vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4

perf: reduce validate ip addr execution time

Browse source
This commit is contained in:
Himanshu Warekar 2019-09-19 19:10:28 +05:30
parent 6c9f56a226
commit 4da29d099b
3 changed files with 12 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
frappe/app.py
View file

@ -51,8 +51,6 @@ def application(request):
init_request(request)
frappe.recorder.record()
if frappe.local.form_dict.cmd:
response = frappe.handler.handle()

21
frappe/auth.py
View file

@ -47,6 +47,8 @@ class HTTPRequest:
# set db
self.connect()
frappe.recorder.record()
# login
frappe.local.login_manager = LoginManager()
@ -397,22 +399,21 @@ def check_consecutive_login_attempts(user, doc):
def validate_ip_address(user):
"""check if IP Address is valid"""
user = frappe.get_doc("User", user)
user = frappe.get_cached_doc("User", user)
ip_list = user.get_restricted_ip_list()
if not ip_list:
return
bypass_restrict_ip_check = 0
system_settings = frappe.get_cached_doc("System Settings")
bypass_restrict_ip_check = None
# check if two factor auth is enabled
enabled = int(frappe.get_system_settings('enable_two_factor_auth') or 0)
if enabled:
#check if bypass restrict ip is enabled for all users
bypass_restrict_ip_check = int(frappe.get_system_settings('bypass_restrict_ip_check_if_2fa_enabled')) or 0
if not bypass_restrict_ip_check:
#check if bypass restrict ip is enabled for login user
bypass_restrict_ip_check = user.bypass_restrict_ip_check_if_2fa_enabled or 0
if system_settings.enable_two_factor_auth and not system_settings.bypass_restrict_ip_check_if_2fa_enabled:
# check if bypass restrict ip is enabled for all users or check if bypass restrict ip is enabled for login user
bypass_restrict_ip_check = user.bypass_restrict_ip_check_if_2fa_enabled
for ip in ip_list:
if frappe.local.request_ip.startswith(ip) or bypass_restrict_ip_check:
return
frappe.throw(_("Not allowed from this IP Address"), frappe.AuthenticationError)
frappe.throw(_("Access not allowed from this IP Address"), frappe.AuthenticationError)

5
frappe/core/doctype/user/user.py
View file

@ -502,10 +502,7 @@ class User(Document):
if not self.restrict_ip:
return
ip_list = self.restrict_ip.replace(",", "\n").split('\n')
ip_list = [i.strip() for i in ip_list]
return ip_list
return [i.strip() for i in self.restrict_ip.split(",")]
@frappe.whitelist()
def get_timezones():