django-axes/axes/utils.py

"""
Axes utility functions that are publicly available.

This module is separate for historical reasons
and offers a backwards compatible import path.
"""

from logging import getLogger
from typing import Optional

from django.http import HttpRequest

from axes.handlers.proxy import AxesProxyHandler
from axes.helpers import get_client_ip_address, get_lockout_parameters

log = getLogger(__name__)


def reset(
    ip: Optional[str] = None, username: Optional[str] = None, ip_or_username=False
) -> int:
    """
    Reset records that match IP or username, and return the count of removed attempts.

    This utility method is meant to be used from the CLI or via Python API.
    """

    return AxesProxyHandler.reset_attempts(
        ip_address=ip, username=username, ip_or_username=ip_or_username
    )


def reset_request(request: HttpRequest) -> int:
    """
    Reset records that match IP or username, and return the count of removed attempts.

    This utility method is meant to be used from the CLI or via Python API.
    """
    lockout_paramaters = get_lockout_parameters(request)

    ip: Optional[str] = get_client_ip_address(request)
    username = request.GET.get("username", None)

    ip_required = False
    username_required = False
    ip_and_username = False

    for param in lockout_paramaters:
        # hack: in works with all iterables, including strings
        # so this checks works with separate parameters
        # and with parameters combinations
        if "username" in param and "ip_address" in param:
            ip_and_username = True
            ip_required = True
            username_required = True
            break
        if "username" in param:
            username_required = True
        elif "ip_address" in param:
            ip_required = True

    ip_or_username = not ip_and_username and ip_required and username_required
    if not ip_required:
        ip = None
    if not username_required:
        username = None

    if not ip and not username:
        return 0
        # We don't want to reset everything, if there is some wrong request parameter

    # TODO: reset based on user_agent?
    return reset(ip, username, ip_or_username)
Move utils to helpers module In order to offer backwards compatible import path for the axes.utils.reset function it has to have a separate implementation that can be imported independently from the axes.helpers functions that are used by the AxesBaseHandler implementation. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-25 20:54:40 +00:00			`"""`
			`Axes utility functions that are publicly available.`
Refactor attempts and add NEVER_LOCKOUT_GET flag - Move cache and cool off utility functions to the axes.utils module - Clean up axes.attempts duplicate code in attempt and cache calculations - Add stable implementation for AccessAttempt attribute calculation in the axes.attempts.get_filter_kwargs function Fixes #398 Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-13 12:50:50 +00:00
Move utils to helpers module In order to offer backwards compatible import path for the axes.utils.reset function it has to have a separate implementation that can be imported independently from the axes.helpers functions that are used by the AxesBaseHandler implementation. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-25 20:54:40 +00:00			`This module is separate for historical reasons`
			`and offers a backwards compatible import path.`
			`"""`
Refactor attempts and add NEVER_LOCKOUT_GET flag - Move cache and cool off utility functions to the axes.utils module - Clean up axes.attempts duplicate code in attempt and cache calculations - Add stable implementation for AccessAttempt attribute calculation in the axes.attempts.get_filter_kwargs function Fixes #398 Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-13 12:50:50 +00:00
Move utils to helpers module In order to offer backwards compatible import path for the axes.utils.reset function it has to have a separate implementation that can be imported independently from the axes.helpers functions that are used by the AxesBaseHandler implementation. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-25 20:54:40 +00:00			`from logging import getLogger`
changes requested by aleksihakli 2020-08-09 05:58:03 +00:00			`from typing import Optional`
Refactor handlers to a more pluggable format - Define a base handler API with method signatures - Move proxy handler to a separate path for importability - Implement a database handler with clean external dependencies - Change the authentication backend and decorators to use the authentication backend This enables clean pluggable authentication backend definitions that users can override and specialize with e.g. cached handlers in their own packages. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-17 21:56:48 +00:00
add missing tests; refactor reset_request() 2020-07-08 05:43:45 +00:00			`from django.http import HttpRequest`

Make reset for attempts and logs pluggable Fixes #454 2019-07-11 12:56:28 +00:00			`from axes.handlers.proxy import AxesProxyHandler`
feat!: implement reset_request using get_lockout_parameters 2023-05-04 09:49:25 +00:00			`from axes.helpers import get_client_ip_address, get_lockout_parameters`
Refactor handlers to a more pluggable format - Define a base handler API with method signatures - Move proxy handler to a separate path for importability - Implement a database handler with clean external dependencies - Change the authentication backend and decorators to use the authentication backend This enables clean pluggable authentication backend definitions that users can override and specialize with e.g. cached handlers in their own packages. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-17 21:56:48 +00:00
Move utils to helpers module In order to offer backwards compatible import path for the axes.utils.reset function it has to have a separate implementation that can be imported independently from the axes.helpers functions that are used by the AxesBaseHandler implementation. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-25 20:54:40 +00:00			`log = getLogger(__name__)`
Refactor handlers to a more pluggable format - Define a base handler API with method signatures - Move proxy handler to a separate path for importability - Implement a database handler with clean external dependencies - Change the authentication backend and decorators to use the authentication backend This enables clean pluggable authentication backend definitions that users can override and specialize with e.g. cached handlers in their own packages. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-17 21:56:48 +00:00

