mirror of
https://github.com/pacnpal/thrillwiki_django_no_react.git
synced 2025-12-29 02:26:59 -05:00
107 lines
2.8 KiB
Python
107 lines
2.8 KiB
Python
"""
|
|
Login History Model
|
|
|
|
Tracks user login events for security auditing and compliance with
|
|
the login_history_retention setting on the User model.
|
|
"""
|
|
|
|
import pghistory
|
|
from django.conf import settings
|
|
from django.db import models
|
|
|
|
|
|
@pghistory.track()
|
|
class LoginHistory(models.Model):
|
|
"""
|
|
Records each successful login attempt for a user.
|
|
|
|
Used for security auditing, login notifications, and compliance with
|
|
the user's login_history_retention preference.
|
|
"""
|
|
|
|
user = models.ForeignKey(
|
|
settings.AUTH_USER_MODEL,
|
|
on_delete=models.CASCADE,
|
|
related_name="login_history",
|
|
help_text="User who logged in",
|
|
)
|
|
|
|
ip_address = models.GenericIPAddressField(
|
|
null=True,
|
|
blank=True,
|
|
help_text="IP address from which the login occurred",
|
|
)
|
|
|
|
user_agent = models.CharField(
|
|
max_length=500,
|
|
blank=True,
|
|
help_text="Browser/client user agent string",
|
|
)
|
|
|
|
login_method = models.CharField(
|
|
max_length=20,
|
|
choices=[
|
|
("PASSWORD", "Password"),
|
|
("GOOGLE", "Google OAuth"),
|
|
("DISCORD", "Discord OAuth"),
|
|
("MAGIC_LINK", "Magic Link"),
|
|
("SESSION", "Session Refresh"),
|
|
],
|
|
default="PASSWORD",
|
|
help_text="Method used for authentication",
|
|
)
|
|
|
|
login_timestamp = models.DateTimeField(
|
|
auto_now_add=True,
|
|
db_index=True,
|
|
help_text="When the login occurred",
|
|
)
|
|
|
|
success = models.BooleanField(
|
|
default=True,
|
|
help_text="Whether the login was successful",
|
|
)
|
|
|
|
# Optional geolocation data (can be populated asynchronously)
|
|
country = models.CharField(
|
|
max_length=100,
|
|
blank=True,
|
|
help_text="Country derived from IP (optional)",
|
|
)
|
|
|
|
city = models.CharField(
|
|
max_length=100,
|
|
blank=True,
|
|
help_text="City derived from IP (optional)",
|
|
)
|
|
|
|
class Meta:
|
|
verbose_name = "Login History"
|
|
verbose_name_plural = "Login History"
|
|
ordering = ["-login_timestamp"]
|
|
indexes = [
|
|
models.Index(fields=["user", "-login_timestamp"]),
|
|
models.Index(fields=["ip_address"]),
|
|
]
|
|
|
|
def __str__(self):
|
|
return f"{self.user.username} login at {self.login_timestamp}"
|
|
|
|
@classmethod
|
|
def cleanup_old_entries(cls, days=90):
|
|
"""
|
|
Remove login history entries older than the specified number of days.
|
|
Respects each user's login_history_retention preference.
|
|
"""
|
|
from datetime import timedelta
|
|
|
|
from django.utils import timezone
|
|
|
|
# Default cleanup for entries older than the specified days
|
|
cutoff = timezone.now() - timedelta(days=days)
|
|
deleted_count, _ = cls.objects.filter(
|
|
login_timestamp__lt=cutoff
|
|
).delete()
|
|
|
|
return deleted_count
|