Hopiu/django-defender
1
0
Fork 0
mirror of https://github.com/jazzband/django-defender.git synced 2026-03-16 22:10:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
294 commits 4 branches 24 tags 794 KiB
Commit graph

133 commits

Author SHA1 Message Date
cbh
bb122f24b9 add username option to redis config 2022-06-06 13:15:55 +03:00
Jona Andersen
0b96c53245 Bump to 0.9.4 2022-05-01 16:09:52 -04:00
Jona Andersen
44ecbee250 Strip port number from IP address in X-Forwarded-For 2022-05-01 14:22:28 -04:00
Hasan Ramezani
fdf37feb54 Drop Django 2.2 support 2022-04-13 17:46:42 +03:00
Hasan Ramezani
7c544d1cf8 Drop Django 3.1 support. 2021-12-16 16:40:44 -05:00
Williams Mendez
c8a2586892 Define AppConfig.default_auto_field to match the initial migration 
This patch removes a warning but also prevents creating migrations in projects
where DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField".
 2021-12-13 21:00:46 +01:00
Hasan Ramezani
55ab5c6961 Replace assertEquals with assertEqual. 2021-10-13 21:47:34 +03:30
Ryan Bales
e5edaf3b5d bugfix for IP backdoor to DEFENDER_LOCK_OUT_BY_IP_AND_USERNAME 2021-08-01 15:19:34 -04:00
Ken Cochrane
5d625dd273 release version 0.9.1 2021-07-18 09:31:51 -04:00
Jonathan Willitts
5f5b34d50e Fix failing tests to work with Django (4.0) main dev branch 2021-04-29 06:50:36 -04:00
Ken Cochrane
d413e60847 released version 0.9.0 2021-04-25 19:36:10 -04:00
Jannis Leidel
b4a5f886d4
Migrate to GitHub Actions. (#174) 
* Add GitHub Actions test workflow.

* Add release workflow.

* Remove Travis cruft and update changelog.

* Fix deps.

* Remove Celery version restriction.

* Relax installation requirements a bit.

* Update README.rst

* Update tox.ini
 2020-12-21 14:18:53 +01:00
Hasan Ramezani
9a322c4729 Add support for Python 3.9 2020-11-27 16:32:46 +01:00
Hasan Ramezani
cc06ab33fd Drop support Django < 2.2 and add support for Django > 3 2020-11-27 16:32:46 +01:00
Hasan Ramezani
5e6e52fcbb Drop Python2.7 support. 2020-11-23 17:30:46 +01:00
Hasan Ramezani
1f9b3dec7c Fix version. 2020-11-23 09:08:40 +01:00
Jorge
7124e4b156 make password quote optional in the funciton signature 2020-10-27 12:35:39 -03:00
Ivan Pereira
6354df0a8a
dynamic load celery (#163) 2020-09-04 15:11:19 -04:00
calmkart
71312eb841
FIX: support for special character in redis password(such like '@') (#155) 
* FIX: if special character in redis password, we can set DEFENDER_REDIS_PASSWORD_QUOTE to True, and use quote password

* MOD:add test cases with password_quota = True
 2020-03-13 08:13:54 -04:00
Ken Cochrane
8daa2d168d Added changes for release 0.7.0 2020-02-23 15:23:52 -05:00
David Nugent
cb59d1c481 Fixes for django 3.0+ 
As python 2i is no longer supported, stub reference to python_2_unicode_compatible
 2020-02-23 14:25:15 -05:00
Jannis Leidel
ed857f7481
Run lints and other checks. (#149) 2019-11-25 11:11:57 +01:00
Jannis Leidel
68d0b41ee5
Use setuptools-scm. 2019-11-24 15:14:12 +01:00
Aleksi Häkli
a1d526f318
PEP8 formatting (#147) 
Run black with Python 2.7 as target version
to unify the code styling and make it more
linter and style guide compliant
 2019-11-15 20:22:14 +02:00
horida
ce95906488 send user/ip blocked signal only once 2019-09-16 08:47:35 -04:00
horida
fcfa88d679 Add unblock signals 2019-09-08 10:05:04 -04:00
Chris Ledet
7ca76bb975 Add and test support for Django 2.2 2019-05-30 08:34:42 -04:00
fr0mhell
7400a4945f Feature update Python and Django versions (#126) 
* remove Python 3.3
* remove Django 1.8-1.10
* add Celery v4
* update travis config
* update admin URL
* replace MIDDLEWARE_CLASSES with MIDDLEWARE
 2019-01-29 07:50:02 -05:00
Andrei Baryshnikov
3031deb761 Add possibility to use custom utils.get_username_from_request function (#122) 
* Add `DEFENDER_GET_USERNAME_FROM_REQUEST_PATH` setting

This setting allow to override default `get_username_from_request`
function.

