def get_by_username(username, remote_addr=None): username = utils.filter_str(username).lower() if remote_addr: doc = Administrator.limiter_collection.find_and_modify({ '_id': remote_addr, }, { '$inc': {'count': 1}, '$setOnInsert': {'timestamp': utils.now()}, }, new=True, upsert=True) if utils.now() > doc['timestamp'] + datetime.timedelta(minutes=1): doc = { 'count': 1, 'timestamp': utils.now(), } Administrator.limiter_collection.update({ '_id': remote_addr, }, doc, upsert=True) if doc['count'] > settings.app.auth_limiter_count_max: raise flask.abort(403) admin = find_user(username=username) if not admin: return return admin
def get_by_username(username): username = utils.filter_str(username).lower() admin = find_user(username=username) if not admin: return return admin
def check_auth(username, password, remote_addr=None): username = utils.filter_str(username).lower() if remote_addr: doc = Administrator.limiter_collection.find_and_modify( { '_id': remote_addr, }, { '$inc': { 'count': 1 }, '$setOnInsert': { 'timestamp': utils.now() }, }, new=True, upsert=True) if utils.now() > doc['timestamp'] + datetime.timedelta(minutes=1): doc = { 'count': 1, 'timestamp': utils.now(), } Administrator.limiter_collection.update({ '_id': remote_addr, }, doc, upsert=True) if doc['count'] > settings.app.auth_limiter_count_max: raise flask.abort(403) administrator = find_user(username=username) if not administrator: return if not administrator.test_password(password): return sso_admin = settings.app.sso_admin if settings.app.sso and DUO_AUTH in settings.app.sso and sso_admin: allow, _ = sso.auth_duo(sso_admin, strong=True, ipaddr=remote_addr, type='Administrator') if not allow: return return administrator
def check_auth(username, password, remote_addr=None): username = utils.filter_str(username).lower() if remote_addr: doc = Administrator.limiter_collection.find_and_modify({ '_id': remote_addr, }, { '$inc': {'count': 1}, '$setOnInsert': {'timestamp': utils.now()}, }, new=True, upsert=True) if utils.now() > doc['timestamp'] + datetime.timedelta(minutes=1): doc = { 'count': 1, 'timestamp': utils.now(), } Administrator.limiter_collection.update({ '_id': remote_addr, }, doc, upsert=True) if doc['count'] > settings.app.auth_limiter_count_max: raise flask.abort(403) administrator = find_user(username=username) if not administrator: return if not administrator.test_password(password): return sso_admin = settings.app.sso_admin if settings.app.sso and DUO_AUTH in settings.app.sso and sso_admin: allow, _ = sso.auth_duo( sso_admin, strong=True, ipaddr=remote_addr, type='Administrator' ) if not allow: return return administrator