From 5e204be6c010a3960f86b643aba2ccf5ea709162 Mon Sep 17 00:00:00 2001 From: Ronny Vedrilla Date: Mon, 30 May 2022 15:10:17 +0200 Subject: [PATCH] #897: Settings variables as table instead of list in the docs --- docs/4_configuration.rst | 184 ++++++++++++++------------------------- 1 file changed, 67 insertions(+), 117 deletions(-) diff --git a/docs/4_configuration.rst b/docs/4_configuration.rst index 185837c..ecbd31d 100644 --- a/docs/4_configuration.rst +++ b/docs/4_configuration.rst @@ -14,123 +14,73 @@ Configuring project settings The following ``settings.py`` options are available for customizing Axes behaviour. -* ``AXES_ENABLED``: Enable or disable Axes plugin functionality, - for example in test runner setup. Default: ``True`` -* ``AXES_FAILURE_LIMIT``: The integer number of login attempts allowed before a - record is created for the failed logins. This can also be a callable - or a dotted path to callable that returns an integer and all of the following are valid: - ``AXES_FAILURE_LIMIT = 42``, - ``AXES_FAILURE_LIMIT = lambda *args: 42``, and - ``AXES_FAILURE_LIMIT = 'project.app.get_login_failure_limit'``. - Default: ``3`` -* ``AXES_LOCK_OUT_AT_FAILURE``: After the number of allowed login attempts - are exceeded, should we lock out this IP (and optional user agent)? - Default: ``True`` -* ``AXES_COOLOFF_TIME``: If set, defines a period of inactivity after which - old failed login attempts will be cleared. - Can be set to a Python timedelta object, an integer, a float, a callable, - or a string path to a callable which takes no arguments. - If an integer or float, will be interpreted as a number of hours: - ``AXES_COOLOFF_TIME = 2`` 2 hours - ``AXES_COOLOFF_TIME = 2.0`` 2 hours, 120 minutes - ``AXES_COOLOFF_TIME = 1.7`` 1.7 hours, 102 minutes, 6120 seconds - Default: ``None`` -* ``AXES_ONLY_ADMIN_SITE``: If ``True``, lock is only enabled for admin site. - Admin site is determined by checking request path against the path of ``"admin:index"`` view. - If admin urls are not registered in current urlconf, all requests will not be locked. - Default: ``False`` -* ``AXES_ONLY_USER_FAILURES`` : If ``True``, only lock based on username, - and never lock based on IP if attempts exceed the limit. - Otherwise utilize the existing IP and user locking logic. - Default: ``False`` -* ``AXES_ENABLE_ADMIN``: If ``True``, admin views for access attempts and - logins are shown in Django admin interface. - Default: ``True`` -* ``AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP``: If ``True``, prevent login - from IP under a particular username if the attempt limit has been exceeded, - otherwise lock out based on IP. - Default: ``False`` -* ``AXES_LOCK_OUT_BY_USER_OR_IP``: If ``True``, prevent login - from if the attempt limit has been exceeded for IP or username. - Default: ``False`` -* ``AXES_USE_USER_AGENT``: If ``True``, lock out and log based on the IP address - and the user agent. This means requests from different user agents but from - the same IP are treated differently. This settings has no effect if the - ``AXES_ONLY_USER_FAILURES`` setting is active. - Default: ``False`` -* ``AXES_HANDLER``: The path to the handler class to use. - If set, overrides the default signal handler backend. - Default: ``'axes.handlers.database.AxesDatabaseHandler'`` -* ``AXES_CACHE``: The name of the cache for Axes to use. - Default: ``'default'`` -* ``AXES_LOCKOUT_TEMPLATE``: If set, specifies a template to render when a - user is locked out. Template receives ``cooloff_timedelta``, ``cooloff_time``, ``username`` and ``failure_limit`` as - context variables. - Default: ``None`` -* ``AXES_LOCKOUT_URL``: If set, specifies a URL to redirect to on lockout. If both - ``AXES_LOCKOUT_TEMPLATE`` and ``AXES_LOCKOUT_URL`` are set, the template will be used. - Default: ``None`` -* ``AXES_VERBOSE``: If ``True``, you'll see slightly more logging for Axes. - Default: ``True`` -* ``AXES_USERNAME_FORM_FIELD``: the name of the form field that contains your users usernames. - Default: ``username`` -* ``AXES_USERNAME_CALLABLE``: A callable or a string path to callable that takes - two arguments for user lookups: ``def get_username(request: HttpRequest, credentials: dict) -> str: ...``. - This can be any callable such as ``AXES_USERNAME_CALLABLE = lambda request, credentials: 'username'`` - or a full Python module path to callable such as ``AXES_USERNAME_CALLABLE = 'example.get_username``. - The ``request`` is a HttpRequest like object and the ``credentials`` is a dictionary like object. - ``credentials`` are the ones that were passed to Django ``authenticate()`` in the login flow. - If no function is supplied, Axes fetches the username from the ``credentials`` or ``request.POST`` - dictionaries based on ``AXES_USERNAME_FORM_FIELD``. -* ``AXES_WHITELIST_CALLABLE``: A callable or a string path to callable that takes - two arguments for whitelisting determination and returns True, - if user should be whitelisted: - ``def is_whitelisted(request: HttpRequest, credentials: dict) -> bool: ...``. - This can be any callable similarly to ``AXES_USERNAME_CALLABLE``. - Default: ``None`` -* ``AXES_LOCKOUT_CALLABLE``: A callable or a string path to callable that takes - two arguments returns a response. For example: - ``def generate_lockout_response(request: HttpRequest, credentials: dict) -> HttpResponse: ...