o &ahE@sdZddlmZddlmZddlmZddlm Z ddl m Z ddl m Z ddlZddlZdd lmZe ZGd d d e ZGd d d e ZGddde ZGddde ZdS)z Authentication Models Module This module contains models related to authentication and authorization including login attempts, password reset tokens, and session management. Author: Senior Django Developer Date: 2024 )models) gettext_lazy)timezone)get_user_model)MinLengthValidator) BaseModelN) timedeltac@s eZdZdZejeejddededdZ ej ededdZ ej ed ed dZ ejded ed d ZejdededdZejddededdZejddededdZejddededdZGdddZddZed%dd Zed&d"d#Zd$S)' LoginAttempta Model to track login attempts for security monitoring. This model helps in implementing security features like: - Account lockout after multiple failed attempts - Suspicious activity detection - Login analytics and monitoring TUserzUser who attempted to login) on_deletenullblank verbose_name help_textzAttempted Emailz#Email address used in login attemptrr IP Addressz)IP address from which login was attempted User Agent Browser/client user agent stringr rrFz Is Successfulz(Whether the login attempt was successfuldefaultrrdzFailure ReasonzReason for login failure max_lengthr rrCountryz&Country from which login was attemptedCityz#City from which login was attemptedc@sTeZdZedZedZdgZdZej ddgdej ddgdej d dgdgZ d S) zLoginAttempt.Metaz Login AttemptzLogin Attempts -created_atZauth_login_attemptattempted_email created_atfields ip_address is_successfulN __name__ __module__ __qualname___rverbose_name_pluralorderingdb_tablerIndexindexesr-r-PC:\Users\vibe-look\OneDrive\Desktop\Adtlas_V\src\apps\authentification\models.pyMeta_sr/cCs(|jrdnd}|jd|d|jdS)z+String representation of the login attempt.ZSuccessZFailed -  ()N)r"rr)selfstatusr-r-r.__str__jszLoginAttempt.__str__cCs(tt|d}|jj|d|dS)a% Get count of failed login attempts for an email within specified hours. Args: email (str): Email address to check since_hours (int): Number of hours to look back Returns: int: Number of failed attempts hoursF)rr"created_at__gteNrnowrobjectsfiltercount)clsemail since_hours since_timer-r-r.get_failed_attempts_countos z&LoginAttempt.get_failed_attempts_count cCs0tt|d}|jj|d|d}||kS)aT Check if an IP address has too many failed attempts. Args: ip_address (str): IP address to check max_attempts (int): Maximum allowed failed attempts since_hours (int): Number of hours to look back Returns: bool: True if IP is suspicious r7F)r!r"r9Nr:)r?r!Z max_attemptsrArBZ failed_countr-r-r.is_ip_suspiciouss zLoginAttempt.is_ip_suspiciousN)r6)rDr6)r$r%r&__doc__r ForeignKeyr CASCADEr'user EmailFieldrGenericIPAddressFieldr! TextField user_agent BooleanFieldr" CharFieldZfailure_reasoncountrycityr/r5 classmethodrCrEr-r-r-r.r sh    r cseZdZdZejeejededdZ ej ddededd Z ej ed ed d Z ejd ededdZej ddededdZejededd ZejddededdZGdddZddZfddZed(dd Zd!d"Zd)d$d%Zed&d'ZZS)*PasswordResetTokenz Model for managing password reset tokens. This model provides secure password reset functionality with: - Time-limited tokens - One-time use tokens - Secure token generation r z$User for whom the token is generatedr rrrTTokenzPassword reset tokenruniquerr Expires AtWhen the token expiresrFIs UsedWhether the token has been usedrUsed AtWhen the token was usedr r rrz Requested IPz)IP address from which reset was requestedzUsed IPz$IP address from which token was usedc@PeZdZedZedZdgZdZej dgdej ddgdej d gdgZ d S) zPasswordResetToken.MetazPassword Reset TokenzPassword Reset TokensrZauth_password_reset_tokentokenrrIis_used expires_atNr#r-r-r-r.r/  r/cCsd|jjd|jdS)z2String representation of the password reset token.zReset token for r1r2N)rIr@rr3r-r-r.r5szPasswordResetToken.