more refactoring to clean up the code

2026-03-16 22:10:32 +00:00 · 2014-12-31 19:27:18 -05:00 · 2014-12-31 19:27:18 -05:00 · 15e6a40e0a
commit 15e6a40e0a
parent cf136033a1
2 changed files with 24 additions and 20 deletions
--- a/defender/decorators.py
+++ b/defender/decorators.py
@ -1,16 +1,5 @@
-import logging
-from django.conf import settings
-
-from .models import AccessAttempt
 from . import utils

-# use a specific username field to retrieve from login POST data
-USERNAME_FORM_FIELD = getattr(settings,
-                              'DEFENDER_USERNAME_FORM_FIELD',
-                              'username')
-
-log = logging.getLogger(__name__)
-

 def watch_login(func):
    """
@ -43,15 +32,10 @@ def watch_login(func):
                response.status_code != 302
            )

-            AccessAttempt.objects.create(
-                user_agent=request.META.get('HTTP_USER_AGENT',
-                                            '<unknown>')[:255],
-                ip_address=utils.get_ip(request),
-                username=request.POST.get(USERNAME_FORM_FIELD, None),
-                http_accept=request.META.get('HTTP_ACCEPT', '<unknown>'),
-                path_info=request.META.get('PATH_INFO', '<unknown>'),
-                login_valid=not login_unsuccessful,
-            )
+            # ideally make this background task, but to keep simple, keeping
+            # it inline for now.
+            utils.add_login_attempt(request, not login_unsuccessful)
+
            if utils.check_request(request, login_unsuccessful):
                return response

--- a/defender/utils.py
+++ b/defender/utils.py
@ -9,6 +9,8 @@ from django.shortcuts import render_to_response
 from django.template import RequestContext
 from django.utils.translation import ugettext_lazy

+from .models import AccessAttempt
+
 REDIS_HOST = settings.REDIS_HOST
 REDIS_PORT = settings.REDIS_PORT
 REDIS_PASSWORD = settings.REDIS_PASSWORD
@ -47,6 +49,11 @@ LOCKOUT_TEMPLATE = getattr(settings, 'DEFENDER_LOCKOUT_TEMPLATE', None)
 ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. "
                              "Note that both fields are case-sensitive.")

+# use a specific username field to retrieve from login POST data
+USERNAME_FORM_FIELD = getattr(settings,
+                              'DEFENDER_USERNAME_FORM_FIELD',
+                              'username')
+
 redis_server = redis.StrictRedis(
    host=REDIS_HOST, port=REDIS_PORT, db=REDIS_DB, password=REDIS_PASSWORD)

@ -264,3 +271,16 @@ def check_request(request, login_unsuccessful):
    else:
        # add a failed attempt for this user
        return record_failed_attempt(ip_address, username)
+
+
+def add_login_attempt(request, login_valid):
+    """ Create a record for the login attempt """
+    AccessAttempt.objects.create(
+        user_agent=request.META.get('HTTP_USER_AGENT',
+                                    '<unknown>')[:255],
+        ip_address=get_ip(request),
+        username=request.POST.get(USERNAME_FORM_FIELD, None),
+        http_accept=request.META.get('HTTP_ACCEPT', '<unknown>'),
+        path_info=request.META.get('PATH_INFO', '<unknown>'),
+        login_valid=login_valid,
+    )