursor.fetchall()
+            return [
+                {
+                    'device_id': session['device_id'],
+                    'session_version': session['session_version'],
+                    'device_name': session['device_name'],
+                    'current_ip': session['current_ip'],
+                    'first_ip': session['first_ip'],
+                    'last_activity': session['last_activity'].isoformat() if session['last_activity'] else None,
+                    'created_at': session['created_at'].isoformat() if session['created_at'] else None,
+                    'is_active': session['is_active'],
+                    'trust_level': session['trust_level']
+                }
+                for session in sessions
+            ]
+        finally:
+            cursor.close()
+            conn.close()
+    def cleanup_old_device_sessions(self, user_id=None, days_threshold=90):
+        """清理旧的非活跃设备会话记录"""
+        conn = self.pool.connection()
+        cursor = conn.cursor()
+        try:
+            current_time_utc = datetime.now(timezone.utc)
+            threshold_time = current_time_utc - timedelta(days=days_threshold)
+            if user_id:
+                # 清理特定用户的旧记录
+                cursor.execute('''
+                    DELETE FROM device_sessions
+                    WHERE user_id = %s AND is_active = 0 AND last_activity < %s
+                ''', (user_id, threshold_time))
+            else:
+                # 清理所有用户的旧记录
+                cursor.execute('''
+                    DELETE FROM device_sessions
+                    WHERE is_active = 0 AND last_activity < %s
+                ''', (threshold_time,))
+            cleaned_count = cursor.rowcount
+            return {
+                'success': True,
+                'cleaned_count': cleaned_count,
+                'message': f'成功清理 {cleaned_count} 条旧设备会话记录'
+            }
+        except Exception as e:
+            return {
+                'success': False,
+                'cleaned_count': 0,
+                'message': f'清理旧设备会话记录失败: {str(e)}'
+            }
+        finally:
+            cursor.close()
+            conn.close()
 # Flask集成装饰器
 def require_auth(auth_manager):

{mdbq-4.0.96 → mdbq-4.0.98}/mdbq.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mdbq
-Version: 4.0.96
+Version: 4.0.98
 Home-page: https://pypi.org/project/mdbq
 Author: xigua,
 Author-email: 2587125111@qq.com