websites/netviz
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

batman

Browse source
This commit is contained in:
pika 2025-03-25 23:41:13 +01:00
commit 66f9ce3614
33 changed files with 2271 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

106
app/models/user.py Normal file
View file

@ -0,0 +1,106 @@
"""
User model for authentication and authorization.
"""
import bcrypt
from datetime import datetime, timedelta
from typing import Optional, List
import uuid
from flask_login import UserMixin
from app.extensions import db, login_manager
class User(UserMixin, db.Model):
"""User model for authentication and authorization."""
__tablename__ = "users"
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(64), unique=True, nullable=False, index=True)
email = db.Column(db.String(120), unique=True, nullable=False, index=True)
password_hash = db.Column(db.String(128), nullable=False)
active = db.Column(db.Boolean, default=True, nullable=False)
is_admin = db.Column(db.Boolean, default=False, nullable=False)
created_at = db.Column(db.DateTime, default=datetime.utcnow, nullable=False)
updated_at = db.Column(db.DateTime, default=datetime.utcnow, onupdate=datetime.utcnow, nullable=False)
last_login = db.Column(db.DateTime)
# For account lockout/security
failed_login_count = db.Column(db.Integer, default=0)
locked_until = db.Column(db.DateTime)
# Password reset
reset_token = db.Column(db.String(64), unique=True, index=True)
reset_token_expires_at = db.Column(db.DateTime)
# Relationships
networks = db.relationship("Network", back_populates="owner", cascade="all, delete-orphan")
def set_password(self, password: str) -> None:
"""Hash and set the user's password."""
# Generate a salt and hash the password
self.password_hash = bcrypt.hashpw(
password.encode("utf-8"), bcrypt.gensalt()
).decode("utf-8")
def check_password(self, password: str) -> bool:
"""Verify the provided password against the stored hash."""
return bcrypt.checkpw(
password.encode("utf-8"), self.password_hash.encode("utf-8")
)
def generate_reset_token(self, expires_in: int = 3600) -> str:
"""Generate a password reset token that expires after the specified time."""
self.reset_token = str(uuid.uuid4())
self.reset_token_expires_at = datetime.utcnow() + timedelta(seconds=expires_in)
db.session.commit()
return self.reset_token
def clear_reset_token(self) -> None:
"""Clear the reset token after it's been used."""
self.reset_token = None
self.reset_token_expires_at = None
db.session.commit()
def is_reset_token_valid(self, token: str) -> bool:
"""Check if the provided reset token is valid and not expired."""
return (
self.reset_token == token
and self.reset_token_expires_at is not None
and self.reset_token_expires_at > datetime.utcnow()
)
def record_login(self, success: bool) -> None:
"""Record a login attempt."""
if success:
self.last_login = datetime.utcnow()
self.failed_login_count = 0
self.locked_until = None
else:
self.failed_login_count += 1
if self.failed_login_count >= 5: # Threshold from config
self.locked_until = datetime.utcnow() + timedelta(minutes=30) # Duration from config
db.session.commit()
def is_account_locked(self) -> bool:
"""Check if the account is locked due to too many failed login attempts."""
if self.locked_until is None:
return False
if datetime.utcnow() > self.locked_until:
self.failed_login_count = 0
self.locked_until = None
db.session.commit()
return False
return True
def __repr__(self) -> str:
return f"<User {self.username}>"
@login_manager.user_loader
def load_user(user_id: str) -> Optional[User]:
"""Load a user from the database by ID."""
return User.query.get(int(user_id))