PyPI - ppss-auth - Versions diffs - 0.11.1.0__tar.gz → 0.11.2.0__tar.gz - Mend

ppss-auth 0.11.1.0tar.gz → 0.11.2.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (97) hide show

{ppss_auth-0.11.1.0/ppss_auth.egg-info → ppss_auth-0.11.2.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ppss_auth
-Version: 0.11.1.0
+Version: 0.11.2.0
 Summary: simple auth scheme for pyramid, based on Mako template and sqlalchemy backend
 Home-page: https://bitbucket.org/pingpongstars/ppss_auth/src/master/
 Author: pdepmcp
@@ -23,6 +23,7 @@ Requires-Dist: alembic
 Requires-Dist: cryptography
 Requires-Dist: pyotp
 Requires-Dist: qrcode
+Requires-Dist: requests
 This package aims to give and easy pluggable module to provide authentication and user maintennance in a Pyramid web application.
 It relies the Pyramid+SQLAlchemy+Mako stack. Implementation for other template languages is on the roadmap.

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/changelog.txt RENAMED Viewed

@@ -1,3 +1,6 @@
+## v0.11.1.1
+- fix js groups edit page
 ## v0.11.1
 - update js dependencies

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/constants.py RENAMED Viewed

@@ -160,3 +160,6 @@ class Conf():
         cls.issuer2fa = settings.get("ppss_auth.issuer2fa", None)
         cls.enable2fatpl = settings.get("ppss_auth.enable2fatpl", cls.tplpath('enable2fa'))
         cls.verify2fatpl = settings.get("ppss_auth.verify2fatpl", cls.tplpath('verify2fa'))
+        # turnstile captcha
+        cls.turnstile_sitekey = settings.get("ppss_auth.turnstile_sitekey", None)
+        cls.turnstile_secretkey = settings.get("ppss_auth.turnstile_secretkey", None)

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/editgroup.jinja2 RENAMED Viewed

@@ -51,8 +51,9 @@
         </div>
     </div>
 </div><!-- .row -->
-<script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js"></script>
-<script src="https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.11/handlebars.min.js"></script>
+{% endblock ppssauth_content %}
+{% block ppssauth_footerjs %}
 <script src="{{request.static_url('ppss_auth:ppss_auth_static/loader.js')}}"></script>
 <script type="text/javascript">
         var currentPermissions = [
@@ -89,5 +90,4 @@
         }
 </script>
 <script src="{{request.static_url('ppss_auth:ppss_auth_static/ppssauth.js')}}"></script>
-{% endblock ppssauth_content %}
+{% endblock %}

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/editgroup.mako RENAMED Viewed

@@ -49,8 +49,8 @@
         </div>
     </div>
 </div><!-- .row -->
-<script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js"></script>
-<script src="https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.0.11/handlebars.min.js"></script>
+<%block name="ppssauth_footerjs">
 <script src="${request.static_url('ppss_auth:ppss_auth_static/loader.js')}"></script>
 <script type="text/javascript">
         var currentPermissions = [
@@ -86,4 +86,5 @@
             SEARCH_USER: "${request.route_url('ppss:user:search')}"
         }
 </script>
-<script src="${request.static_url('ppss_auth:ppss_auth_static/ppssauth.js')}"></script>
+<script src="${request.static_url('ppss_auth:ppss_auth_static/ppssauth.js')}"></script>
+</%block>

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/masterlayout.jinja2 RENAMED Viewed

@@ -23,7 +23,6 @@
 {% block ppssauth_footerjs %}
-<script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js" integrity="sha512-8qmis31OQi6hIRgvkht0s6mCOittjMa9GMqtK9hes5iEQBQE/Ca6yGE5FsW36vyipGoWQswBj/QBm2JR086Rkw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 {% endblock %}
 </body>

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/masterlayout.mako RENAMED Viewed

