The results for the cache unit tests were inconsistent, sometimes
blocking and other time allowing. The source of the non-determinism
was the COOLDOWN_TIME set to 2 seconds in the test. If a test took
slightly longer than the cooldown time, it would fail. Testing times
on Travis CI vary with each build, and would produce unreliable
results.
Now all tests have no cooldown period, except when the cooldown
itself is being tested. This ensures accurate and predicable test
results.
Cache hash keys now include usernames. The axes settings
AXES_ONLY_USER_FAILURES and LOCK_OUT_BY_COMBINATION_USER_AND_IP
are checked to decide which request attributes to include in
generated cache hash keys.
Added 12 tests that verify lockouts for default, AXES_ONLY_USER_FAILURES,
and LOCK_OUT_BY_COMBINATION_USER_AND_IP settings, under four conditions
each: same/different user, and same/different IP address. These tests
verify the cache functionality.
Added 12 tests that verify lockouts for default, AXES_ONLY_USER_FAILURES,
and LOCK_OUT_BY_COMBINATION_USER_AND_IP settings, under four conditions
each: same/different user, and same/different IP address.
Truth Table:
¦ ¦ ¦ ¦ ¦ ¦ ¦User IP Action
¦ ¦ ¦ ¦ ¦ ¦|--------------------------------
IP Only | Same Same Block
(Default) | Same Different Allow
¦ ¦ ¦ ¦ ¦ ¦| Different Same Block
¦ ¦ ¦ ¦ ¦ ¦| Different Different Allow
¦ ¦ ¦ ¦ ¦ ¦|--------------------------------
User Only | Same Same Block
¦ ¦ ¦ ¦ ¦ ¦| Same Different Block
¦ ¦ ¦ ¦ ¦ ¦| Different Same Allow
¦ ¦ ¦ ¦ ¦ ¦| Different Different Allow
¦ ¦ ¦ ¦ ¦ ¦|--------------------------------
User and IP | Same Same Block
¦ ¦ ¦ ¦ ¦ ¦| Same Different Allow
¦ ¦ ¦ ¦ ¦ ¦| Different Same Allow
¦ ¦ ¦ ¦ ¦ ¦| Different Different Allow
Axes configuration values are pulled from axes.settings, into axes.decorators.
Using @override_settings wasn't setting AXES_ONLY_USER_FAILURES. Patching
the decorator in the test set the value correctly.
