Hopiu/django-axes
1
0
Fork 0
mirror of https://github.com/jazzband/django-axes.git synced 2026-03-16 22:30:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1911 commits 2 branches 163 tags 4.6 MiB
Commit graph

71 commits

Author SHA1 Message Date
Aleksi Häkli
4b77eb69ee Run black autoformatting 2026-02-11 22:14:31 +02:00
Aleksi Häkli
d59a289407 Suppress mypy type errors 
Update Mypy Python version to 3.14
 2026-02-11 22:14:31 +02:00
Mounir Messelmeni
955f39da73 Update docs 2025-12-19 21:19:03 +02:00
Mounir Messelmeni
04fd39fa57 Enhance get_lockout_response to support original_response parameter 2025-12-19 21:19:03 +02:00
kuldeepkhatke
01ccf5b213 Updated get_individual_attempt_expiry() func placement & renamed to get_attempt_expiration() 2025-07-05 16:19:19 +03:00
Bruno Alla
b54019fa0f Change AXES_COOLOFF_TIME callable to take exactly 1 argument 2024-10-02 20:15:31 +03:00
Bruno Alla
a304380853 feat: pass down the request in a few more places 2024-10-02 20:15:31 +03:00
Bruno Alla
510c8d18f5 feat: pass the request to get dynamic cool off period 2024-10-02 20:15:31 +03:00
Bruno Alla
2fb4c81243 feat: pass username to AXES_COOLOFF_TIME callback 
If the AXES_COOLOFF_TIME is a callable or path to a callable taking
an argument, pass the username to it.

This should enable users to customize the cool off to be user dependant,
and possibly implement a growing cool-off time:

