hWbddlmZmZddlmZddlmZmZddlmZm Z GddZ e Z y))datetimetime)settings)constant_time_compare salted_hmac) base36_to_int int_to_base36c\eZdZdZdZdZejZdZ dZ dZ d dZ dZ d Zd Zy) PasswordResetTokenGeneratorza Strategy object used to generate and check tokens for the password reset mechanism. z6django.contrib.auth.tokens.PasswordResetTokenGeneratorNcJ|jxstj|_yN) algorithmrDEFAULT_HASHING_ALGORITHMselfs ]/var/www/html/ranktracker/api/venv/lib/python3.12/site-packages/django/contrib/auth/tokens.py__init__z$PasswordResetTokenGenerator.__init__sM8+M+Mc`|j||j|jS)zi Return a token that can be used once to do a password reset for the given user. )_make_token_with_timestamp _num_seconds_now)rusers r make_tokenz&PasswordResetTokenGenerator.make_tokens( ..tT5F5Ftyy{5STTrc6|r|sy |jd\}}t|dk} t|}t |j |||st |j ||d|sy|j }|rT|dz}|t|tj|jtjz jz }|j||z tj kDryy#t$rYywxYw#t$rYywxYw)zP Check that a password reset token is correct for a given user. F-T)legacyiQ)splitlen ValueErrorrrrrintrcombinedatermin total_secondsrrPASSWORD_RESET_TIMEOUT)rrtokents_b36_ legacy_tokentsnows r check_tokenz'PasswordResetTokenGenerator.check_tokens  C(IFAv;?L v&B %T%D%DT2%NPUV)//b/Fiik  , B #sX--chhj$((CCRRTU UB   c "R '8+J+J J;     s""C= D = D D  DDct|}t|j|j|||j|rdn |j j ddd}|d|S)Nsha1)secretrr)r rkey_salt_make_hash_valuer1r hexdigest)rr timestamprr) hash_strings rrz6PasswordResetTokenGenerator._make_token_with_timestampGsdy)! MM  ! !$ 2;;!'fDNN  )+cc !+..rc|jdn|jjdd}t|j|jzt|zt|zS)a Hash the user's primary key and some user state that's sure to change after a password reset to produce a token that invalidated when it's used: 1. The password field will change upon a password reset (even if the same password is chosen, due to password salting). 2. The last_login field will usually be updated very shortly after a password reset. Failing those things, settings.PASSWORD_RESET_TIMEOUT eventually invalidates the token. Running this data through salted_hmac() prevents password cracking attempts using the reset token, provided the secret isn't compromised. Nr) microsecondtzinfo) last_loginreplacestrpkpassword)rrr6login_timestamps rr4z,PasswordResetTokenGenerator._make_hash_valueVsT"!% 7"T__=T=Tabko=T=p477|dmm+c/.BBS^SSrcPt|tdddz jS)Ni)r"rr&)rdts rrz(PasswordResetTokenGenerator._num_secondsjs$B$1--<<>??rc*tjSr )rr-rs rrz PasswordResetTokenGenerator._nowms||~r)F)__name__ __module__ __qualname____doc__r3rr SECRET_KEYr1rrr.rr4rrrrr r sGHHI  FN U(T /T(@rr N) rr django.confrdjango.utils.cryptorrdjango.utils.httprr r default_token_generatorrKrrrPs)# B:ggT67r