U >i @sddlZddlmZddlmZddlmZddlmZm Z ddl m Z m Z ddl mZddlmZdd lmZeGd d d Zeed d dZe eedddZeeedddZe ee ddddZe eedddZdS)N) dataclass)List)AbstractBaseUser) BadSignatureSigner) HttpRequest HttpResponse) salted_hmac) app_settings) Authenticatorc@seZdZUeed<eed<dS) IssuedTrust fingerprintatN)__name__ __module__ __qualname__str__annotations__intrrD/tmp/pip-unpacked-wheel-upujnpc2/allauth/mfa/internal/flows/trust.pyr s r )userreturncCsd}g}|t|j||jtjj|jddD]F}|t|j|t|j|j d}|dk r:|t|q:t |d |dd S) z| If the user changes anything about his security setup, we want to invalidate any trust that was issued before. zallauth.mfa.trust)Zuser_idpkseedN|sha256) algorithm)appendrrpasswordr ZobjectsfilterZorder_bytypedatagetr join hexdigest)rZsaltpartsZ authenticatorrrrrcreate_config_fingerprints  r')requestrcst|jtj}|sgSt}z||}Wntk rBgYSXdd|D}ttt fdd|}|S)NcSs g|]}t|d|ddqS)rr r)r ).0entryrrr /sz'decode_trust_cookie..cs|jtjkS)N)rr TRUST_COOKIE_AGE total_seconds)tnowrr3z%decode_trust_cookie..) ZCOOKIESr#r TRUST_COOKIE_NAMErZ unsign_objectrtimelistr )r(valuesignerr"trustsrr1rdecode_trust_cookie&s"  r;)r:rcCst}|dd|DS)NcSsg|]}|j|jfqSrr*)r+itrrrr-;sz'encode_trust_cookie..)rZ sign_object)r:r9rrrencode_trust_cookie9sr=)r(rresponserc CsZt|}t|}|t|ttd|jtjt |tj tj tj tj tjtjddS)Nr*)Zmax_agepathdomainsecurehttponlysamesite)r'r;rr rr6 set_cookier r5r=r.ZTRUST_COOKIE_PATHZTRUST_COOKIE_DOMAINZTRUST_COOKIE_SECUREZTRUST_COOKIE_HTTPONLYZTRUST_COOKIE_SAMESITE)r(rr>r r:rrr trust_browser>srE)r(rrcs0tjs dSt|}t|tfdd|DS)NFcsg|]}|jkqSrr )r+r0rFrrr-Usz&is_trusted_browser..)r Z_TRUST_STAGE_ENABLEDr;r'any)r(rr:rrFris_trusted_browserPs rH)r6Z dataclassesrtypingrZdjango.contrib.auth.modelsrZdjango.core.signingrrZ django.httprrZdjango.utils.cryptor Z allauth.mfar Zallauth.mfa.modelsr r rr'r;r=rEboolrHrrrrs&