- First lockout cools off after 5 mins
- Second one after 10 mins
- etc...
 2024-10-02 20:15:31 +03:00
Davide
014483c65d
Add session hash to access log 2024-04-30 16:22:50 +02:00
Christian Clauss
493789640b chore(deps): bump black from 23.12.1 to 24.1.0 AGAIN 2024-01-26 21:37:26 +01:00
Maksim Zayakin
9a54187a65 chore: update docstrings about settings.AXES_COOLOFF_TIME 2023-07-25 19:57:20 +03:00
Maksim Zayakin
3cba78a599 refactor: fix qa errors 2023-05-13 14:04:14 +03:00
Maksim Zayakin
73c4e4501b chore: adjust types: use list instead of iterables and nested lists instead of tuples 2023-05-13 14:04:14 +03:00
Maksim Zayakin
2df1c1948a refactor: refactor get_client_parameters 
* Now accepts request_or_attempt and credentials which are passed to get_lockout_parameters
* Use lockout parameters that consumed from get_lockout_parameters
 2023-05-13 14:04:14 +03:00
Maksim Zayakin
59a57386c1 feat: add get_lockout_parameters 
Accepts request or AccessAttempt and optionally credentials. If AXES_LOCKOUT_PARAMETERS is callable, this function passes request or attempt and credentials to this callable and returns the result.
If AXES_LOCKOUT_PARAMETERS is iterable, returns AXES_LOCKOUT_PARAMETERS.
Otherwise raises TypeError.
 2023-05-13 14:04:14 +03:00
Aleksi Häkli
8386f30dbb Fix type annotations for cache utilities 2023-05-01 21:27:47 +03:00
Aleksi Häkli
9924077a2a Rename get_cache_key to get_cache_keys 2023-05-01 21:27:47 +03:00
Aleksi Häkli
31249a5947 Update django-ipware configuration flags to new AXES_IPWARE_ prefixes 
Use explicit new AXES_IPWARE_ referencing configuration flag names
in place of the old plain implicit AXES_ name prefixes
 2023-04-28 14:16:44 +03:00
Aleksi Häkli
cd950ddfef Make ipware an optional dependency 
Relates to #1038
 2023-04-28 14:16:44 +03:00
ArtemDemidovAramMeem
0e76956a2e Override log handler when using sensitive parameters. Closes #1010 2023-04-16 19:51:10 +03:00
Maksim Zayakin
c8bfbe603a use AXES_CLIENT_IP_CALLABLE in get_client_ip_address 2023-03-29 16:35:06 +03:00
Petr Dlouhý
ce3f2f2c3f fix get_client_parameters when AXES_USE_USER_AGENT=True 2022-11-24 21:58:57 +02:00
Aleksi Häkli
621dfa6882 Fix code formatting 2022-05-16 10:41:07 +03:00
Aleksi Häkli
4490013111 Migrate MD5 hashing to SHA256 
Continue using MD5 hashing in Axes test settings
as it offers better performance for test runs
without compromising security for users
 2022-05-16 10:41:07 +03:00
Hasan Ramezani
382468cef4 Add type hint for request variables 2022-05-02 18:21:03 +03:00
Hasan Ramezani
dc98a7b2e3 Allow float values for AXES_COOLOFF_TIME(#868). 2022-04-13 17:51:10 +03:00
Hasan Ramezani
4da7eb9fc1 Add Optional to type of params with default value equal to None 2022-04-13 17:48:32 +03:00
Hasan Ramezani
d674fa6296 Bump prospector from 1.3.1 to 1.5.3 2021-12-08 09:00:51 +01:00
sarahboyce
403076ef51 feat(helpers): update get_client_str to accept request object 
Use case: include more info about the user in the client_str.
username is already included in the arguments but that would require a separate DB call.
https://github.com/jazzband/django-axes/issues/782
 2021-09-02 17:40:05 +03:00
phil-bell
6858aea99a Adding ability to change http response code 2021-08-19 16:02:32 +03:00
smtydn
a26c5109ed Fix formatting 2021-05-19 20:54:57 +03:00
smtydn
1a8d96e242 Add AXES_CLIENT_STR_CALLABLE setting 2021-05-19 20:54:57 +03:00
Michael O'Connor
170dacc112 Integrate AXS_SENSITIVE_PARAMETERS functionality with AXES_PASSWORD_FORM_FIELD 2021-05-03 17:10:45 +03:00
Michael O'Connor
f54c4f095b Add option to cleanse sensitive GET and POST params in database handler 2021-05-03 17:10:45 +03:00
Aleksi Häkli
b6b26e492f Optimize imports as part of cleanup round 2021-01-07 18:23:33 +02:00
Vladimir Knobel
64b53d55ae Black run on code to comply with py38-qa 2021-01-05 15:18:59 +02:00
Vladimir Knobel
cf51e09d75 Fix indentation 2021-01-05 15:18:59 +02:00
Vladimir Knobel
55438c14bd Update helpers.py 
chnage ALLOWED_CORS_ORIGINS to AXES_ALLOWED_CORS_ORIGINS
 2021-01-05 15:18:59 +02:00
Vladimir Knobel
4a981f9972 Update helpers.py 2021-01-05 15:18:59 +02:00
David Smith
d96a3e4625 black formatting 2020-09-11 11:03:15 +03:00
David Smith
96d34c1b95 request.is_ajax() is deprecated 2020-09-11 11:03:15 +03:00
Petr Dlouhý
bf69a0a89e changes requested by aleksihakli 2020-08-21 17:17:57 +03:00
Petr Dlouhý
128d01158c add LOCK_OUT_BY_USER_OR_IP option 
store all AccessAttempt records
 2020-08-21 17:17:57 +03:00
Petr Dlouhý
18c4edec29 test_login also with cache handler; refactor making cache key 2020-08-21 17:17:57 +03:00
Aleksi Häkli
3866414f6c
Fix code styling 2020-07-03 19:55:10 +03:00
Aleksi Häkli
e7404cb055 Use urlencode for generating usernames in redirect 2020-07-03 19:08:15 +03:00
Petr Dlouhý
9bfe1615a4 propagate username to the AXES_LOCKOUT_URL redirect 2020-07-03 19:08:15 +03:00
Hasan Ramezani
171abf45ba Changed ipware.ip2 to ipware.ip 2020-07-03 18:09:22 +03:00
I0x4dI
b695519e6e Fix code format 2020-03-10 15:38:04 +02:00