diff --git a/.gitignore b/.gitignore index d46a068..425848c 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,8 @@ build dist .hg .DS_Store +examples/db/ +examples/logs/ +examples/media/ +examples/static/ +examples/example/local_settings.py \ No newline at end of file diff --git a/examples/README.rst b/examples/README.rst new file mode 100644 index 0000000..153002a --- /dev/null +++ b/examples/README.rst @@ -0,0 +1,31 @@ +================================ +Example project for django-axes +================================ + +Installation +================================ +1. Run the install.sh script: + + $ ./install.sh + +2. Run the server: + + $ ./manage.py runserver + +3. Try the app: + +There are two admin accounts created: + +- admin:test +- test:test + +Open the http://localhost:8000/admin/axes/accessattempt/ URL and log in using admin:admin. + +In another browser open http://localhost:8000/admin/ URL and try to log in using test:1 (wrong +password). After your 3-rd wrong login attempt, your account would be locked out. + +Testing +================================ +To test the app in an easy way do as follows: + + $ ./test.sh diff --git a/examples/example/__init__.py b/examples/example/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/examples/example/foo/__init__.py b/examples/example/foo/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/examples/example/foo/management/__init__.py b/examples/example/foo/management/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/examples/example/foo/management/commands/__init__.py b/examples/example/foo/management/commands/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/examples/example/foo/management/commands/axes_create_test_data.py b/examples/example/foo/management/commands/axes_create_test_data.py new file mode 100644 index 0000000..3c20a7f --- /dev/null +++ b/examples/example/foo/management/commands/axes_create_test_data.py @@ -0,0 +1,41 @@ +from __future__ import print_function + +from django.core.management.base import BaseCommand + +from django.contrib.auth.models import User + +def create_admin_user(username, password): + """ + Create a user for testing the admin. + + :param string username: + :param strring password: + """ + u = User() + u.username = username + u.email = '{0}@dev.mail.example.com'.format(username) + u.is_superuser = True + u.is_staff = True + u.set_password(password) + + try: + u.save() + print("Created user {0} with password {1}.".format(username, password)) + except Exception as e: + #print("Failed to create user {0} with password {1}. Reason: {2}".format(username, password, str(e))) + pass + +class Command(BaseCommand): + def handle(self, *args, **options): + """ + Creates test data. + """ + try: + create_admin_user('admin', 'test') + except Exception as e: + pass + + try: + create_admin_user('test', 'test') + except Exception as e: + pass diff --git a/examples/example/foo/models.py b/examples/example/foo/models.py new file mode 100644 index 0000000..e69de29 diff --git a/examples/example/local_settings.example b/examples/example/local_settings.example new file mode 100644 index 0000000..0264ae6 --- /dev/null +++ b/examples/example/local_settings.example @@ -0,0 +1,26 @@ +import os +PROJECT_DIR = lambda base : os.path.abspath(os.path.join(os.path.dirname(__file__), base).replace('\\','/')) + +DEBUG = True +DEBUG_TOOLBAR = not True +TEMPLATE_DEBUG = DEBUG + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.sqlite3', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. + 'NAME': PROJECT_DIR('../db/example.db'), # Or path to database file if using sqlite3. + + # The following settings are not used with sqlite3: + 'USER': '', + 'PASSWORD': '', + 'HOST': '', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP. + 'PORT': '', # Set to empty string for default. + } +} + +INTERNAL_IPS = ('127.0.0.1',) + +EMAIL_BACKEND = 'django.core.mail.backends.filebased.EmailBackend' +EMAIL_FILE_PATH = PROJECT_DIR('../tmp') + +DEFAULT_FROM_EMAIL = '' diff --git a/examples/example/manage.py b/examples/example/manage.py new file mode 100755 index 0000000..f9726f9 --- /dev/null +++ b/examples/example/manage.py @@ -0,0 +1,10 @@ +#!