From dbc7f54ac555814da8dada5dc8ac01de00e1c933 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aleksi=20H=C3=A4kli?= Date: Sun, 29 Dec 2019 16:53:41 +0200 Subject: [PATCH] Update whitelisting documentation. --- axes/attempts.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/axes/attempts.py b/axes/attempts.py index fe5b3a4..2f331a0 100644 --- a/axes/attempts.py +++ b/axes/attempts.py @@ -100,7 +100,11 @@ def is_user_attempt_whitelisted(request, credentials: dict = None) -> bool: A whitelisted user has the magic ``nolockout`` property set. If the property is unknown or False or the user can not be found, - this implementation fails gracefully and returns True. + this implementation fails gracefully and returns False. + + This is a legacy method forom an older release + that should be converted to a configurable callable + for determining whitelisting criteria per developer specification. """ username_field = getattr(get_user_model(), "USERNAME_FIELD", "username")