Remove reduntant AccessLog.trusted flag

All attempts that are logged are marked as trusted
and no other attempts are created in the code,
so having a flag that also uses a database index
is redundant and unnecessary.

Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>

axes/admin.py

@@ -96,7 +96,6 @@ class AccessLogAdmin(admin.ModelAdmin):
         'user_agent',
         'ip_address',
         'username',
-        'trusted',
         'http_accept',
         'path_info',
         'attempt_time',

axes/handlers/database.py

@@ -155,7 +155,6 @@ class AxesDatabaseHandler(AxesBaseHandler):  # pylint: disable=too-many-locals
                 http_accept=request.axes_http_accept,
                 path_info=request.axes_path_info,
                 attempt_time=request.axes_attempt_time,
-                trusted=True,
             )
 
         if settings.AXES_RESET_ON_SUCCESS:

axes/migrations/0006_remove_accesslog_trusted.py

@@ -0,0 +1,17 @@
+# Generated by Django 2.0.4 on 2019-03-13 08:55
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('axes', '0005_remove_accessattempt_trusted'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='accesslog',
+            name='trusted',
+        ),
+    ]

axes/models.py

@@ -65,13 +65,6 @@ class AccessAttempt(AccessBase):
 
 
 class AccessLog(AccessBase):
-    # Once a user logs in from an ip, that combination is trusted and not
-    # locked out in case of a distributed attack
-    trusted = models.BooleanField(
-        default=False,
-        db_index=True,
-    )
-
     logout_time = models.DateTimeField(
         _('Logout Time'),
         null=True,