``. - This can be any callable similarly to ``AXES_USERNAME_CALLABLE``. - If not callable is defined, then the default implementation in ``axes.helpers.get_lockout_response`` - is used for determining the correct lockout response that is sent to the requesting client. - Default: ``None`` -* ``AXES_PASSWORD_FORM_FIELD``: the name of the form or credentials field that contains your users password. - Default: ``password`` -* ``AXES_SENSITIVE_PARAMETERS``: Configures POST and GET parameter values (in addition to the value of - ``AXES_PASSWORD_FORM_FIELD``) to mask in login attempt logging. - Default: ``[]`` -* ``AXES_NEVER_LOCKOUT_GET``: If ``True``, Axes will never lock out HTTP GET requests. - Default: ``False`` -* ``AXES_NEVER_LOCKOUT_WHITELIST``: If ``True``, users can always login from whitelisted IP addresses. - Default: ``False`` -* ``AXES_IP_BLACKLIST``: An iterable of IPs to be blacklisted. - Takes precedence over whitelists. For example: ``AXES_IP_BLACKLIST = ['0.0.0.0']``. - Default: ``None`` -* ``AXES_IP_WHITELIST``: An iterable of IPs to be whitelisted. - For example: ``AXES_IP_WHITELIST = ['0.0.0.0']``. - Default: ``None`` -* ``AXES_DISABLE_ACCESS_LOG``: If ``True``, disable writing login and logout access logs to database, - so the admin interface will not have user login trail for successful user authentication. - Default: ``False`` -* ``AXES_ENABLE_ACCESS_FAILURE_LOG``: If ``True``, enable writing - login failure logs to database, so you will have every user login - trail for unsuccessful user authentication. Default: ``False`` -* ``AXES_ACCESS_FAILURE_LOG_PER_USER_LIMIT``: Sets the number of - failures to trail for each user. When the access failure log reach - this number of records, an automatic removal is ran. Default: - ``1000`` -* ``AXES_RESET_ON_SUCCESS``: If ``True``, a successful login will reset the number of failed logins. - Default: ``False`` -* ``AXES_ALLOWED_CORS_ORIGINS``: Configures lockout response CORS headers for XHR requests. - Default: ``*`` -* ``AXES_HTTP_RESPONSE_CODE``: Sets the http response code returned when ``AXES_FAILURE_LIMIT`` is - reached. - For example: ``AXES_HTTP_RESPONSE_CODE = 429`` - Default: ``403`` -* ``AXES_RESET_COOL_OFF_ON_FAILURE_DURING_LOCKOUT``: If ``True``, a failed login attempt during lockout will - reset the cool off period. - Default: ``True`` ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Variable | Default | Explanation | ++======================================================+==============================================+===========================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================+ +| AXES_ENABLED | True | Enable or disable Axes plugin functionality, for example in test runner setup | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_FAILURE_LIMIT | 3 | The integer number of login attempts allowed before a record is created for the failed logins. This can also be a callable or a dotted path to callable that returns an integer and all of the following are valid: ``AXES_FAILURE_LIMIT = 42``, ``AXES_FAILURE_LIMIT = lambda *args: 42``, and ``AXES_FAILURE_LIMIT = 'project.app.get_login_failure_limit'``. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_LOCK_OUT_AT_FAILURE | True | After the number of allowed login attempts are exceeded, should we lock out this IP (and optional user agent)? | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_COOLOFF_TIME | None | If set, defines a period of inactivity after which old failed login attempts will be cleared. Can be set to a Python timedelta object, an integer, a float, a callable, or a string path to a callable which takes no arguments. If an integer or float, will be interpreted as a number of hours: ``AXES_COOLOFF_TIME = 2`` 2 hours, ``AXES_COOLOFF_TIME = 2.0`` 2 hours, 120 minutes, ``AXES_COOLOFF_TIME = 1.7`` 1.7 hours, 102 minutes, 6120 seconds | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_ONLY_ADMIN_SITE | False | If ``True``, lock is only enabled for admin site. Admin site is determined by checking request path against the path of ``"admin:index"`` view. If admin urls are not registered in current urlconf, all requests will not be locked. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_ONLY_USER_FAILURES | False | If ``True``, only lock based on username, and never lock based on IP if attempts exceed the limit. Otherwise utilize the existing IP and user locking logic. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_ENABLE_ADMIN | True | If ``True``, admin views for access attempts and logins are shown in Django admin interface. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP | False | If ``True``, prevent login from IP under a particular username if the attempt limit has been exceeded, otherwise lock out based on IP. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_LOCK_OUT_BY_USER_OR_IP | False | If ``True``, prevent login from if the attempt limit has been exceeded for IP or username. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_USE_USER_AGENT | False | If ``True``, lock out and log based on the IP address and the user agent. This means requests from different user agents but from the same IP are treated differently. This settings has no effect if the ``AXES_ONLY_USER_FAILURES`` setting is active. