PyPI - shopcloud-django-authenticator - Versions diffs - 1.0.2__py3.11.egg → 1.2.0__py3.11.egg - Mend

shopcloud-django-authenticator 1.0.2py3.11.egg → 1.2.0py3.11.egg

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

EGG-INFO/PKG-INFO +1 -1
authenticator/__pycache__/__init__.cpython-311.pyc +0 -0
authenticator/__pycache__/admin.cpython-311.pyc +0 -0
authenticator/__pycache__/apps.cpython-311.pyc +0 -0
authenticator/__pycache__/models.cpython-311.pyc +0 -0
authenticator/__pycache__/tests.cpython-311.pyc +0 -0
authenticator/__pycache__/urls.cpython-311.pyc +0 -0
authenticator/__pycache__/views.cpython-311.pyc +0 -0
authenticator/migrations/__pycache__/__init__.cpython-311.pyc +0 -0
authenticator/urls.py +1 -0
authenticator/views.py +48 -13
tests/__pycache__/__init__.cpython-311.pyc +0 -0
tests/__pycache__/urls.cpython-311.pyc +0 -0

EGG-INFO/PKG-INFO CHANGED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: shopcloud-django-authenticator
-Version: 1.0.2
+Version: 1.2.0
 Summary: A Module for single sign in
 Home-page: https://github.com/Talk-Point/shopcloud-django-authenticator
 Author: Konstantin Stoldt

authenticator/__pycache__/__init__.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/__pycache__/admin.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/__pycache__/apps.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/__pycache__/models.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/__pycache__/tests.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/__pycache__/urls.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/__pycache__/views.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/migrations/__pycache__/__init__.cpython-311.pyc CHANGED Viewed

Binary file

authenticator/urls.py CHANGED Viewed

@@ -8,6 +8,7 @@ router = routers.SimpleRouter()
 urlpatterns = [
     path('login', views.login_view, name='authenticator-login'),
+    path('login-credential-rotation', views.login_credential_rotation, name='authenticator-login-credential-rotation'),
 ]
 urlpatterns += router.urls
 urlpatterns = format_suffix_patterns(urlpatterns)

authenticator/views.py CHANGED Viewed

@@ -1,8 +1,10 @@
+from typing import Optional
 import jwt
 from django.conf import settings
 from django.contrib.auth import login
 from django.contrib.auth.models import User
-from django.http import HttpResponse
+from django.http import HttpResponse, JsonResponse
 from django.shortcuts import redirect
@@ -10,13 +12,13 @@ class HttpResponseUnauthorized(HttpResponse):
     status_code = 401
-def login_view(request):
+def _encode_jwt(request) -> Optional[dict]:
     token = request.GET.get('token')
     if token is None:
-        return HttpResponseUnauthorized()
+        return None
     if settings.AUTHENTICATOR_KEY is None:
-        return HttpResponseUnauthorized()
+        return None
     data = jwt.decode(
         token,
@@ -30,7 +32,19 @@ def login_view(request):
             ]
         }
     )
-    if data.get('iss') != 'shopcloud-secrethub':
+    if data.get('iss') not in ['shopcloud-secrethub', 'shopcloud-tower']:
+        return None
+    return data
+def login_view(request):
+    try:
+        data = _encode_jwt(request)
+    except Exception:
+        return HttpResponseUnauthorized()
+    if data is None:
         return HttpResponseUnauthorized()
     user = User.objects.filter(username=data.get('username')).first()
@@ -40,15 +54,36 @@ def login_view(request):
             username=data.get('username'),
             password=password,
         )
-        user.is_staff = True
-        user.is_superuser = True if "admin" in data.get('scopes', []) else False
-        user.save()
-    else:
-        user.set_password(password)
-        user.is_staff = True
-        user.is_superuser = True if "admin" in data.get('scopes', []) else False
-        user.save()
+    user.set_password(password)
+    user.is_staff = True
+    user.is_superuser = True if "admin" in data.get('scopes', []) else False
+    user.save()
     login(request, user)
     return redirect('/', permanent=False)
+def login_credential_rotation(request):
+    try:
+        data = _encode_jwt(request)
+    except Exception:
+        return HttpResponseUnauthorized()
+    if data is None:
+        return HttpResponseUnauthorized()
+    user = User.objects.filter(username=data.get('username')).first()
+    if user is None:
+        return JsonResponse({
+            'status': 'not-found',
+        }, status=200)
+    password = User.objects.make_random_password()
+    user.set_password(password)
+    user.save()
+    return JsonResponse({
+        'status': 'ok',
+    }, status=201)

tests/__pycache__/__init__.cpython-311.pyc CHANGED Viewed

Binary file

tests/__pycache__/urls.cpython-311.pyc CHANGED Viewed

Binary file

shopcloud-django-authenticator 1.0.2__py3.11.egg → 1.2.0__py3.11.egg

shopcloud-django-authenticator 1.0.2py3.11.egg → 1.2.0py3.11.egg