/usr/bin/env python +import os +import sys + +if __name__ == "__main__": + os.environ.setdefault("DJANGO_SETTINGS_MODULE", "settings") + + from django.core.management import execute_from_command_line + + execute_from_command_line(sys.argv) diff --git a/examples/example/settings.py b/examples/example/settings.py new file mode 100644 index 0000000..82875a7 --- /dev/null +++ b/examples/example/settings.py @@ -0,0 +1,242 @@ +# Django settings for example project. +import os +PROJECT_DIR = lambda base : os.path.abspath(os.path.join(os.path.dirname(__file__), base).replace('\\','/')) +gettext = lambda s: s + +DEBUG = False +DEBUG_TOOLBAR = False +TEMPLATE_DEBUG = DEBUG + +ADMINS = ( + # ('Your Name', 'your_email@example.com'), +) + +MANAGERS = ADMINS + +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.sqlite3', # Add 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'. + 'NAME': PROJECT_DIR('../db/example.db'), # Or path to database file if using sqlite3. + # The following settings are not used with sqlite3: + 'USER': '', + 'PASSWORD': '', + 'HOST': '', # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP. + 'PORT': '', # Set to empty string for default. + } +} + +# Hosts/domain names that are valid for this site; required if DEBUG is False +# See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts +ALLOWED_HOSTS = [] + +# Local time zone for this installation. Choices can be found here: +# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name +# although not all choices may be available on all operating systems. +# In a Windows environment this must be set to your system time zone. +TIME_ZONE = 'America/Chicago' + +# Language code for this installation. All choices can be found here: +# http://www.i18nguy.com/unicode/language-identifiers.html +#LANGUAGE_CODE = 'en-us' + +SITE_ID = 1 + +# If you set this to False, Django will make some optimizations so as not +# to load the internationalization machinery. +USE_I18N = True + +# If you set this to False, Django will not format dates, numbers and +# calendars according to the current locale. +USE_L10N = True + +# If you set this to False, Django will not use timezone-aware datetimes. +USE_TZ = True + +# Absolute filesystem path to the directory that will hold user-uploaded files. +# Example: "/var/www/example.com/media/" +MEDIA_ROOT = PROJECT_DIR(os.path.join('..', 'media')) + +# URL that handles the media served from MEDIA_ROOT. Make sure to use a +# trailing slash. +# Examples: "http://example.com/media/", "http://media.example.com/" +MEDIA_URL = '/media/' + +# Absolute path to the directory static files should be collected to. +# Don't put anything in this directory yourself; store your static files +# in apps' "static/" subdirectories and in STATICFILES_DIRS. +# Example: "/var/www/example.com/static/" +STATIC_ROOT = PROJECT_DIR(os.path.join('..', 'static')) + +# URL prefix for static files. +# Example: "http://example.com/static/", "http://static.example.com/" +STATIC_URL = '/static/' + +# Additional locations of static files +STATICFILES_DIRS = ( + # Put strings here, like "/home/html/static" or "C:/www/django/static". + # Always use forward slashes, even on Windows. + # Don't forget to use absolute paths, not relative paths. + PROJECT_DIR(os.path.join('..', 'media', 'static')), +) + +# List of finder classes that know how to find static files in +# various locations. +STATICFILES_FINDERS = ( + 'django.contrib.staticfiles.finders.FileSystemFinder', + 'django.contrib.staticfiles.finders.AppDirectoriesFinder', +# 'django.contrib.staticfiles.finders.DefaultStorageFinder', +) + +# Make this unique, and don't share it with anybody. +SECRET_KEY = '6sf18c*w971i8a-m^1coasrmur2k6+q5_kyn*)s@(*_dk5q3&r' + +# List of callables that know how to import templates from various sources. +TEMPLATE_LOADERS = ( + 'django.template.loaders.filesystem.Loader', + 'django.template.loaders.app_directories.Loader', + 