Ii+ddlZddlZddlZddlZddlmZddlmZddlm Z ddl m Z ddl m Z mZddlmZddlmZmZmZdd lmZmZmZmZmZmZmZmZdd lmZm Z m!Z!m"Z"ejFjId Z%ejFjId Z&d ejFjIdZ'dZ(gdZ)e*de%e*de&rdnde*de'e*de(e*de)ede+Z,d+dZ-e,j]dddgej^de dZ0e,j]d ee d!Z1e,j]d"dge!d#$e d%Z2e,j]d&d'Z3e,j]e(d(Z4e,j]d)d*Z5y),N)db)limiter)User)validate_user_login_data) audit_routeaudit_auth_attempt)send_discord_audit_log) login_user logout_userlogin_required) Blueprintrender_templaterequestredirecturl_forflashjsonifysession)create_access_tokencreate_refresh_token jwt_requiredget_jwt_identitySHAREPOINT_CLIENT_IDSHAREPOINT_CLIENT_SECRETz"https://login.microsoftonline.com/SHAREPOINT_TENANT_IDz /getAToken)z User.Readz Files.ReadzSites.Read.Allz CLIENT_ID:zCLIENT_SECRET:SETzNOT SETz AUTHORITY:zREDIRECT_PATH:zSCOPE:authcLtjttt|S)N) authorityclient_credential token_cache)msalConfidentialClientApplication CLIENT_ID AUTHORITY CLIENT_SECRET)caches ./srv/www/ollama/chat-ollama/src/routes/auth.py_build_msal_appr)s  - -Y'U <<z/loginGETPOST)methodsz 5 per minutec tjdk(r0 ttj}t |t s t |}|j ddjj}|j dd}tjj|j}|rddl m}d|}|j |d}|j|rd||<nW|d z||<||d k\rGt!d |j"d |j"d |dtj$tj$|r|j|rt'|dd}|r[|tj$k7rHt!d |j"d |j"dtj$d|dtj$tj$|_t*jj-t/d|j"d|t1|t/d|j2t5|dddlm}t/d|j"d||d|j:|j"d|t/d|j"d|tj<r>t?|j"} tA|j"} tCd || | d!d"StEtGd#St5|d$tj<rtCd%d&d'd(fStId&tOd+StOd+S#tJ$r} t5tjj ddd$tj<rtCd)tM| d'd*fcYd} ~ StItM| Yd} ~ tOd+Sd} ~ wwxYw),u  Endpoint de login. --- tags: - auth summary: Autentica um usuário description: Permite que um usuário faça login no sistema parameters: - name: email in: formData type: string required: true description: E-mail do usuário - name: password in: formData type: string required: true description: Senha do usuário responses: 200: description: Login bem-sucedido content: application/json: schema: $ref: '#/components/schemas/Success' 401: description: Credenciais inválidas content: application/json: schema: $ref: '#/components/schemas/Error' r,emailpasswordr/r)r fail_count_zLogin suspeitouUsuáriou Múltiplas falhas de login para z do IP )actionuser_id object_type object_iddetails ip_address last_login_ipNzLogin de IP incomum: u (último: )z.[DEBUG] login_user will be called for user_id=, email=z1[DEBUG] login_user called, user is_authenticated=T log_auditz4[DEBUG] log_audit will be called for login: user_id=LoginzLogin bem-sucedido para r6r8r9r:z,[DEBUG] log_audit called for login: user_id=identityzLogin successful)r/ access_token refresh_token)messagedatachat.chat_redirectFzInvalid credentialsuE-mail ou senha inválidos)errorrGizValidation errorizauth/login.html)(rmethodrform isinstancedictgetstriplowerrquery filter_byfirstflaskrcheck_passwordr id remote_addrgetattrr<rcommitprintr is_authenticatedrsrc.security.auditr@usernameis_jsonrrrrrr Exceptionstrr) rHr/r1userrfail_key fail_countlast_ipr@rErFes r(loginrg#saH~~F +GLL9DdD)DzHHWb)//1779Exx B/H::''e'4::w'*=*==*/ $$."&''"78K8K7LKX_W``a b#*#6#6 &-%8%8" !!#FtwwixX]W^_`4 I$J_J_I`ab"5$/8LTWWIU]^c]def" $ "gg6ug>  DTWWIXV[U\]^??#6#HL$8$''$JM"#5%*,8-:!$ (< =>> ue ,)>Kghiknnn . / , --?, --   w||//$r8}tAjBd/tEd0tG|d1d2fcYd}~Sd}~wwxYw)3NrqrrrsrtrurvrwrxrpindexrJzErro: z - error_descriptioncoderyTrz)scopesr~zMSAL Token Result:rEid_token_claimspreferred_usernamer/name@r4ru8Não foi possível obter o e-mail do usuário Microsoft.rir2)r^r/r?z>[DEBUG] log_audit will be called for Microsoft login: user_id=r>rAz"Login Microsoft bem-sucedido para rBz6[DEBUG] log_audit called for Microsoft login: user_id=rbz&Login Microsoft realizado com sucesso!rIzErro ao obter token:zErro ao obter token: uLogin cancelado ou inválidozErro no callback Microsoft:rrr)$rrrrrrOargsrrrr)#acquire_token_by_authorization_coderr[splitrrrRrSrTsecrets set_password token_urlsaferaddrZr^r r]r@rWr`rrrra) rresultclaimsr/r^rbrr@rfs r(authorized_microsoftrs]5V << " "; /7<<3J3J;3W[][e[e[i[iju[v{H\HLNLVLVLZLZ[hLimpLpFF <<  G $ G(< <GG,- - gll "GLL12#gll6F6FGZ6[5\] ] W\\ !$&JJ V$$%@DZ`aKcF & /'$5r: #78OFJJw>@?D"%%g&;&;B&?@JJNN4(JJ%%'}}0X(0  ))+4 8VW[W^W^V__ghmgnop" $ "gg@H  NtwwiW_`e_fgh"(*0*@'>?(< =>>,f5.vzz:M/N.OPP- V78!;AOPRUUUVs9CNANC#N>E2N1N O-OOOz/logout-microsoftcptjttdzdt ddzS)Nz/oauth2/v2.0/logoutz?post_logout_redirect_uri=riT)r{)rclearrr%rrjr*r(logout_microsoftrs9 MMO )) $W\T%J$KL M r*)N)6rr"rrsrc.extensionsr src.securityrsrc.models.userrsrc.security.validatorsrr]rrsrc.discord.discord_webhookr flask_loginr r r rUr rrrrrrrflask_jwt_extendedrrrrrrOr$r&r% REDIRECT_PATHrr[__name__rr)routelimitrgrkrlrrrrjr*r(rs  <>>??aaahh JJNN1 2  9: 0@V1W0X Y  5lII>lI &h"< Hufo.~ i. /i.VI + +.J) d 3 *3, V V&M6V6Vp  !r*