U yih6B@sXdZddlmZmZmZddlmZmZmZddl m Z ddl m Z ddl mZddlmZddlmZmZdd lmZdd lmZdd lmZdd lmZdd lmZmZddlm Z m!Z!ddl"m#Z#ddl$m%Z&ddl'm(Z(ddl)m*Z*ddlm+Z+ddl,m-Z-ddl.Z.ddl/m0Z0m1Z1m2Z2ddl3m4Z4m5Z5m6Z6m7Z7m8Z8m9Z9m:Z:eeddeeddGdddeZ;eeddeeddGdddeZee ddGd#d$d$eZ?ee ddGd%d&d&eZ@ee ddGd'd(d(eZAe ed)gd*d+ZBe ed)gd,d-ZCe d.d/ZDd0d1ZEdS)2ad Enhanced Authentication Views for Stream Processor This module provides views for enhanced authentication features including: - Enhanced login with 2FA support - 2FA setup and management - Password change with strength validation - Security settings management - Session management Author: Stream Processor Development Team Version: 1.0.0 Created: 2025 )renderredirectget_object_or_404)loginlogout authenticate)login_required)LoginRequiredMixin)User)messages) TemplateViewFormView) never_cache) csrf_protect)require_http_methods)method_decorator) reverse_lazyreverse) JsonResponseHttpResponseRedirect)ValidationError) gettext_lazy)timezone)settings)update_session_auth_hash) transactionN) UserProfile LoginAttempt UserSession)EnhancedLoginForm TwoFactorFormEnhancedPasswordChangeForm Setup2FAFormDisable2FAFormSecuritySettingsFormBackupCodesFormdispatch)namecsTeZdZdZdZeZedZfddZ fddZ fdd Z fd d Z Z S) EnhancedLoginViewz/ Enhanced login view with 2FA support. zauthentication/login.htmlmonitoring:dashboardcs(|jjrt|Stj|f||S)N)useris_authenticatedrget_success_urlsuperr'selfrequestargskwargs __class__>/var/www/html/StreamProcessor/src/apps/authentication/views.pyr'8s zEnhancedLoginView.dispatchcst}|j|d<|S)Nr1)r.get_form_kwargsr1r0r3r4r6r7r8>s  z!EnhancedLoginView.get_form_kwargscs|}z>tjj|d}|jrD|j|jjd<|j|jjd<t dWSWn$tj k rjtjj |dYnXt |j||j dr|jjtjn|jjdt|jtd|p|jt|S)Nr+pre_2fa_user_idpre_2fa_backendzcore:two_factor_verifyZ remember_merWelcome back, {}!)get_userrobjectsgetis_2fa_enabledidr1sessionbackendr DoesNotExistcreater cleaned_dataZ set_expiryrSESSION_COOKIE_AGEr success_format get_full_nameusernamer. form_valid)r0formr+profiler4r6r7rNCs  "zEnhancedLoginView.form_validcst|jtdt|S)Nz:Login failed. Please check your credentials and try again.r errorr1rJr. form_invalidr0rOr4r6r7rS^szEnhancedLoginView.form_invalid)__name__ __module__ __qualname____doc__ template_namer form_classr success_urlr'r8rNrS __classcell__r6r6r4r7r)-s   r)cs`eZdZdZdZeZedZfddZ fddZ fdd Z fd d Z fd d Z ZS)TwoFactorVerifyViewz* View for 2FA token verification. z%authentication/two_factor_verify.htmlr*cs&d|jkrtdStj|f||SNr; core:loginrCrr.r'r/r4r6r7r'ns zTwoFactorVerifyView.dispatchcs,t}|jjd}tt|d|d<|SNr;rBr+r.r8r1rCr@rr r0r3user_idr4r6r7r8ts z#TwoFactorVerifyView.get_form_kwargsc s4tjf|}|jjd}tt|d}||d<|Sra)r.get_context_datar1rCr@rr )r0r3contextrer+r4r6r7rfzs  z$TwoFactorVerifyView.get_context_datacs||jjd}|jjd}tt|d}||_t|j||jjd=|jjd=t|jt d | pj|j t |S)Nr;r<rbr=)r1rCr@rr rDrr rIrJrKrLrMr.rN)r0rOrerDr+r4r6r7rNs    "zTwoFactorVerifyView.form_validcst|jtdt|S)Nz,Invalid verification code. Please try again.rQrTr4r6r7rSsz TwoFactorVerifyView.form_invalid)rUrVrWrXrYr!rZrr[r'r8rfrNrSr\r6r6r4r7r]cs    r]csHeZdZdZdZeZedZfddZ fddZ fdd Z Z S) BackupCodeVerifyViewz, View for backup code verification. z&authentication/backup_code_verify.htmlr*cs&d|jkrtdStj|f||Sr^r`r/r4r6r7r's zBackupCodeVerifyView.dispatchcs,t}|jjd}tt|d|d<|Srarcrdr4r6r7r8s z$BackupCodeVerifyView.get_form_kwargscs|jjd}|jjd}tt|d}tjj|d}|jd}|j ||j dgd||_ t |j||jjd=|jjd=t |jtdt|jt|S) Nr;r<rbr: backup_code backup_codes update_fieldsz1Welcome back! You have {} backup codes remaining.)r1rCr@rr rr?rGrjremovesaverDrr rIrJrKlenr.rN)r0rOrerDr+rPrir4r6r7rNs      zBackupCodeVerifyView.form_valid) rUrVrWrXrYr&rZrr[r'r8rNr\r6r6r4r7rhs  rhcs,eZdZdZdZfddZddZZS) Setup2FAViewz" View for setting up 2FA. zauthentication/setup_2fa.htmlc