|
|
import re
|
|
|
import hashlib
|
|
|
import time
|
|
|
from datetime import datetime, timedelta
|
|
|
|
|
|
class AuthenticationManager:
|
|
|
def __init__(self):
|
|
|
self.failed_attempts = {}
|
|
|
self.session_timeout = 7200
|
|
|
|
|
|
def validate_password(self, password):
|
|
|
"""Validate password meets security requirements"""
|
|
|
if len(password) < 8:
|
|
|
return False, "Password must be at least 8 characters"
|
|
|
|
|
|
|
|
|
if not re.match(r'^[a-zA-Z0-9!@#$%^&*()_+\-=\[\]{};:,.<>?]+$', password):
|
|
|
return False, "Password contains invalid characters"
|
|
|
|
|
|
return True, "Password valid"
|
|
|
|
|
|
def authenticate_user(self, username, password):
|
|
|
"""Authenticate user with username and password"""
|
|
|
try:
|
|
|
|
|
|
if self.is_account_locked(username):
|
|
|
return False, "Account temporarily locked due to too many failed attempts"
|
|
|
|
|
|
|
|
|
if self.verify_credentials(username, password):
|
|
|
self.reset_failed_attempts(username)
|
|
|
return True, "Authentication successful"
|
|
|
else:
|
|
|
self.record_failed_attempt(username)
|
|
|
return False, "Invalid username or password"
|
|
|
|
|
|
except Exception as e:
|
|
|
return False, f"Authentication error: {str(e)}"
|
|
|
|
|
|
def verify_credentials(self, username, password):
|
|
|
"""Verify user credentials against database"""
|
|
|
|
|
|
valid_users = {
|
|
|
"admin": "admin123",
|
|
|
"user1": "password123",
|
|
|
"[email protected]": "test123!"
|
|
|
}
|
|
|
return valid_users.get(username) == password
|
|
|
|
|
|
def is_account_locked(self, username):
|
|
|
"""Check if account is temporarily locked"""
|
|
|
if username not in self.failed_attempts:
|
|
|
return False
|
|
|
|
|
|
attempts, last_attempt = self.failed_attempts[username]
|
|
|
if attempts >= 5 and time.time() - last_attempt < 900:
|
|
|
return True
|
|
|
return False
|
|
|
|
|
|
def record_failed_attempt(self, username):
|
|
|
"""Record a failed login attempt"""
|
|
|
current_time = time.time()
|
|
|
if username in self.failed_attempts:
|
|
|
attempts, _ = self.failed_attempts[username]
|
|
|
self.failed_attempts[username] = (attempts + 1, current_time)
|
|
|
else:
|
|
|
self.failed_attempts[username] = (1, current_time)
|
|
|
|
|
|
def reset_failed_attempts(self, username):
|
|
|
"""Reset failed attempts for user"""
|
|
|
if username in self.failed_attempts:
|
|
|
del self.failed_attempts[username]
|
|
|
|
|
|
def create_session(self, username):
|
|
|
"""Create user session with timeout"""
|
|
|
session_data = {
|
|
|
'username': username,
|
|
|
'created_at': datetime.now(),
|
|
|
'expires_at': datetime.now() + timedelta(seconds=self.session_timeout),
|
|
|
'session_id': hashlib.sha256(f"{username}{time.time()}".encode()).hexdigest()
|
|
|
}
|
|
|
return session_data
|
|
|
|
|
|
def validate_session(self, session_id):
|
|
|
"""Validate if session is still active"""
|
|
|
|
|
|
|
|
|
return True |
