def post(self, request, *args, **kwargs): # limit login authentication ip = get_request_ip(request) username = self.request.POST.get('username') if is_block_login(username, ip): return self.render_to_response(self.get_context_data(block_login=True)) return super().post(request, *args, **kwargs)
def post(self, request): # limit login username = request.data.get('username') ip = request.data.get('remote_addr', None) ip = ip or get_request_ip(request) if is_block_login(username, ip): msg = _("Log in frequently and try again later") logger.warn(msg + ': ' + username + ':' + ip) return Response({'msg': msg}, status=401) user, msg = self.check_user_valid(request) if not user: username = request.data.get('username', '') exist = User.objects.filter(username=username).first() reason = LoginLog.REASON_PASSWORD if exist else LoginLog.REASON_NOT_EXIST self.send_auth_signal(success=False, username=username, reason=reason) increase_login_failed_count(username, ip) return Response({'msg': msg}, status=401) if user.password_has_expired: self.send_auth_signal(success=False, username=username, reason=LoginLog.REASON_PASSWORD_EXPIRED) msg = _("The user {} password has expired, please update.".format( user.username)) logger.info(msg) return Response({'msg': msg}, status=401) if not user.otp_enabled: self.send_auth_signal(success=True, user=user) # 登陆成功,清除原来的缓存计数 clean_failed_count(username, ip) token = user.create_bearer_token(request) return Response({ 'token': token, 'user': self.serializer_class(user).data }) seed = uuid.uuid4().hex cache.set(seed, user, 300) return Response( { 'code': 101, 'msg': _('Please carry seed value and ' 'conduct MFA secondary certification'), 'otp_url': reverse('api-auth:user-otp-auth'), 'seed': seed, 'user': self.serializer_class(user).data }, status=300)
def post(self, request, *args, **kwargs): """ post请求,进行登录验证 """ ip = get_login_ip(request) username = self.request.POST.get('username') key_limit = self.key_prefix_limit.format(username, ip) if is_block_login(key_limit): return self.render_to_response( self.get_context_data(block_login=True)) return super().post(request, *args, **kwargs)
def check_is_block(self): if hasattr(self.request, 'data'): username = self.request.data.get("username") else: username = self.request.POST.get("username") ip = self.get_request_ip() if is_block_login(username, ip): logger.warn('Ip was blocked' + ': ' + username + ':' + ip) raise errors.BlockLoginError(username=username, ip=ip)
def post(self, request): # limit login username = request.data.get('username') ip = request.data.get('remote_addr', None) ip = ip or get_request_ip(request) if is_block_login(username, ip): msg = _("Log in frequently and try again later") logger.warn(msg + ': ' + username + ':' + ip) return Response({'msg': msg}, status=401) user, msg = self.check_user_valid(request) if not user: username = request.data.get('username', '') exist = User.objects.filter(username=username).first() reason = LoginLog.REASON_PASSWORD if exist else LoginLog.REASON_NOT_EXIST self.send_auth_signal(success=False, username=username, reason=reason) increase_login_failed_count(username, ip) return Response({'msg': msg}, status=401) if user.password_has_expired: self.send_auth_signal( success=False, username=username, reason=LoginLog.REASON_PASSWORD_EXPIRED ) msg = _("The user {} password has expired, please update.".format( user.username)) logger.info(msg) return Response({'msg': msg}, status=401) if not user.otp_enabled: self.send_auth_signal(success=True, user=user) # 登陆成功,清除原来的缓存计数 clean_failed_count(username, ip) token = user.create_bearer_token(request) return Response( {'token': token, 'user': self.serializer_class(user).data} ) seed = uuid.uuid4().hex cache.set(seed, user, 300) return Response( { 'code': 101, 'msg': _('Please carry seed value and ' 'conduct MFA secondary certification'), 'otp_url': reverse('api-auth:user-otp-auth'), 'seed': seed, 'user': self.serializer_class(user).data }, status=300 )
def post(self, request): # limit login username = request.data.get('username') ip = request.data.get('remote_addr', None) ip = ip or get_request_ip(request) if is_block_login(username, ip): msg = _("Log in frequently and try again later") logger.warn(msg + ': ' + username + ':' + ip) return Response({'msg': msg}, status=401) user, msg = self.check_user_valid(request) if not user: username = request.data.get('username', '') self.send_auth_signal(success=False, username=username, reason=msg) increase_login_failed_count(username, ip) return Response({'msg': msg}, status=401) if not user.otp_enabled: self.send_auth_signal(success=True, user=user) # 登陆成功,清除原来的缓存计数 clean_failed_count(username, ip) token, expired_at = user.create_bearer_token(request) return Response({ 'token': token, 'user': self.get_serializer(user).data }) seed = uuid.uuid4().hex cache.set(seed, user, 300) return Response( { 'code': 101, 'msg': _('Please carry seed value and ' 'conduct MFA secondary certification'), 'otp_url': reverse('api-auth:user-otp-auth'), 'seed': seed, 'user': self.get_serializer(user).data }, status=300)
def check_is_block(username, ip): if is_block_login(username, ip): msg = _("Log in frequently and try again later") logger.warn(msg + ': ' + username + ':' + ip) raise AuthFailedError(msg)