@@ -22,7 +22,6 @@ ${next.body()}
 <%block name="ppssauth_footerjs">
-<script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js" integrity="sha512-8qmis31OQi6hIRgvkht0s6mCOittjMa9GMqtK9hes5iEQBQE/Ca6yGE5FsW36vyipGoWQswBj/QBm2JR086Rkw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 </%block>
 </body>

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/midlayout.jinja2 RENAMED Viewed

@@ -3,8 +3,8 @@
 {% block ppssauth_css %}
    <link rel="stylesheet" href="{{ request.static_url('ppss_auth:ppss_auth_static/ppssauth.css') }}"/>
 {% endblock %}
 {% block ppssauth_footerjs %}
-<script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js" integrity="sha512-8qmis31OQi6hIRgvkht0s6mCOittjMa9GMqtK9hes5iEQBQE/Ca6yGE5FsW36vyipGoWQswBj/QBm2JR086Rkw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 {% endblock %}
 {% block ppssauth_headerjs %}

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/midlayout.mako RENAMED Viewed

@@ -10,7 +10,6 @@
 </%block>
 <%block name="ppssauth_footerjs">
-<script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.5.3/js/bootstrap.min.js" integrity="sha512-8qmis31OQi6hIRgvkht0s6mCOittjMa9GMqtK9hes5iEQBQE/Ca6yGE5FsW36vyipGoWQswBj/QBm2JR086Rkw==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
 </%block>

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/login.jinja2 RENAMED Viewed

@@ -18,6 +18,10 @@
                 <br/>
                 <input class="form-control" type="password" name="password" autocomplete="off" placeholder="{{_('password',domain='ppss_auth')}}">
                 <br/>
+                {% if isCaptchaEnabled: %}
+                <script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
+                <div class="cf-turnstile" data-sitekey="{{ppsauthconf.turnstile_sitekey}}"></div>
+                {% endif %}
                 {% if email_is_required %}
                 <p>{{_('Forgot password ?',domain='ppss_auth')}}
                 <a href="{{request.route_url('ppss:user:recoverpassword')}}">{{_('recover',domain='ppss_auth')}}</a></p>

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/templates/login.mako RENAMED Viewed

@@ -16,6 +16,10 @@
                 <br/>
                 <input class="form-control" type="password" name="password" autocomplete="off" placeholder="${_('password', domain='ppss_auth')}" class="form-control">
                 <br/>
+                % if isCaptchaEnabled:
+                <script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
+                <div class="cf-turnstile" data-sitekey="${ppsauthconf.turnstile_sitekey}"></div>
+                % endif
                 % if email_is_required:
                 <p>${_('Forgot password ?',domain='ppss_auth')}
                 <a href="${request.route_url('ppss:user:recoverpassword')}">${_('recover',domain='ppss_auth')}</a></p>

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth/views/auth.py RENAMED Viewed

