ppss-auth 0.11.1.1__tar.gz → 0.11.2.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (97) hide show
  1. {ppss_auth-0.11.1.1/ppss_auth.egg-info → ppss_auth-0.11.2.0}/PKG-INFO +2 -1
  2. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/constants.py +3 -0
  3. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/login.jinja2 +4 -0
  4. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/login.mako +4 -0
  5. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/views/auth.py +29 -1
  6. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0/ppss_auth.egg-info}/PKG-INFO +2 -1
  7. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/requires.txt +1 -0
  8. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/setup.py +3 -2
  9. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/MANIFEST.in +0 -0
  10. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/README.md +0 -0
  11. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/babel.ini +0 -0
  12. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/changelog.txt +0 -0
  13. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/__init__.py +0 -0
  14. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/alembic.ini +0 -0
  15. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/env.py +0 -0
  16. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/script.py.mako +0 -0
  17. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20201026_52f4d4eefdfe_unique_permission_name.py +0 -0
  18. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20201120_6c9e84ab8280_unique_user_name.py +0 -0
  19. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20220329_44fde88fa438_creazione_colonne_per_login_history.py +0 -0
  20. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20220331_6190d529682d_result_reason.py +0 -0
  21. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20231016_3f4032dd2d1b_added_email_to_user.py +0 -0
  22. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20240110_4b95deb2d91c_tabella_reset_token.py +0 -0
  23. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20240209_7d2e85bbf831_add_otp_hash.py +0 -0
  24. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/20240304_483944c8ff05_add_phone.py +0 -0
  25. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/alembic/versions/f724fac25359_creation.py +0 -0
  26. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/locale/en/LC_MESSAGES/ppss_auth.mo +0 -0
  27. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/locale/fr/LC_MESSAGES/ppss_auth.mo +0 -0
  28. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/locale/it/LC_MESSAGES/ppss_auth.mo +0 -0
  29. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/models.py +0 -0
  30. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_static/loader.js +0 -0
  31. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_static/ppssauth.css +0 -0
  32. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_static/ppssauth.js +0 -0
  33. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_static/template.html +0 -0
  34. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_utils/__init__.py +0 -0
  35. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_utils/db.py +0 -0
  36. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_utils/emailclient.py +0 -0
  37. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_utils/i18n.py +0 -0
  38. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_utils/password.py +0 -0
  39. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/ppss_auth_utils/scriptutils.py +0 -0
  40. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/routes.py +0 -0
  41. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/__init__.py +0 -0
  42. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/alchemyutils.py +0 -0
  43. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/cleanup_db.py +0 -0
  44. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/create_user.py +0 -0
  45. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/initialize_db.py +0 -0
  46. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/sayauth.py +0 -0
  47. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/scripts/upgrade_db.py +0 -0
  48. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/change.jinja2 +0 -0
  49. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/change.mako +0 -0
  50. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/confirm_email.jinja2 +0 -0
  51. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/confirm_email.mako +0 -0
  52. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/editgroup.jinja2 +0 -0
  53. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/editgroup.mako +0 -0
  54. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/editperm.jinja2 +0 -0
  55. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/editperm.mako +0 -0
  56. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/edituser.jinja2 +0 -0
  57. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/edituser.mako +0 -0
  58. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/email/activation.jinja2 +0 -0
  59. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/email/activation.mako +0 -0
  60. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/email/recover.jinja2 +0 -0
  61. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/email/recover.mako +0 -0
  62. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/enable2fa.jinja2 +0 -0
  63. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/enable2fa.mako +0 -0
  64. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/masterlayout.jinja2 +0 -0
  65. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/masterlayout.mako +0 -0
  66. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/midlayout.jinja2 +0 -0
  67. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/midlayout.mako +0 -0
  68. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/public.jinja2 +0 -0
  69. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/layouts/public.mako +0 -0
  70. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/listgroup.jinja2 +0 -0
  71. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/listgroup.mako +0 -0
  72. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/listperm.jinja2 +0 -0
  73. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/listperm.mako +0 -0
  74. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/listuser.jinja2 +0 -0
  75. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/listuser.mako +0 -0
  76. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/login_nogrid.jinja2 +0 -0
  77. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/login_nogrid.mako +0 -0
  78. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/partials/userblock.jinja2 +0 -0
  79. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/partials/userblock.mako +0 -0
  80. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/partials/usermanage.jinja2 +0 -0
  81. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/partials/usermanage.mako +0 -0
  82. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/recover.jinja2 +0 -0
  83. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/recover.mako +0 -0
  84. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/registeruser.jinja2 +0 -0
  85. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/registeruser.mako +0 -0
  86. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/reset.jinja2 +0 -0
  87. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/reset.mako +0 -0
  88. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/shared/bootstrapcss.html +0 -0
  89. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/verify2fa.jinja2 +0 -0
  90. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/verify2fa.mako +0 -0
  91. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/views/__init__.py +0 -0
  92. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/SOURCES.txt +0 -0
  93. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/dependency_links.txt +0 -0
  94. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/entry_points.txt +0 -0
  95. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/top_level.txt +0 -0
  96. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/readme.txt +0 -0
  97. {ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/setup.cfg +0 -0
{ppss_auth-0.11.1.1/ppss_auth.egg-info → ppss_auth-0.11.2.0}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: ppss_auth
3
- Version: 0.11.1.1
3
+ Version: 0.11.2.0
4
4
  Summary: simple auth scheme for pyramid, based on Mako template and sqlalchemy backend
5
5
  Home-page: https://bitbucket.org/pingpongstars/ppss_auth/src/master/
6
6
  Author: pdepmcp
@@ -23,6 +23,7 @@ Requires-Dist: alembic
23
23
  Requires-Dist: cryptography
24
24
  Requires-Dist: pyotp
25
25
  Requires-Dist: qrcode
26
+ Requires-Dist: requests
26
27
 
27
28
  This package aims to give and easy pluggable module to provide authentication and user maintennance in a Pyramid web application.
28
29
  It relies the Pyramid+SQLAlchemy+Mako stack. Implementation for other template languages is on the roadmap.
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/constants.py RENAMED
@@ -160,3 +160,6 @@ class Conf():
160
160
  cls.issuer2fa = settings.get("ppss_auth.issuer2fa", None)
161
161
  cls.enable2fatpl = settings.get("ppss_auth.enable2fatpl", cls.tplpath('enable2fa'))
162
162
  cls.verify2fatpl = settings.get("ppss_auth.verify2fatpl", cls.tplpath('verify2fa'))
163
+ # turnstile captcha
164
+ cls.turnstile_sitekey = settings.get("ppss_auth.turnstile_sitekey", None)
165
+ cls.turnstile_secretkey = settings.get("ppss_auth.turnstile_secretkey", None)
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/login.jinja2 RENAMED
@@ -18,6 +18,10 @@
18
18
  <br/>
19
19
  <input class="form-control" type="password" name="password" autocomplete="off" placeholder="{{_('password',domain='ppss_auth')}}">
20
20
  <br/>
21
+ {% if isCaptchaEnabled: %}
22
+ <script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
23
+ <div class="cf-turnstile" data-sitekey="{{ppsauthconf.turnstile_sitekey}}"></div>
24
+ {% endif %}
21
25
  {% if email_is_required %}
22
26
  <p>{{_('Forgot password ?',domain='ppss_auth')}}
23
27
  <a href="{{request.route_url('ppss:user:recoverpassword')}}">{{_('recover',domain='ppss_auth')}}</a></p>
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/templates/login.mako RENAMED
@@ -16,6 +16,10 @@
16
16
  <br/>
17
17
  <input class="form-control" type="password" name="password" autocomplete="off" placeholder="${_('password', domain='ppss_auth')}" class="form-control">
18
18
  <br/>
19
+ % if isCaptchaEnabled:
20
+ <script src="https://challenges.cloudflare.com/turnstile/v0/api.js" async defer></script>
21
+ <div class="cf-turnstile" data-sitekey="${ppsauthconf.turnstile_sitekey}"></div>
22
+ % endif
19
23
  % if email_is_required:
20
24
  <p>${_('Forgot password ?',domain='ppss_auth')}
21
25
  <a href="${request.route_url('ppss:user:recoverpassword')}">${_('recover',domain='ppss_auth')}</a></p>
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth/views/auth.py RENAMED
@@ -5,6 +5,7 @@ import secrets
5
5
 
6
6
  import pyotp
7
7
  import qrcode
8
+ import requests
8
9
  from ppss_auth.ppss_auth_utils.emailclient import sendConfirmEmailUseCase, sendPasswordResetEmailUseCase
9
10
  from ppss_auth.ppss_auth_utils.password import getPasswordDigest
10
11
 
