Hopiu/django-axes
1
0
Fork 0
mirror of https://github.com/jazzband/django-axes.git synced 2026-05-16 03:23:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update django request in the AxesMiddleware if drf is used

Browse source
This commit is contained in:
Anatoly 2020-10-07 15:45:29 +02:00 committed by Aleksi Häkli
parent 1c40eae305
commit ae49f3bdae
1 changed files with 25 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
axes/middleware.py
View file

@ -1,6 +1,15 @@
from typing import Callable
from axes.helpers import get_lockout_response
from django.conf import settings
from axes.helpers import (
get_lockout_response,
get_failure_limit,
get_client_username,
get_credentials,
)
from axes.handlers.proxy import AxesProxyHandler
class AxesMiddleware:
@ -29,6 +38,21 @@ class AxesMiddleware:
def __call__(self, request):
response = self.get_response(request)
if "rest_framework" in settings.INSTALLED_APPS:
AxesProxyHandler.update_request(request)
username = get_client_username(request)
credentials = get_credentials(username)
failures_since_start = AxesProxyHandler.get_failures(
request, credentials
)
if (
settings.AXES_LOCK_OUT_AT_FAILURE
and failures_since_start
>= get_failure_limit(request, credentials)
):
request.axes_locked_out = True
if getattr(request, "axes_locked_out", None):
response = get_lockout_response(request) # type: ignore