From c34a2daa1b2ee84835cc10b9209b0ade0827740e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aleksi=20Ha=CC=88kli?= Date: Wed, 1 May 2019 15:18:36 +0300 Subject: [PATCH] Improve check structure and types Django core uses warnings and mostly no objects in checks Adopting the same style for check readability purposes --- axes/checks.py | 54 ++++++++++++++++++--------------------- axes/tests/test_checks.py | 12 +++------ 2 files changed, 29 insertions(+), 37 deletions(-) diff --git a/axes/checks.py b/axes/checks.py index ffb845f..75b3741 100644 --- a/axes/checks.py +++ b/axes/checks.py @@ -1,37 +1,36 @@ -from django.core.checks import Error, Tags, register +from django.core.checks import Tags, Warning, register # pylint: disable=redefined-builtin from axes.conf import settings class Messages: - CACHE_INVALID = 'invalid cache configuration for settings.AXES_CACHE' - MIDDLEWARE_INVALID = 'axes.middleware.AxesMiddleware not in settings.MIDDLEWARE' - BACKEND_INVALID = 'axes.backends.AxesBackend not in settings.AUTHENTICATION_BACKENDS' + CACHE_INVALID = ( + "You are using the django-axes cache handler for login attempt tracking." + " Your cache configuration is however invalid and will not work correctly with django-axes." + " This can leave security holes in your login systems as attempts are not tracked correctly." + " Reconfigure settings.AXES_CACHE and settings.CACHES per django-axes configuration documentation." + ) + MIDDLEWARE_INVALID = ( + "You do not have 'axes.middleware.AxesMiddleware' in your settings.MIDDLEWARE." + ) + BACKEND_INVALID = ( + "You do not have 'axes.backends.AxesBackend' in your settings.AUTHENTICATION_BACKENDS." + ) class Hints: - CACHE_INVALID = ( - 'django-axes does not work properly with LocMemCache as the cache backend.' - ' Please check the django-axes documentation and reconfigure settings.AXES_CACHE.' - ) - MIDDLEWARE_INVALID = ( - 'django-axes does not work properly without axes.middleware.AxesMiddleware in settings.MIDDLEWARE.' - ' Please check the django-axes documentation and reconfigure settings.MIDDLEWARE.' - ) - BACKEND_INVALID = ( - 'django-axes does not work properly without axes.backends.AxesBackend in settings.AUTHENTICATION_BACKENDS.' - ' Please check the django-axes documentation and reconfigure settings.AUTHENTICATION_BACKENDS.' - ' Please note that the backend name was changed from AxesModelBackend to AxesBackend in django-axes version 5.' - ) + CACHE_INVALID = None + MIDDLEWARE_INVALID = None + BACKEND_INVALID = 'AxesModelBackend was renamed to AxesBackend in django-axes version 5.0.' class Codes: - CACHE_INVALID = 'axes.E001' - MIDDLEWARE_INVALID = 'axes.E002' - BACKEND_INVALID = 'axes.E003' + CACHE_INVALID = 'axes.W001' + MIDDLEWARE_INVALID = 'axes.W002' + BACKEND_INVALID = 'axes.W003' -@register(Tags.compatibility, Tags.caches) +@register(Tags.security, Tags.caches, Tags.compatibility) def axes_cache_check(app_configs, **kwargs): # pylint: disable=unused-argument axes_handler = getattr(settings, 'AXES_HANDLER', '') @@ -49,40 +48,37 @@ def axes_cache_check(app_configs, **kwargs): # pylint: disable=unused-argument if axes_handler == 'axes.handlers.cache.AxesCacheHandler': if axes_cache_backend in axes_cache_backend_incompatible: - errors.append(Error( + errors.append(Warning( msg=Messages.CACHE_INVALID, hint=Hints.CACHE_INVALID, - obj=settings.CACHES, id=Codes.CACHE_INVALID, )) return errors -@register(Tags.compatibility) +@register(Tags.security, Tags.compatibility) def axes_middleware_check(app_configs, **kwargs): # pylint: disable=unused-argument errors = [] if 'axes.middleware.AxesMiddleware' not in settings.MIDDLEWARE: - errors.append(Error( + errors.append(Warning( msg=Messages.MIDDLEWARE_INVALID, hint=Hints.MIDDLEWARE_INVALID, - obj=settings.MIDDLEWARE, id=Codes.MIDDLEWARE_INVALID, )) return errors -@register(Tags.compatibility) +@register(Tags.security, Tags.compatibility) def axes_backend_check(app_configs, **kwargs): # pylint: disable=unused-argument errors = [] if 'axes.backends.AxesBackend' not in settings.AUTHENTICATION_BACKENDS: - errors.append(Error( + errors.append(Warning( msg=Messages.BACKEND_INVALID, hint=Hints.BACKEND_INVALID, - obj=settings.AUTHENTICATION_BACKENDS, id=Codes.BACKEND_INVALID, )) diff --git a/axes/tests/test_checks.py b/axes/tests/test_checks.py index 2ca0724..433e7f1 100644 --- a/axes/tests/test_checks.py +++ b/axes/tests/test_checks.py @@ -1,8 +1,7 @@ -from django.core.checks import run_checks, Error +from django.core.checks import run_checks, Warning # pylint: disable=redefined-builtin from django.test import override_settings, modify_settings from axes.checks import Messages, Hints, Codes -from axes.conf import settings from axes.tests.base import AxesTestCase @@ -21,10 +20,9 @@ class CacheCheckTestCase(AxesTestCase): ) def test_cache_check_errors(self): errors = run_checks() - error = Error( + error = Warning( msg=Messages.CACHE_INVALID, hint=Hints.CACHE_INVALID, - obj=settings.CACHES, id=Codes.CACHE_INVALID, ) @@ -47,10 +45,9 @@ class MiddlewareCheckTestCase(AxesTestCase): ) def test_cache_check_errors(self): errors = run_checks() - error = Error( + error = Warning( msg=Messages.MIDDLEWARE_INVALID, hint=Hints.MIDDLEWARE_INVALID, - obj=settings.MIDDLEWARE, id=Codes.MIDDLEWARE_INVALID, ) @@ -65,10 +62,9 @@ class BackendCheckTestCase(AxesTestCase): ) def test_cache_check_errors(self): errors = run_checks() - error = Error( + error = Warning( msg=Messages.BACKEND_INVALID, hint=Hints.BACKEND_INVALID, - obj=settings.AUTHENTICATION_BACKENDS, id=Codes.BACKEND_INVALID, )