@@ -112,6 +113,24 @@ class AuthController():
112
113
  user = PPSsuser.byId(userid,self.request.dbsession)
113
114
  return user
114
115
 
116
+ def isCaptchaEnabled(self) -> bool:
117
+ if Conf.turnstile_sitekey and Conf.turnstile_secretkey:
118
+ return True
119
+ else:
120
+ return False
121
+
122
+ def verifyCaptcha(self,token) -> bool:
123
+ try:
124
+ r = requests.post('https://challenges.cloudflare.com/turnstile/v0/siteverify', data={
125
+ 'secret': Conf.turnstile_secretkey,
126
+ 'response': token
127
+ })
128
+ r.raise_for_status()
129
+ return r.json()['success']
130
+ except Exception as e:
131
+ l.exception("Captcha api call failed")
132
+ return False
133
+
115
134
  def __init__(self,request:Request):
116
135
  request.response.headers["X-Frame-Options"] = "DENY"
117
136
  request.response.headers["Content-Security-Policy"] = "frame-ancestors 'none';"
@@ -148,7 +167,8 @@ class AuthController():
148
167
  'activeaction' : activeaction,
149
168
  'bc': Conf.bootstrapClasses,
150
169
  'ppsauthconf':Conf,
151
- 'msg':""
170
+ 'msg':"",
171
+ 'isCaptchaEnabled': self.isCaptchaEnabled(),
152
172
  }
153
173
 
154
174
  def logloginattempt(self,user,validity,username):
@@ -191,6 +211,14 @@ class AuthController():
191
211
  if r.POST:
192
212
  username = r.params.get("username",u"")
193
213
  password = r.params.get("password",u"")
214
+ if self.isCaptchaEnabled():
215
+ captcha = r.params.get("cf-turnstile-response",u"")
216
+ if not captcha:
217
+ self.retdict["msg"] = "Captcha is required."
218
+ return self.retdict
219
+ if self.verifyCaptcha(captcha) == False:
220
+ self.retdict["msg"] = "Captcha verification failed."
221
+ return self.retdict
194
222
  superuser = False
195
223
  res = None
196
224
  l.info("Login attempt: u={username}".format(username=username))
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0/ppss_auth.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: ppss_auth
3
- Version: 0.11.1.1
3
+ Version: 0.11.2.0
4
4
  Summary: simple auth scheme for pyramid, based on Mako template and sqlalchemy backend
5
5
  Home-page: https://bitbucket.org/pingpongstars/ppss_auth/src/master/
6
6
  Author: pdepmcp
@@ -23,6 +23,7 @@ Requires-Dist: alembic
23
23
  Requires-Dist: cryptography
24
24
  Requires-Dist: pyotp
25
25
  Requires-Dist: qrcode
26
+ Requires-Dist: requests
26
27
 
27
28
  This package aims to give and easy pluggable module to provide authentication and user maintennance in a Pyramid web application.
28
29
  It relies the Pyramid+SQLAlchemy+Mako stack. Implementation for other template languages is on the roadmap.
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/ppss_auth.egg-info/requires.txt RENAMED
@@ -6,3 +6,4 @@ alembic
6
6
  cryptography
7
7
  pyotp
8
8
  qrcode
9
+ requests
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/setup.py RENAMED
@@ -9,7 +9,7 @@ changelog = open(os.path.join(here, "README.md"), "r").read()
9
9
 
10
10
  setup(
11
11
  name="ppss_auth",
12
- version="0.11.1.1",
12
+ version="0.11.2.0",
13
13
  description="simple auth scheme for pyramid, based on Mako template and sqlalchemy backend",
14
14
  long_description=readme + "\n\n\n" + changelog,
15
15
  long_description_content_type="text/markdown",
@@ -35,7 +35,8 @@ setup(
35
35
  "alembic",
36
36
  "cryptography",
37
37
  "pyotp",
38
- "qrcode"
38
+ "qrcode",
39
+ "requests"
39
40
  ],
40
41
  # packages=['src/test1'],
41
42
  packages=find_packages(),
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/MANIFEST.in RENAMED
File without changes
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/README.md RENAMED
File without changes
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/babel.ini RENAMED
File without changes
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/changelog.txt RENAMED
File without changes
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/readme.txt RENAMED
File without changes
{ppss_auth-0.11.1.1 → ppss_auth-0.11.2.0}/setup.cfg RENAMED
File without changes