From 426f01a39e12e091f6e872887b8310c3ffeceb81 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabr=C3=ADcio=20Rissetto?= <fabriciorissetto@gmail.com>
Date: Sun, 22 Mar 2020 16:49:59 -0300
Subject: [PATCH] Update readme

---
 README.rst | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/README.rst b/README.rst
index 068ab94..0318dfc 100644
--- a/README.rst
+++ b/README.rst
@@ -446,14 +446,14 @@ There's sample ``BasicAuthenticationDefender`` class based on ``djangorestframew
            utils.add_login_attempt_to_db(request,
                                          login_valid=not login_unsuccessful,
                                          get_username=self.get_username_from_request)
+           # add the failed attempt to Redis in case of a failed login or resets the attempt count in case of success
+           utils.check_request(request,
+                               login_unsuccessful=login_unsuccessful,
+                               get_username=self.get_username_from_request)
+           if login_unsuccessful:
+               raise login_exception
 
-           user_not_blocked = utils.check_request(request,
-                                                  login_unsuccessful=login_unsuccessful,
-                                                  get_username=self.get_username_from_request)
-           if user_not_blocked and not login_unsuccessful:
-               return response
-
-           raise login_exception
+           return response
 
 To make it work add ``BasicAuthenticationDefender`` to ``DEFAULT_AUTHENTICATION_CLASSES`` above all other authentication methods in your ``settings.py``.