Add type hint for request variables

axes/admin.py

@@ -1,4 +1,5 @@
 from django.contrib import admin
+from django.http import HttpRequest
 from django.utils.translation import gettext_lazy as _
 
 from axes.conf import settings
@@ -39,7 +40,7 @@ class AccessAttemptAdmin(admin.ModelAdmin):
         "failures_since_start",
     ]
 
-    def has_add_permission(self, request):
+    def has_add_permission(self, request: HttpRequest) -> bool:
         return False
 
 
@@ -74,7 +75,7 @@ class AccessLogAdmin(admin.ModelAdmin):
         "logout_time",
     ]
 
-    def has_add_permission(self, request):
+    def has_add_permission(self, request: HttpRequest) -> bool:
         return False
 
 
@@ -109,7 +110,7 @@ class AccessFailureLogAdmin(admin.ModelAdmin):
         "locked_out",
     ]
 
-    def has_add_permission(self, request):
+    def has_add_permission(self, request: HttpRequest) -> bool:
         return False
 
 

axes/attempts.py

@@ -2,6 +2,7 @@ from logging import getLogger
 from typing import List, Optional
 
 from django.db.models import QuerySet
+from django.http import HttpRequest
 from django.utils.timezone import datetime, now
 
 from axes.conf import settings
@@ -27,7 +28,7 @@ def get_cool_off_threshold(attempt_time: Optional[datetime] = None) -> datetime:
     return attempt_time - cool_off
 
 
-def filter_user_attempts(request, credentials: Optional[dict] = None) -> List[QuerySet]:
+def filter_user_attempts(request: HttpRequest, credentials: Optional[dict] = None) -> List[QuerySet]:
     """
     Return a list querysets of AccessAttempts that match the given request and credentials.
     """
@@ -44,7 +45,7 @@ def filter_user_attempts(request, credentials: Optional[dict] = None) -> List[Qu
     return attempts_list
 
 
-def get_user_attempts(request, credentials: Optional[dict] = None) -> List[QuerySet]:
+def get_user_attempts(request: HttpRequest, credentials: Optional[dict] = None) -> List[QuerySet]:
     """
     Get list of querysets with valid user attempts that match the given request and credentials.
     """
@@ -83,7 +84,7 @@ def clean_expired_user_attempts(attempt_time: Optional[datetime] = None) -> int:
     return count
 
 
-def reset_user_attempts(request, credentials: Optional[dict] = None) -> int:
+def reset_user_attempts(request: HttpRequest, credentials: Optional[dict] = None) -> int:
     """
     Reset all user attempts that match the given request and credentials.
     """

axes/backends.py

@@ -1,6 +1,7 @@
 from typing import Optional
 from django.conf import settings
 from django.contrib.auth.backends import ModelBackend
+from django.http import HttpRequest
 
 from axes.exceptions import (
     AxesBackendPermissionDenied,
@@ -23,7 +24,7 @@ class AxesBackend(ModelBackend):
 
     @toggleable
     def authenticate(
-        self, request, username: Optional[str] = None, password: Optional[str] = None, **kwargs: dict
+        self, request: HttpRequest, username: Optional[str] = None, password: Optional[str] = None, **kwargs: dict
     ):
         """
         Checks user lockout status and raises an exception if user is not allowed to log in.

axes/helpers.py

@@ -105,7 +105,7 @@ def get_credentials(username: Optional[str] = None, **kwargs) -> dict:
     return credentials
 
 
-def get_client_username(request, credentials: Optional[dict] = None) -> str:
+def get_client_username(request: HttpRequest, credentials: Optional[dict] = None) -> str:
     """
     Resolve client username from the given request or credentials if supplied.
 
@@ -146,7 +146,7 @@ def get_client_username(request, credentials: Optional[dict] = None) -> str:
     return request_data.get(settings.AXES_USERNAME_FORM_FIELD, None)
 
 
-def get_client_ip_address(request) -> str:
+def get_client_ip_address(request: HttpRequest) -> str:
     """
     Get client IP address as configured by the user.
 
