def check_location(cls, request):
obj = cls.objects.filter(user_id=request.user.pk).order_by('-id')[:1]
if obj.exists():
geo = get_geo(get_ip(request))
obj = obj[0]
if not obj.notified and geo != obj.geo:
messages.warning(request, render_template(
'secureauth/location_message.html', {'obj': obj}))
UserAuthNotification.notify(
request, _('Your location has changed to %s' % geo))
obj.notified = True
obj.save()
def check_location(cls, request):
obj = cls.objects.filter(user_id=request.user.pk).order_by('-id')[:1]
if obj.exists():
geo = get_geo(get_ip(request))
obj = obj[0]
if not obj.notified and geo != obj.geo:
messages.warning(request, render_template(
'secureauth/location_message.html', {'obj': obj}))
UserAuthNotification.notify(
request, _('Your location has changed to %s' % geo))
obj.notified = True
obj.save()
def process_response(self, request, response):
if not self._is_enabled(request):
return response
if UserAuthAttempt.is_banned(request):
return HttpResponseBadRequest()
if not request.COOKIES.get('satctoken'):
iv = TEST_COOKIE_REFRESH_ENCRYPT_COOKIE_IV
key = TEST_COOKIE_REFRESH_ENCRYPT_COOKIE_KEY
moo = AESModeOfOperation()
encrypted = moo.encrypt(
request.session['test_cookie_secret'], 2,
map(ord, key), moo.aes.keySize["SIZE_128"], map(ord, iv)
)
sec_uni = u''.join(map(unichr, encrypted[2]))
return render(
request, 'secureauth/test_cookie.html', {
'test_cookie_enc_key': key,
'test_cookie_enc_iv': iv,
'test_cookie_enc_set': quote(sec_uni.encode("utf-8")),
'test_cookie_next_url': request.get_full_path(),
})
elif response.status_code == 200:
from_cookie = request.COOKIES.get('satctoken').decode('hex')
from_session = request.session.get('test_cookie_secret')
if from_session is None:
self._clean(request, response)
elif from_cookie != from_session:
response.content = render_template(
'secureauth/session_expired.html')
self._clean(request, response)
logout(request)
return response
return response
def process_response(self, request, response):
if not self._is_enabled(request):
return response
if UserAuthAttempt.is_banned(request):
return HttpResponseBadRequest()
if not request.COOKIES.get('satctoken'):
iv = TEST_COOKIE_REFRESH_ENCRYPT_COOKIE_IV
key = TEST_COOKIE_REFRESH_ENCRYPT_COOKIE_KEY
moo = AESModeOfOperation()
encrypted = moo.encrypt(request.session['test_cookie_secret'], 2,
map(ord, key), moo.aes.keySize["SIZE_128"],
map(ord, iv))
sec_uni = u''.join(map(unichr, encrypted[2]))
return render(
request, 'secureauth/test_cookie.html', {
'test_cookie_enc_key': key,
'test_cookie_enc_iv': iv,
'test_cookie_enc_set': quote(sec_uni.encode("utf-8")),
'test_cookie_next_url': request.get_full_path(),
})
elif response.status_code == 200:
from_cookie = request.COOKIES.get('satctoken').decode('hex')
from_session = request.session.get('test_cookie_secret')
if from_session is None:
self._clean(request, response)
elif from_cookie != from_session:
response.content = render_template(
'secureauth/session_expired.html')
self._clean(request, response)
logout(request)
return response
return response