'django.template.loaders.eggs.Loader', +) + +MIDDLEWARE_CLASSES = ( + 'django.contrib.sessions.middleware.SessionMiddleware', + 'django.middleware.common.CommonMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', + 'django.contrib.auth.middleware.AuthenticationMiddleware', + 'django.contrib.messages.middleware.MessageMiddleware', + # Uncomment the next line for simple clickjacking protection: + # 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'axes.middleware.FailedLoginMiddleware' +) + +ROOT_URLCONF = 'urls' + +# Python dotted path to the WSGI application used by Django's runserver. +WSGI_APPLICATION = 'wsgi.application' + +TEMPLATE_CONTEXT_PROCESSORS = ( + "django.contrib.auth.context_processors.auth", + "django.core.context_processors.debug", + "django.core.context_processors.i18n", + "django.core.context_processors.media", + "django.core.context_processors.static", + "django.core.context_processors.tz", + "django.contrib.messages.context_processors.messages", + "django.core.context_processors.request" +) + +TEMPLATE_DIRS = ( + # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates". + # Always use forward slashes, even on Windows. + # Don't forget to use absolute paths, not relative paths. + PROJECT_DIR('templates') +) + +INSTALLED_APPS = ( + # Django core and contrib apps + 'django.contrib.auth', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.sites', + 'django.contrib.messages', + 'django.contrib.staticfiles', + 'django.contrib.admin', + 'django.contrib.sitemaps', + + 'axes', + + # Test app + 'foo', +) + +LOGIN_REDIRECT_URL = '/admin' + +# ******************** django-axes settings ********************* +# Max number of login attemts within the ``AXES_COOLOFF_TIME`` +AXES_LOGIN_FAILURE_LIMIT = 3 + +from datetime import timedelta +AXES_COOLOFF_TIME=timedelta(seconds = 200) +# ******************** /django-axes settings ********************* + +# A sample logging configuration. The only tangible logging +# performed by this configuration is to send an email to +# the site admins on every HTTP 500 error when DEBUG=False. +# See http://docs.djangoproject.com/en/dev/topics/logging for +# more details on how to customize your logging configuration. +LOGGING = { + 'version': 1, + 'disable_existing_loggers': False, + 'filters': { + 'require_debug_false': { + '()': 'django.utils.log.RequireDebugFalse' + } + }, + 'formatters': { + 'verbose': { + 'format': '%(levelname)s %(asctime)s [%(pathname)s:%(lineno)s] %(message)s' + }, + 'simple': { + 'format': '%(levelname)s %(message)s' + }, + }, + 'handlers': { + 'mail_admins': { + 'level': 'ERROR', + 'filters': ['require_debug_false'], + 'class': 'django.utils.log.AdminEmailHandler' + }, + 'console': { + 'level': 'DEBUG', + 'class': 'logging.StreamHandler', + 'formatter': 'verbose' + }, + 'django_log': { + 'level':'DEBUG', + 'class':'logging.handlers.RotatingFileHandler', + 'filename': PROJECT_DIR("../logs/django.log"), + 'maxBytes': 1048576, + 'backupCount': 99, + 'formatter': 'verbose', + }, + 'axes_log': { + 'level':'DEBUG', + 'class':'logging.handlers.RotatingFileHandler', + 'filename': PROJECT_DIR("../logs/axes.log"), + 'maxBytes': 1048576, + 'backupCount': 99, + 'formatter': 'verbose', + }, + }, + 'loggers': { + 'django': { + 'handlers': ['django_log'], + 'level': 'ERROR', + 'propagate': True, + }, + 'axes': { + 'handlers': ['console', 'axes_log'], + 'level': 'DEBUG', + 'propagate': True, + }, + }, +} + +# Do not put any settings below this line +try: + from local_settings import * +except: + pass + +if DEBUG and DEBUG_TOOLBAR: + # debug_toolbar + MIDDLEWARE_CLASSES += ( + 'debug_toolbar.middleware.DebugToolbarMiddleware', + ) + + INSTALLED_APPS += ( + 'debug_toolbar', + ) + + DEBUG_TOOLBAR_CONFIG = { + 'INTERCEPT_REDIRECTS': False, + } diff --git a/examples/example/urls.py b/examples/example/urls.py new file mode 100644 index 0000000..d078699 --- /dev/null +++ b/examples/example/urls.py @@ -0,0 +1,17 @@ +from django.conf.urls import patterns, include, url + +from django.conf import settings +from django.contrib import admin +from django.contrib.staticfiles.urls import staticfiles_urlpatterns +from django.conf.urls.static import static + +admin.autodiscover() + +urlpatterns = patterns('', + # Uncomment the next line to enable the admin: + url(r'^admin/', include(admin.site.urls)), +) + +if settings.DEBUG: + urlpatterns += staticfiles_urlpatterns() + urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) diff --git a/examples/example/wsgi.py b/examples/example/wsgi.py new file mode 100644 index 0000000..9f3e21b --- /dev/null +++ b/examples/example/wsgi.py @@ -0,0 +1,32 @@ +""" +WSGI config for example project. + +This module contains the WSGI application used by Django's development server +and any production WSGI deployments. It should expose a module-level variable +named ``application``. Django's ``runserver`` and ``runfcgi`` commands discover +this application via the ``WSGI_APPLICATION`` setting. + +Usually you will have the standard Django WSGI application here, but it also +might make sense to replace the whole Django WSGI application with a custom one +that later delegates to the Django one. For example, you could introduce WSGI +middleware here, or combine a Django application with an application of another +framework. + +""" +import os + +# We defer to a DJANGO_SETTINGS_MODULE already in the environment. This breaks +# if running multiple sites in the same mod_wsgi process. To fix this, use +# mod_wsgi daemon mode with each site in its own daemon process, or use +# os.environ["DJANGO_SETTINGS_MODULE"] = "example.settings" +os.environ.setdefault("DJANGO_SETTINGS_MODULE", "example.settings") + +# This application object is used by any WSGI server configured to use this +# file. This includes Django's development server, if the WSGI_APPLICATION +# setting points here. +from django.core.wsgi import get_wsgi_application +application = get_wsgi_application() + +# Apply WSGI middleware here. +# from helloworld.wsgi import HelloWorldApplication +# application = HelloWorldApplication(application) diff --git a/examples/install.sh b/examples/install.sh new file mode 100755 index 0000000..5c46786 --- /dev/null +++ b/examples/install.sh @@ -0,0 +1,7 @@ +pip install django==1.5.5 +pip install django-axes +mkdir -p logs db media media/static +cp example/local_settings.example example/local_settings.py +python example/manage.py collectstatic --noinput +python example/manage.py syncdb --noinput +python example/manage.py axes_create_test_data diff --git a/examples/reinstall.sh b/examples/reinstall.sh new file mode 100755 index 0000000..bc765b3 --- /dev/null +++ b/examples/reinstall.sh @@ -0,0 +1,3 @@ +reset +./uninstall.sh +./install.sh \ No newline at end of file diff --git a/examples/test.sh b/examples/test.sh new file mode 100755 index 0000000..c3c9433 --- /dev/null +++ b/examples/test.sh @@ -0,0 +1,4 @@ +reset +./uninstall.sh +./install.sh +python example/manage.py test axes --traceback \ No newline at end of file diff --git a/examples/uninstall.sh b/examples/uninstall.sh new file mode 100755 index 0000000..fdcb6d4 --- /dev/null +++ b/examples/uninstall.sh @@ -0,0 +1,5 @@ +pip uninstall django-axes -y +rm build -rf +rm dist -rf +rm django_axes.egg-info -rf +rm django-axes.egg-info -rf \ No newline at end of file diff --git a/setup.py b/setup.py index 88b9aac..85ddaf5 100644 --- a/setup.py +++ b/setup.py @@ -1,14 +1,20 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- +import os from setuptools import setup, find_packages +try: + readme = open(os.path.join(os.path.dirname(__file__), 'README.rst')).read() + '\n' + \ + open(os.path.join(os.path.dirname(__file__), 'CHANGES.rst')).read() +except: + readme = '' + setup( name='django-axes', version='1.3.6', description="Keep track of failed login attempts in Django-powered sites.", - long_description=(open('README.rst', 'r').read() + '\n' + - open('CHANGES.txt', 'r').read()), + long_description=readme, keywords='django, security, authentication', author='Josh VanderLinden, Philip Neustrom, Michael Blume', author_email='codekoala@gmail.com',