As we pass down the whole request, we no longer need to extract the axes_attempt_time anymore.
This is a potential breaking change, but the impacted functions are not part of the documented API.
Fixes#634
The Django import system seems to produce errors
in certain configurations and especially when
MIGRATION_MODULES configuration is set globally.
This is most probably caused by misbehaving or cyclic
Python module imports in the Django application
instrumentatation chain that come up when the
MIGRATION_MODULES configuration is altered.
This patch migrates to the standard Python logging system
use and has less overhead and complexity for users as well.
Having a configurable logging prefix does not produce
a lot of benefits and is less flexible than having
all individual module logging configurations accessible
through the module __name__ parameter in Axes.
For example axes.handlers.* or axes.backends.*
are separately configurable in the new scheme
whereas they would have been both bundled under
the AXES_LOGGER log configuration.
The old architecture used exceptions in the signal handler
which prevented transactions from running smoothly
and signal handlers from running after Axes handlers.
The new architecture changes the request approach to request flagging
and moves the exception handling into the middleware call method.
This allows users to more flexibly run their own signal handlers
and optionally use the Axes middleware if they want to do so.
Fixes#440Fixes#442
In order to offer backwards compatible import path for the
axes.utils.reset function it has to have a separate
implementation that can be imported independently from
the axes.helpers functions that are used by the
AxesBaseHandler implementation.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
- Define a base handler API with method signatures
- Move proxy handler to a separate path for importability
- Implement a database handler with clean external dependencies
- Change the authentication backend and decorators to use the authentication backend
This enables clean pluggable authentication backend definitions that users
can override and specialize with e.g. cached handlers in their own packages.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
Clean up internal implementations and tests while keeping the
APIs as similar as possible where feasible.
The goal of this change is to not change any documented
or stable APIs that might be in use by users, but to improve
the internal implementations for maintainability and usability.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
- Move cache and cool off utility functions to the axes.utils module
- Clean up axes.attempts duplicate code in attempt and cache calculations
- Add stable implementation for AccessAttempt attribute calculation
in the axes.attempts.get_filter_kwargs function
Fixes#398
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
Revert some of the PR changes to tests to make sure that all of the
old format function invocations work with the old and new tests.
Implement small enchancements to documentation and credentials resolving
for usability and flexibility with custom authentication backends.
Update documentation to indicate that backwards compatibility
is supported as well as the new format credentials invocations.
Signed-off-by: Aleksi Häkli <aleksi.hakli@iki.fi>