sPtjf|}tjj|jjd\}}|\}}|||t |jjdd|S)Nr:)secret qr_code_urlrO) r.rfrr? get_or_creater1r+ setup_2faupdater#)r0r3rgrPcreatedrqrrr4r6r7rfs  zSetup2FAView.get_context_datacOstt|j|jd}|rRtjj|jd}|}||jd<t |t dt dS|j f|}||d<t||j|S)Nr+datar:new_backup_codesz8Two-factor authentication has been enabled successfully!core:show_backup_codesrO)r#r+POSTis_validrr?r@Z enable_2farCr rIrJrrfrrY)r0r1r2r3rOrPrjrgr6r6r7posts  zSetup2FAView.postrUrVrWrXrYrfr}r\r6r6r4r7rps rpcs,eZdZdZdZfddZddZZS)ShowBackupCodesViewz; View for displaying backup codes after 2FA setup. z%authentication/show_backup_codes.htmlc s*tjf|}|jjdg}||d<|S)Nryrj)r.rfr1rCr@)r0r3rgrjr4r6r7rfsz$ShowBackupCodesView.get_context_datacOs*d|jkr|jd=t|tdtdS)Nryz,Two-factor authentication setup is complete!core:security_settings)rCr rIrJrr/r6r6r7r}s zShowBackupCodesView.postr~r6r6r4r7rs rcs<eZdZdZdZeZedZfddZ fddZ Z S)Disable2FAViewz! View for disabling 2FA. zauthentication/disable_2fa.htmlrcst}|jj|d<|S)Nr+)r.r8r1r+r9r4r6r7r8s  zDisable2FAView.get_form_kwargscsfz0tjj|jjd}|t|jtdWn(tj k rXt |jtdYnXt |S)Nr:z,Two-factor authentication has been disabled.$2FA is not enabled for your account.) rr?r@r1r+ disable_2far rIrJrErRr.rN)r0rOrPr4r6r7rNszDisable2FAView.form_valid) rUrVrWrXrYr$rZrr[r8rNr\r6r6r4r7r s  rcs,eZdZdZdZfddZddZZS)SecuritySettingsViewz. View for managing security settings. z%authentication/security_settings.htmlc stjf|}tjj|jjd\}}tjj|jjj d ddd}t jj|jjdd d}| |t |dt|jjd|||jjjd |S) Nr:)rMz -created_at Tr+ is_activez-last_activity)instance)rPZ security_formZ password_formrecent_attemptsactive_sessionscurrent_session_key)r.rfrr?rsr1r+rfilterrMorder_byrrur%r"rC session_key)r0r3rgrPrvrrr4r6r7rf0s0  z%SecuritySettingsView.get_context_datacOstjj|jd}d|jkr\t|j|d}|rJ|t |t dqt |t dnvd|jkrt |j|jd}|r|}t |_d|_|jd d gd t||t |t d nt |t d tdS)Nr:Zupdate_security)rxrz'Security settings updated successfully.z Please correct the errors below.Zchange_passwordrwFlast_password_changepassword_reset_requiredrkzPassword changed successfully.z)Please correct the password errors below.r)rr?r@r+r{r%r|rnr rIrJrRr"rnowrrrr)r0r1r2r3rPrOr+r6r6r7r}Ls$    zSecuritySettingsView.postr~r6r6r4r7r(s rr{cCs|jd}|s tddiddSztjj|j|dd}||jjkrTtddiddWSd |_| d d l m }z|jj|d  Wn|j k rYnXtd diWStj k rtddiddYSXdS)z, Terminate a specific user session. rrRzSession key requiredi)statusT)r+rrz Cannot terminate current sessionFrSessionrrIzSession not foundiN)r{r@rrr?r+rCrrrndjango.contrib.sessions.modelsrdeleterE)r1r user_sessionrr6r6r7terminate_sessionjs*   rcCs|jj}tjj|jddj|d}t|jddd}|j dddd l m }|jj|d  t |}t|td |td|d S) z? Terminate all other user sessions except current one. Trrr)flatF)rrr)Zsession_key__inzTerminated {} other session(s).)rIZterminated_count)rCrrr?rr+excludelist values_listrurrrror rIrJrKr)r1rZother_sessionsZ session_keysrcountr6r6r7terminate_all_sessionss  rcs|jdkrztjj|jd}|jssz+regenerate_backup_codes..rrjrkryz%New backup codes have been generated.rzzSecurity profile not found.)methodrr?r@r+rAr rRrJrrrangerjrnrCrIrE)r1rPrjr6rr7regenerate_backup_codess     rcCsh|jjrHz(tjj|j|jjd}d|_|Wntj k rFYnXt |t |t dtdS)z4 Enhanced logout view with session cleanup. )r+rFz&You have been logged out successfully.r_)r+r,rr?r@rCrrrnrErr rIrJr)r1rr6r6r7enhanced_logouts r)FrXdjango.shortcutsrrrdjango.contrib.authrrrdjango.contrib.auth.decoratorsrZdjango.contrib.auth.mixinsr django.contrib.auth.modelsr django.contribr Zdjango.views.genericr r django.views.decorators.cacherdjango.views.decorators.csrfrZdjango.views.decorators.httprdjango.utils.decoratorsr django.urlsrr django.httprrdjango.core.exceptionsrdjango.utils.translationrrJ django.utilsr django.confrr django.dbrjsonauthenticationrrrformsr r!r"r#r$r%r&r)r]rhrprrrrrrrr6r6r6r7s\              $  4  3. ,   A &