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_HANDLER | 'axes.handlers.database.AxesDatabaseHandler' | The path to the handler class to use. If set, overrides the default signal handler backend. Default: ``'axes.handlers.database.AxesDatabaseHandler'`` | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_CACHE | 'default' | The name of the cache for Axes to use. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_LOCKOUT_TEMPLATE | None | If set, specifies a template to render when a user is locked out. Template receives ``cooloff_timedelta``, ``cooloff_time``, ``username`` and ``failure_limit`` as context variables. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_LOCKOUT_URL | None | If set, specifies a URL to redirect to on lockout. If both ``AXES_LOCKOUT_TEMPLATE`` and ``AXES_LOCKOUT_URL`` are set, the template will be used. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_VERBOSE | True | If ``True``, you'll see slightly more logging for Axes. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_USERNAME_FORM_FIELD | 'username' | The name of the form field that contains your users usernames. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_USERNAME_CALLABLE | None | A callable or a string path to callable that takes two arguments for user lookups: ``def get_username(request: HttpRequest, credentials: dict) -> str: ...``. This can be any callable such as ``AXES_USERNAME_CALLABLE = lambda request, credentials: 'username'`` or a full Python module path to callable such as ``AXES_USERNAME_CALLABLE = 'example.get_username``. The ``request`` is a HttpRequest like object and the ``credentials`` is a dictionary like object. ``credentials`` are the ones that were passed to Django ``authenticate()`` in the login flow. If no function is supplied, Axes fetches the username from the ``credentials`` or ``request.POST`` dictionaries based on ``AXES_USERNAME_FORM_FIELD``. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_WHITELIST_CALLABLE | None | A callable or a string path to callable that takes two arguments for whitelisting determination and returns True, if user should be whitelisted: ``def is_whitelisted(request: HttpRequest, credentials: dict) -> bool: ...``. This can be any callable similarly to ``AXES_USERNAME_CALLABLE``. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_LOCKOUT_CALLABLE | None | A callable or a string path to callable that takes two arguments returns a response. For example: ``def generate_lockout_response(request: HttpRequest, credentials: dict) -> HttpResponse: ...``. This can be any callable similarly to ``AXES_USERNAME_CALLABLE``. If not callable is defined, then the default implementation in ``axes.helpers.get_lockout_response`` is used for determining the correct lockout response that is sent to the requesting client. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_PASSWORD_FORM_FIELD | 'password' | The name of the form or credentials field that contains your users password. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_SENSITIVE_PARAMETERS | [] | Configures POST and GET parameter values (in addition to the value of ``AXES_PASSWORD_FORM_FIELD``) to mask in login attempt logging. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_NEVER_LOCKOUT_GET | False | If ``True``, Axes will never lock out HTTP GET requests. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_NEVER_LOCKOUT_WHITELIST | False | If ``True``, users can always login from whitelisted IP addresses. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_IP_BLACKLIST | None | An iterable of IPs to be blacklisted. Takes precedence over whitelists. For example: ``AXES_IP_BLACKLIST = ['0.0.0.0']``. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_IP_WHITELIST | None | An iterable of IPs to be whitelisted. For example: ``AXES_IP_WHITELIST = ['0.0.0.0']``. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_DISABLE_ACCESS_LOG | False | If ``True``, disable writing login and logout access logs to database, so the admin interface will not have user login trail for successful user authentication. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_ENABLE_ACCESS_FAILURE_LOG | False | If ``True``, enable writing login failure logs to database, so you will have every user login trail for unsuccessful user authentication. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_ACCESS_FAILURE_LOG_PER_USER_LIMIT | 1000 | Sets the number of failures to trail for each user. When the access failure log reach this number of records, an automatic removal is ran. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_RESET_ON_SUCCESS | False | If ``True``, a successful login will reset the number of failed logins. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_ALLOWED_CORS_ORIGINS | * | Configures lockout response CORS headers for XHR requests. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_HTTP_RESPONSE_CODE | 403 | Sets the http response code returned when ``AXES_FAILURE_LIMIT`` is reached. For example: ``AXES_HTTP_RESPONSE_CODE = 429`` | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| AXES_RESET_COOL_OFF_ON_FAILURE_DURING_LOCKOUT | True | If ``True``, a failed login attempt during lockout will reset the cool off period. | ++------------------------------------------------------+----------------------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ The configuration option precedences for the access attempt monitoring are: