Hopiu/django-axes
1
0
Fork 0
mirror of https://github.com/jazzband/django-axes.git synced 2026-03-16 22:30:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1911 commits 2 branches 163 tags 4.6 MiB
Commit graph

103 commits

Author SHA1 Message Date
Aleksi Häkli
bdd0c9546a Fix prospector errors 2026-02-11 22:14:31 +02:00
Aleksi Häkli
4b77eb69ee Run black autoformatting 2026-02-11 22:14:31 +02:00
kuldeepkhatke
392dfa0e44 Reverted , remove change from AxesDatabaseHandler.user_login_failed 2025-07-05 16:19:19 +03:00
kuldeepkhatke
ba7b72f9d9 Updated expires_at for null, blank False, lte query update, admin expiration logic simplify 2025-07-05 16:19:19 +03:00
kuldeepkhatke
01ccf5b213 Updated get_individual_attempt_expiry() func placement & renamed to get_attempt_expiration() 2025-07-05 16:19:19 +03:00
kuldeepkhatke
d8e6c939fe Modified expiration create queryset logic 2025-07-05 16:19:19 +03:00
kuldeepkhatke
df8fb35e18 Shifted epired_at filed to new model 2025-07-05 16:19:19 +03:00
kuldeepkhatke
a1e9eff875 Renamed AXES_INDIVIDUAL_ATTEMPT_EXPIRY flag to AXES_USE_ATTEMPT_EXPIRATION 2025-07-05 16:19:19 +03:00
kuldeepkhatke
0fd9ccd1d4 Added individual attempt expiry feature 2025-07-05 16:19:19 +03:00
nefrob
bd3b56237d refactor: move db accessing attempt fns to handler methods 2025-05-10 13:46:09 +03:00
nefrob
8356498a44 chore: clean attempt logic as db handler method 2025-04-29 10:10:25 +03:00
Aleksi Häkli
5e7fbca52c fix: resolve credentials for clean_expired_user_attempts 2025-04-23 17:02:37 +03:00
parul-aro
0115648a1d feat(cleanup): allow credentials in cleanup method 2025-04-23 11:54:17 +03:00
Bruno Alla
8ed0d82384 refactor: remove attempt_time parameter 
As we pass down the whole request, we no longer need to extract the axes_attempt_time anymore.

This is a potential breaking change, but the impacted functions are not part of the documented API.
 2024-10-02 20:15:31 +03:00
Bruno Alla
a304380853 feat: pass down the request in a few more places 2024-10-02 20:15:31 +03:00
Bruno Alla
510c8d18f5 feat: pass the request to get dynamic cool off period 2024-10-02 20:15:31 +03:00
Bruno Alla
2fb4c81243 feat: pass username to AXES_COOLOFF_TIME callback 
If the AXES_COOLOFF_TIME is a callable or path to a callable taking
an argument, pass the username to it.

This should enable users to customize the cool off to be user dependant,
and possibly implement a growing cool-off time:

- First lockout cools off after 5 mins
- Second one after 10 mins
- etc...
 2024-10-02 20:15:31 +03:00
Davide
014483c65d
Add session hash to access log 2024-04-30 16:22:50 +02:00
Maksim Zayakin
4861f3c988 fix: fix TransactionManagementError 2023-09-01 10:50:57 +03:00
Maksim Zayakin
117db49091 feat: add is_admin_request, deprecate is_admin_site 2023-05-14 23:01:58 +03:00
Maksim Zayakin
73c4e4501b chore: adjust types: use list instead of iterables and nested lists instead of tuples 2023-05-13 14:04:14 +03:00
Maksim Zayakin
476d3f52bc chore: use get_lockout_parameters in handlers 2023-05-13 14:04:14 +03:00
Aleksi Häkli
c3cfb5150a Refactor cache backend to use cache.incr method for request tracking 
The old cache.set method has problems with correctness as well as
performance on higher traffic sites where there are
multiple parallel web servers running at the same time
which can overwrite each others shared cache
 2023-05-01 21:27:47 +03:00
Aleksi Häkli
9924077a2a Rename get_cache_key to get_cache_keys 2023-05-01 21:27:47 +03:00
Hasan Ramezani
c8f831bb62 Update prospector to 1.8.2 2022-12-03 14:12:51 +02:00
Hasan Ramezani
5c7bea2a42 Update mypy to 0.990 2022-11-14 18:22:04 +02:00
Ronny Vedrilla
ec7c54f9c5 #892: German translation update 2022-05-28 18:02:26 +03:00
Aleksi Häkli
621dfa6882 Fix code formatting 2022-05-16 10:41:07 +03:00
Aleksi Häkli
fffb539c32 Fix proxy handler false negative errors for pylint 2022-05-16 10:41:07 +03:00
Hasan Ramezani
4da7eb9fc1 Add Optional to type of params with default value equal to None 2022-04-13 17:48:32 +03:00
Antoine Dujardin
9c2ceb7eb7 Add option to keep current behavior for cooloff reset 2022-04-08 22:17:05 +03:00
Antoine Dujardin
1015bad451 Don't reset cooloff time in case of login attempt during lockout 2022-04-08 22:17:05 +03:00
Gregory DAVID
1849552f45 Implement AccessFailureLog recordings 2022-04-08 22:16:19 +03:00
Hasan Ramezani
d674fa6296 Bump prospector from 1.3.1 to 1.5.3 2021-12-08 09:00:51 +01:00
Vasyl Dizhak
8c5c43f482 #750, fix lockout failure when providing AXES_USERNAME_CALLABLE 2021-10-11 20:59:06 +03:00
Yuta Okamoto
46bfc54a03 acquire a lock of AccessAttempt before updating 2021-09-09 17:38:30 +03:00
sarahboyce
403076ef51 feat(helpers): update get_client_str to accept request object 
Use case: include more info about the user in the client_str.
username is already included in the arguments but that would require a separate DB call.
https://github.com/jazzband/django-axes/issues/782
 2021-09-02 17:40:05 +03:00
Yuta Okamoto
17c5d3f314 set None to failures_since_start 2021-08-31 21:24:26 +03:00
Yuta Okamoto
945754eb15 make failures_since_start accessible to the views 2021-08-31 21:24:26 +03:00
Yuta Okamoto
004a0d750c remove failures_since_start from the log 2021-08-31 21:21:28 +03:00
Yuta Okamoto
bd18a531b6 increment failures_since_start in an atomic manner 2021-08-31 21:21:28 +03:00
Aleksi Häkli
ac86d4b213 Adjust commentation and log messages 2021-06-29 17:50:37 +03:00
Uli Klank
f079c48bb1 Restoring necessary general lookup of siilar attempts 
Linting
 2021-06-29 16:49:12 +03:00
Uli Klank
c72e8e4855 invert condition, warn earlier 2021-06-29 16:49:12 +03:00
Uli Klank
a88366f251 Prevent unnecessary save for created object 2021-06-29 16:49:12 +03:00
Uli Klank
8b5b921b71 Initiallize failures since start correctly 2021-06-29 16:49:12 +03:00
Uli Klank
93341a4d04 Handle race conditions for multiple workers 
The creation of several entries is possible due to race conditions between different worker processes, which can later break the usage of get in this situation.
This change should help to prevent this race condition using the database.
 2021-06-29 16:49:12 +03:00
Michael O'Connor
170dacc112 Integrate AXS_SENSITIVE_PARAMETERS functionality with AXES_PASSWORD_FORM_FIELD 2021-05-03 17:10:45 +03:00
Michael O'Connor
f54c4f095b Add option to cleanse sensitive GET and POST params in database handler 2021-05-03 17:10:45 +03:00
Hasan Ramezani
6b2da1f152 Add support for Django 3.2 2021-04-06 20:11:14 +03:00