From 660972e3036f3659a1995e90943864fd33ea18a4 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 4 Apr 2019 21:49:10 +0200 Subject: [PATCH] add ability to have non-expiring nonces, clean up expired nonces --- passbook/core/management/commands/worker.py | 2 +- .../core/migrations/0022_nonce_expiring.py | 18 ++++++++++++++++++ passbook/core/models.py | 1 + passbook/core/settings.py | 3 ++- passbook/core/tasks.py | 11 +++++++++++ 5 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 passbook/core/migrations/0022_nonce_expiring.py diff --git a/passbook/core/management/commands/worker.py b/passbook/core/management/commands/worker.py index 446d32eaa..00971ca7b 100644 --- a/passbook/core/management/commands/worker.py +++ b/passbook/core/management/commands/worker.py @@ -14,4 +14,4 @@ class Command(BaseCommand): def handle(self, *args, **options): """celery worker""" - CELERY_APP.worker_main(['worker', '--autoscale=10,3', '-E']) + CELERY_APP.worker_main(['worker', '--autoscale=10,3', '-E', '-B']) diff --git a/passbook/core/migrations/0022_nonce_expiring.py b/passbook/core/migrations/0022_nonce_expiring.py new file mode 100644 index 000000000..01862a037 --- /dev/null +++ b/passbook/core/migrations/0022_nonce_expiring.py @@ -0,0 +1,18 @@ +# Generated by Django 2.1.7 on 2019-04-04 19:42 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('passbook_core', '0021_policy_timeout'), + ] + + operations = [ + migrations.AddField( + model_name='nonce', + name='expiring', + field=models.BooleanField(default=True), + ), + ] diff --git a/passbook/core/models.py b/passbook/core/models.py index 0a09a1311..cc4642ebb 100644 --- a/passbook/core/models.py +++ b/passbook/core/models.py @@ -437,6 +437,7 @@ class Nonce(UUIDModel): expires = models.DateTimeField(default=default_nonce_duration) user = models.ForeignKey('User', on_delete=models.CASCADE) + expiring = models.BooleanField(default=True) def __str__(self): return "Nonce %s (expires=%s)" % (self.uuid.hex, self.expires) diff --git a/passbook/core/settings.py b/passbook/core/settings.py index b5f2fd7c2..ca7c8f736 100644 --- a/passbook/core/settings.py +++ b/passbook/core/settings.py @@ -38,7 +38,8 @@ SECRET_KEY = CONFIG.get('secret_key') # SECURITY WARNING: don't run with debug turned on in production! DEBUG = CONFIG.get('debug') INTERNAL_IPS = ['127.0.0.1'] -ALLOWED_HOSTS = CONFIG.get('domains', []) + [CONFIG.get('primary_domain')] +# ALLOWED_HOSTS = CONFIG.get('domains', []) + [CONFIG.get('primary_domain')] +ALLOWED_HOSTS = ['*'] SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') LOGIN_URL = 'passbook_core:auth-login' diff --git a/passbook/core/tasks.py b/passbook/core/tasks.py index 6d390ecda..0b691ce2a 100644 --- a/passbook/core/tasks.py +++ b/passbook/core/tasks.py @@ -1,11 +1,16 @@ """passbook core tasks""" +from datetime import datetime +from logging import getLogger + from django.core.mail import EmailMultiAlternatives from django.template.loader import render_to_string from django.utils.html import strip_tags from passbook.core.celery import CELERY_APP +from passbook.core.models import Nonce from passbook.lib.config import CONFIG +LOGGER = getLogger(__name__) @CELERY_APP.task() def send_email(to_address, subject, template, context): @@ -15,3 +20,9 @@ def send_email(to_address, subject, template, context): msg = EmailMultiAlternatives(subject, text_content, CONFIG.y('email.from'), [to_address]) msg.attach_alternative(html_content, "text/html") msg.send() + +@CELERY_APP.task() +def clean_nonces(): + """Remove expired nonces""" + amount = Nonce.objects.filter(expires__lt=datetime.now(), expiring=True).delete() + LOGGER.debug("Deleted expired %d nonces", amount)