__str__c@|js||_|jsttdd|_tj|i|dS) Override save to generate token and set expiration. Automatically generates a secure token and sets expiration time if not already set. r6r7Nr`generate_tokenrbrr;rsupersaver3argskwargs __class__r-r.rj  zPasswordResetToken.save@c(tjtjdfddt|DS) Generate a secure random token. Args: length (int): Length of the token Returns: str: Secure random token c3|]}tVqdSNsecretschoice.0r'alphabetr-r. z4PasswordResetToken.generate_token..Nstring ascii_lettersdigitsjoinrangelengthr-r|r.rh z!PasswordResetToken.generate_tokencC|j o t|jkSz Check if the token is valid (not used and not expired). Returns: bool: True if token is valid Nrarr;rbrdr-r-r.is_valid zPasswordResetToken.is_validNcCs.d|_t|_|r ||_|jgdddS)z Mark the token as used. Args: ip_address (str): IP address from which token was used T)raused_atused_ip update_fieldsN)rarr;rrrjr3r!r-r-r. use_tokens  zPasswordResetToken.use_tokencC&|jjtd}|}||S)z~ Remove expired tokens from the database. Returns: int: Number of tokens deleted Zexpires_at__ltNr<r=rr;r>delete)r?Zexpired_tokensr>r-r-r.cleanup_expired z"PasswordResetToken.cleanup_expiredrqrv)r$r%r&rFrrGr rHr'rIrOr` DateTimeFieldrbrNrarrKZ requested_iprr/r5rj staticmethodrhrrrRr __classcell__r-r-rnr.rSs`     rScseZdZdZejeejededdZ ej ddededd Z ej ed ed d Z ejed edd ZejdededdZejddededdZejddededdZGdddZddZfddZed&dd Zd!d"Zd'd$d%ZZS)(EmailVerificationTokenz Model for managing email verification tokens. This model handles email verification functionality with: - Secure token generation - Time-limited verification - One-time use tokens r z1User for whom the verification token is generatedrTrTrUzEmail verification tokenrVZEmailzEmail address to verifyrrXrYFrZr[rr\r]r^z Verified IPz(IP address from which email was verifiedc@r_) zEmailVerificationToken.MetazEmail Verification TokenzEmail Verification TokensrZauth_email_verification_tokenr`rrIrar@Nr#r-r-r-r.r/hrcr/cCsd|jd|jdS)z6String representation of the email verification token.zVerification token for r1r2N)r@rrdr-r-r.r5sszEmailVerificationToken.__str__cre)rfr7Nrgrkrnr-r.rjwrpzEmailVerificationToken.saverqcrr)rsrtc3rurvrwrzr|r-r.r~rz8EmailVerificationToken.generate_token..Nrrr-r|r.rhrz%EmailVerificationToken.generate_tokencCrrrrdr-r-r.rrzEmailVerificationToken.is_validNcCs8d|_t|_|r ||_|jgdd|jdS)z Mark the token as used and verify the user's email. Args: ip_address (str): IP address from which verification was completed T)rar verified_iprN)rarr;rrrjrI verify_emailrr-r-r.rs  z#EmailVerificationToken.verify_emailrrv)r$r%r&rFrrGr rHr'rIrOr`rJr@rrbrNrarrKrr/r5rjrrhrrrr-r-rnr.r+s\     rc@szeZdZdZejeejededdZ ej ddededd Z ej ed ed d Z ejded eddZej ddededdZej ddededdZej ddededdZejdededdZejdededdZejeded d Zej dded!ed"dZej dded#ed$dZGd%d&d&Zd'd(Zd)d*Zd+d,Zed-d.Zed/d0Z d1S)2 UserSessionz Model for tracking user sessions. This model provides enhanced session management with: - Session tracking across devices - Security monitoring - Session invalidation capabilities r zUser who owns this sessionrT(Tz Session KeyzDjango session keyrVrzIP address of the sessionrrrr2z Device Typez(Type of device (mobile, desktop, tablet)rrZBrowserzBrowser name and versionzOperating Systemz!Operating system name and versionz Is Activez'Whether the session is currently activerz Last Activityz When the session was last active)auto_nowrrrXzWhen the session expiresrzCountry of the sessionrzCity of the sessionc@sPeZdZedZedZdgZdZej ddgdej dgdej d gdgZ d S) zUserSession.Metaz User Sessionz User Sessionsz-last_activityZauth_user_sessionrI is_activer session_key last_activityNr#r-r-r-r.r/s  r/cCs|jjd|jd|jdS)z*String representation of the user session.r0r1r2N)rIr@r!rrdr-r-r.r5szUserSession.__str__cCst|jkS)zy Check if the session is expired. Returns: bool: True if session is expired N)rr;rbrdr-r-r. is_expired"szUserSession.is_expiredcCsd|_|jdgddS)z Invalidate the session. Marks the session as inactive and can be used to force logout from specific devices. FrrN)rrjrdr-r-r. invalidate+szUserSession.invalidatecCr)z Remove expired sessions from the database. Returns: int: Number of sessions deleted rNr)r?Zexpired_sessionsr>r-r-r.r5rzUserSession.cleanup_expiredcCs|jj|dtdS)z Get all active sessions for a user. Args: user: User instance Returns: QuerySet: Active sessions for the user T)rIrZexpires_at__gtN)r<r=rr;)r?rIr-r-r.get_active_sessions_for_userDs  z(UserSession.get_active_sessions_for_userN)!r$r%r&rFrrGr rHr'rIrOrrKr!rLrMZ device_typeZbrowserZoperating_systemrNrrrrbrPrQr/r5rrrRrrr-r-r-r.rs    r)rF django.dbrdjango.utils.translationrr' django.utilsrdjango.contrib.authrdjango.core.validatorsrZapps.common.modelsrrxrdatetimerr r rSrrr-r-r-r.s"      ~