@@ -5,6 +5,7 @@ import secrets
 import pyotp
 import qrcode
+import requests
 from ppss_auth.ppss_auth_utils.emailclient import sendConfirmEmailUseCase, sendPasswordResetEmailUseCase
 from ppss_auth.ppss_auth_utils.password import getPasswordDigest
@@ -112,6 +113,24 @@ class AuthController():
             user = PPSsuser.byId(userid,self.request.dbsession)
         return user
+    def isCaptchaEnabled(self) -> bool:
+        if Conf.turnstile_sitekey and Conf.turnstile_secretkey:
+            return True
+        else:
+            return False
+    def verifyCaptcha(self,token) -> bool:
+        try:
+            r = requests.post('https://challenges.cloudflare.com/turnstile/v0/siteverify', data={
+                'secret': Conf.turnstile_secretkey,
+                'response': token
+            })
+            r.raise_for_status()
+            return r.json()['success']
+        except Exception as e:
+            l.exception("Captcha api call failed")
+            return False
     def __init__(self,request:Request):
         request.response.headers["X-Frame-Options"] = "DENY"
         request.response.headers["Content-Security-Policy"] = "frame-ancestors 'none';"
@@ -148,7 +167,8 @@ class AuthController():
             'activeaction' : activeaction,
             'bc': Conf.bootstrapClasses,
             'ppsauthconf':Conf,
-            'msg':""
+            'msg':"",
+            'isCaptchaEnabled': self.isCaptchaEnabled(),
         }
     def logloginattempt(self,user,validity,username):
@@ -191,6 +211,14 @@ class AuthController():
         if r.POST:
             username = r.params.get("username",u"")
             password = r.params.get("password",u"")
+            if self.isCaptchaEnabled():
+                captcha = r.params.get("cf-turnstile-response",u"")
+                if not captcha:
+                    self.retdict["msg"] = "Captcha is required."
+                    return self.retdict
+                if self.verifyCaptcha(captcha) == False:
+                    self.retdict["msg"] = "Captcha verification failed."
+                    return self.retdict
             superuser = False
             res = None
             l.info("Login attempt: u={username}".format(username=username))
@@ -666,10 +694,10 @@ class AuthController():
         perm = PPSspermission.byId(int(self.request.matchdict.get('targetid',-1)),self.request.dbsession)
         group = PPSsgroup.byId(int(self.request.matchdict.get('elementid',-1)),self.request.dbsession)
         if not perm or not group:
-            return {'res':False,"msg":__("error in ids")}
+            return {'res':False,"msg":__(self.request,"error in ids")}
         for i in group.permissions:
             if i.id == perm.id:
-                return {'res':False,"msg":__("already present")}
+                return {'res':False,"msg":__(self.request,"already present")}
         group.permissions.append(perm)
         l.info(u"adding {perm} to {group}".format(perm=perm,group=group))
         return {'res':True,"msg":"change_perm", "groupperm":group.permdict()}
@@ -712,8 +740,8 @@ class AuthController():
             for i,p in enumerate(group.users):
                 if p.id == user.id:
                     group.users.pop(i)
-                    return {'res':True,"msg":__("change_user"), "elements":group.userdict()}
-        return {'res':False,'msg':__("Can't remove this permission")}
+                    return {'res':True,"msg":__(self.request,"change_user"), "elements":group.userdict()}
+        return {'res':False,'msg':__(self.request,"Can't remove this permission")}
     def parseqstring(self,qparam):
         if qparam == "" or qparam is None:

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0/ppss_auth.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: ppss_auth
-Version: 0.11.1.0
+Version: 0.11.2.0
 Summary: simple auth scheme for pyramid, based on Mako template and sqlalchemy backend
 Home-page: https://bitbucket.org/pingpongstars/ppss_auth/src/master/
 Author: pdepmcp
@@ -23,6 +23,7 @@ Requires-Dist: alembic
 Requires-Dist: cryptography
 Requires-Dist: pyotp
 Requires-Dist: qrcode
+Requires-Dist: requests
 This package aims to give and easy pluggable module to provide authentication and user maintennance in a Pyramid web application.
 It relies the Pyramid+SQLAlchemy+Mako stack. Implementation for other template languages is on the roadmap.

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/requires.txt RENAMED Viewed

@@ -6,3 +6,4 @@ alembic
 cryptography
 pyotp
 qrcode
+requests

{ppss_auth-0.11.1.0 → ppss_auth-0.11.2.0}/setup.py RENAMED Viewed

@@ -9,7 +9,7 @@ changelog = open(os.path.join(here, "README.md"), "r").read()
 setup(
     name="ppss_auth",
-    version="0.11.1.0",
+    version="0.11.2.0",
     description="simple auth scheme for pyramid, based on Mako template and sqlalchemy backend",
     long_description=readme + "\n\n\n" + changelog,
     long_description_content_type="text/markdown",
@@ -35,7 +35,8 @@ setup(
         "alembic",
         "cryptography",
         "pyotp",
-        "qrcode"
+        "qrcode",
+        "requests"
     ],
     # packages=['src/test1'],
     packages=find_packages(),