@@ -165,15 +165,15 @@ def get_client_ip_address(request) -> str:
     return client_ip_address
 
 
-def get_client_user_agent(request) -> str:
+def get_client_user_agent(request: HttpRequest) -> str:
     return request.META.get("HTTP_USER_AGENT", "<unknown>")[:255]
 
 
-def get_client_path_info(request) -> str:
+def get_client_path_info(request: HttpRequest) -> str:
     return request.META.get("PATH_INFO", "<unknown>")[:255]
 
 
-def get_client_http_accept(request) -> str:
+def get_client_http_accept(request: HttpRequest) -> str:
     return request.META.get("HTTP_ACCEPT", "<unknown>")[:1025]
 
 
@@ -344,7 +344,7 @@ def get_query_str(query: Type[QueryDict], max_length: int = 1024) -> str:
     return query_str[:max_length]
 
 
-def get_failure_limit(request, credentials) -> int:
+def get_failure_limit(request: HttpRequest, credentials) -> int:
     if callable(settings.AXES_FAILURE_LIMIT):
         return settings.AXES_FAILURE_LIMIT(  # pylint: disable=not-callable
             request, credentials
@@ -362,7 +362,7 @@ def get_lockout_message() -> str:
     return settings.AXES_PERMALOCK_MESSAGE
 
 
-def get_lockout_response(request, credentials: Optional[dict] = None) -> HttpResponse:
+def get_lockout_response(request: HttpRequest, credentials: Optional[dict] = None) -> HttpResponse:
     if settings.AXES_LOCKOUT_CALLABLE:
         if callable(settings.AXES_LOCKOUT_CALLABLE):
             return settings.AXES_LOCKOUT_CALLABLE(  # pylint: disable=not-callable
@@ -432,7 +432,7 @@ def is_ip_address_in_blacklist(ip_address: str) -> bool:
     )
 
 
-def is_client_ip_address_whitelisted(request):
+def is_client_ip_address_whitelisted(request: HttpRequest):
     """
     Check if the given request refers to a whitelisted IP.
     """
@@ -450,7 +450,7 @@ def is_client_ip_address_whitelisted(request):
     return False
 
 
-def is_client_ip_address_blacklisted(request) -> bool:
+def is_client_ip_address_blacklisted(request: HttpRequest) -> bool:
     """
     Check if the given request refers to a blacklisted IP.
     """
@@ -466,7 +466,7 @@ def is_client_ip_address_blacklisted(request) -> bool:
     return False
 
 
-def is_client_method_whitelisted(request) -> bool:
+def is_client_method_whitelisted(request: HttpRequest) -> bool:
     """
     Check if the given request uses a whitelisted method.
     """
@@ -477,7 +477,7 @@ def is_client_method_whitelisted(request) -> bool:
     return False
 
 
-def is_user_attempt_whitelisted(request, credentials: Optional[dict] = None) -> bool:
+def is_user_attempt_whitelisted(request: HttpRequest, credentials: Optional[dict] = None) -> bool:
     """
     Check if the given request or credentials refer to a whitelisted username.
 

axes/middleware.py

@@ -1,6 +1,7 @@
 from typing import Callable
 
 from django.conf import settings
+from django.http import HttpRequest, HttpResponse
 
 from axes.helpers import get_lockout_response
 
@@ -29,10 +30,10 @@ class AxesMiddleware:
     - ``AXES_PERMALOCK_MESSAGE``.
     """
 
-    def __init__(self, get_response: Callable):
+    def __init__(self, get_response: Callable) -> None:
         self.get_response = get_response
 
-    def __call__(self, request):
+    def __call__(self, request: HttpRequest) -> HttpResponse:
         response = self.get_response(request)
 
         if settings.AXES_ENABLED: