Fix regression with empty IP addresses

Cache backend threw an error with OAuth2 backends missing IP address in the cache key generation. Fixes #437
2026-05-13 18:13:11 +00:00 · 2019-05-09 19:00:17 +03:00 · 2019-05-09 19:00:17 +03:00 · 30184e2e52
commit 30184e2e52
parent a5a15dffaa
2 changed files with 40 additions and 4 deletions
--- a/axes/helpers.py
+++ b/axes/helpers.py
@ -370,7 +370,7 @@ def get_client_cache_key(request_or_attempt: Union[HttpRequest, Any], credential

    filter_kwargs = get_client_parameters(username, ip_address, user_agent)

-    cache_key_components = ''.join(filter_kwargs.values())
+    cache_key_components = ''.join(value for value in filter_kwargs.values() if value)
    cache_key_digest = md5(cache_key_components.encode()).hexdigest()
    cache_key = f'axes-{cache_key_digest}'

--- a/axes/tests/test_utils.py
+++ b/axes/tests/test_utils.py
@ -259,10 +259,9 @@ class ClientCacheKeyTestCase(AxesTestCase):
        """

        cache_hash_digest = md5(self.ip_address.encode()).hexdigest()
-
-        # Getting cache key from request
        cache_hash_key = f'axes-{cache_hash_digest}'

+        # Getting cache key from request
        request_factory = RequestFactory()
        request = request_factory.post(
            '/admin/login/',
@ -288,16 +287,53 @@ class ClientCacheKeyTestCase(AxesTestCase):

        self.assertEqual(cache_hash_key, get_client_cache_key(attempt))

+    def test_get_cache_key_empty_ip_address(self):
+        """
+        Simulate an empty IP address in the request.
+        """
+
+        empty_ip_address = ''
+
+        cache_hash_digest = md5(empty_ip_address.encode()).hexdigest()
+        cache_hash_key = f'axes-{cache_hash_digest}'
+
+        # Getting cache key from request
+        request_factory = RequestFactory()
+        request = request_factory.post(
+            '/admin/login/',
+            data={
+                'username': self.username,
+                'password': 'test',
+            },
+            REMOTE_ADDR=empty_ip_address,
+        )
+
+        self.assertEqual(cache_hash_key, get_client_cache_key(request))
+
+        # Getting cache key from AccessAttempt Object
+        attempt = AccessAttempt(
+            user_agent='<unknown>',
+            ip_address=empty_ip_address,
+            username=self.username,
+            get_data='',
+            post_data='',
+            http_accept=request.META.get('HTTP_ACCEPT', '<unknown>'),
+            path_info=request.META.get('PATH_INFO', '<unknown>'),
+            failures_since_start=0,
+        )
+
+        self.assertEqual(cache_hash_key, get_client_cache_key(attempt))
+
    def test_get_cache_key_credentials(self):
        """
        Test the cache key format.
        """

-        # Getting cache key from request
        ip_address = self.ip_address
        cache_hash_digest = md5(ip_address.encode()).hexdigest()
        cache_hash_key = f'axes-{cache_hash_digest}'

+        # Getting cache key from request
        request_factory = RequestFactory()
        request = request_factory.post(
            '/admin/login/',