Fix code formatting 2022-05-16 07:31:46 +00:00			`def reset(`
			`ip: Optional[str] = None, username: Optional[str] = None, ip_or_username=False`
			`) -> int:`
Refactor handlers to a more pluggable format - Define a base handler API with method signatures - Move proxy handler to a separate path for importability - Implement a database handler with clean external dependencies - Change the authentication backend and decorators to use the authentication backend This enables clean pluggable authentication backend definitions that users can override and specialize with e.g. cached handlers in their own packages. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-17 21:56:48 +00:00			`"""`
Move utils to helpers module In order to offer backwards compatible import path for the axes.utils.reset function it has to have a separate implementation that can be imported independently from the axes.helpers functions that are used by the AxesBaseHandler implementation. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-25 20:54:40 +00:00			`Reset records that match IP or username, and return the count of removed attempts.`
Refactor handlers to a more pluggable format - Define a base handler API with method signatures - Move proxy handler to a separate path for importability - Implement a database handler with clean external dependencies - Change the authentication backend and decorators to use the authentication backend This enables clean pluggable authentication backend definitions that users can override and specialize with e.g. cached handlers in their own packages. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-17 21:56:48 +00:00
Move utils to helpers module In order to offer backwards compatible import path for the axes.utils.reset function it has to have a separate implementation that can be imported independently from the axes.helpers functions that are used by the AxesBaseHandler implementation. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-25 20:54:40 +00:00			`This utility method is meant to be used from the CLI or via Python API.`
Refactor handlers to a more pluggable format - Define a base handler API with method signatures - Move proxy handler to a separate path for importability - Implement a database handler with clean external dependencies - Change the authentication backend and decorators to use the authentication backend This enables clean pluggable authentication backend definitions that users can override and specialize with e.g. cached handlers in their own packages. Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi> 2019-02-17 21:56:48 +00:00			`"""`

add LOCK_OUT_BY_USER_OR_IP option store all AccessAttempt records 2020-07-07 08:46:22 +00:00			`return AxesProxyHandler.reset_attempts(`
			`ip_address=ip, username=username, ip_or_username=ip_or_username`
			`)`
add reset_request helper function to internalize reset logic into django-axis 2020-07-07 17:55:46 +00:00

add missing tests; refactor reset_request() 2020-07-08 05:43:45 +00:00			`def reset_request(request: HttpRequest) -> int:`
add reset_request helper function to internalize reset logic into django-axis 2020-07-07 17:55:46 +00:00			`"""`
			`Reset records that match IP or username, and return the count of removed attempts.`

			`This utility method is meant to be used from the CLI or via Python API.`
			`"""`
feat!: implement reset_request using get_lockout_parameters 2023-05-04 09:49:25 +00:00			`lockout_paramaters = get_lockout_parameters(request)`
add reset_request helper function to internalize reset logic into django-axis 2020-07-07 17:55:46 +00:00
changes requested by aleksihakli 2020-08-09 05:58:03 +00:00			`ip: Optional[str] = get_client_ip_address(request)`
add reset_request helper function to internalize reset logic into django-axis 2020-07-07 17:55:46 +00:00			`username = request.GET.get("username", None)`

feat!: implement reset_request using get_lockout_parameters 2023-05-04 09:49:25 +00:00			`ip_required = False`
			`username_required = False`
			`ip_and_username = False`

			`for param in lockout_paramaters:`
			`# hack: in works with all iterables, including strings`
			`# so this checks works with separate parameters`
			`# and with parameters combinations`
			`if "username" in param and "ip_address" in param:`
			`ip_and_username = True`
			`ip_required = True`
			`username_required = True`
			`break`
refactor: fix prospector errors 2023-05-10 17:07:11 +00:00			`if "username" in param:`
feat!: implement reset_request using get_lockout_parameters 2023-05-04 09:49:25 +00:00			`username_required = True`
			`elif "ip_address" in param:`
			`ip_required = True`

			`ip_or_username = not ip_and_username and ip_required and username_required`
			`if not ip_required:`
add reset_request helper function to internalize reset logic into django-axis 2020-07-07 17:55:46 +00:00			`ip = None`
feat!: implement reset_request using get_lockout_parameters 2023-05-04 09:49:25 +00:00			`if not username_required:`
add missing tests; refactor reset_request() 2020-07-08 05:43:45 +00:00			`username = None`

			`if not ip and not username:`
changes requested by aleksihakli 2020-08-09 05:58:03 +00:00			`return 0`
			`# We don't want to reset everything, if there is some wrong request parameter`
add reset_request helper function to internalize reset logic into django-axis 2020-07-07 17:55:46 +00:00
			`# TODO: reset based on user_agent?`
add LOCK_OUT_BY_USER_OR_IP option store all AccessAttempt records 2020-07-07 08:46:22 +00:00			`return reset(ip, username, ip_or_username)`