* Add `get_username` argument to `watch_login`

To be able to propagate this argument to other utils functions calls

* Minor code-style fixes

* Add example of use of `DEFENDER_GET_USERNAME_FROM_REQUEST_PATH` setting

* Update docs
 2018-05-29 10:32:08 -04:00
Jaimie Imrie
066dd238c8 Added ssl option when instantiating StrictRedis (#120) 2018-04-10 18:57:45 -04:00
William Boman
250c4d5388 add 2 new setting variables for more granular failure limit control (#113) 2018-04-10 09:22:51 -04:00
William Boman
b546224372 send signals when blocking username or ip (#114) 2018-04-10 09:21:37 -04:00
Ken Cochrane
fcfcd53076
Move mockredis to test requirements. replaces #115 (#119) 
Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
 2018-02-20 09:34:14 -05:00
Cobus Carstens
5aa69bac96 Only use the username if it is actually provided (#112) 
* Only use the username if it is actually provided

* Test that unspecified usernames cannot be blocked

* Added test to prevent Coveralls from complaining about a coverage regression.
 2018-02-01 06:30:26 -05:00
William Boman
2b6374f1da utils: add username kwarg for providing username directly rather than via callback arg (#107) 2018-02-01 06:27:38 -05:00
Sophie Wirth
cde53c5315 replace django.core.urlresolvers with django.urls to appeace Django2.… (#106) 
* replace django.core.urlresolvers with django.urls to appeace Django2.0 deprecations
* add try except block around imports for older version support
* add correct django version in setup.py install_reqs
 2017-12-11 13:52:50 -05:00
cburger
b2490e4e4c Correctly get raw client when using django_redis cache. (#104) 2017-10-27 09:38:11 -04:00
ruthus18
7c6a7d2b93 Update regex for 'unblock_username_view'. (#100) 
The reason why we need to handle almost all special symbols is in cases when username is like 'some!username'

 Issue: #76
 2017-08-31 11:12:14 -04:00
Teemu N
db7a9001db Middleware fix for django >= 1.10 (#93) 
Fixes the `TypeError: object.__init__() takes no parameters` that happens with the new MIDDLEWARE that is new in django 1.10
 2017-07-04 13:23:28 -04:00
Mattia Procopio
85817fd278 Force the username to lowercase (#90) 2017-07-01 09:24:51 -04:00
Ken Cochrane
4d9adc35c2 Cleanup the code to remove lint warnings (#87) 
* Cleanup the code to remove lint warnings

Signed-off-by: Ken Cochrane <kencochrane@gmail.com>

* Fixed typo

Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
 2017-06-28 17:09:44 -04:00
Mattia Procopio
b985d17beb Allow decoration of functions beyond the admin login (#86) 
* Allow decoration of functions beyond the admin login

* Exclude tests file from coverage

* Allow installing django 1.11

* Add python 3.6 for testing
 2017-06-26 12:23:23 -04:00
Francisco Rivera
d2b712eade Taking redis client from django.core.cache (#82) 
* new setting that point to an already configured redis client

* taking redis client from django cache setting

* adding informative exception

* dropping django 1.6 support

* dropping django 1.7 support

* adding tests

* removing old coverage stuff + pep8 fixes

* ups, wrong package

* supporting multiple backends

* adding documentation

* dropping python 2.6 support
 2017-06-24 19:17:15 -04:00
Israel Saeta Pérez
a59cbca0f6 Add support for Django 1.11 (#79) 2017-06-12 19:10:03 -04:00
Israel Saeta Pérez
69db1cfb70 Allow usernames with plus signs in unblock view (#77) 
This fixes bug #GH76 where an exception like

```
Reverse for 'defender_unblock_username_view' with arguments '(u'user+test@domain.tld',)' and keyword arguments '{}' not found. 1 pattern(s) tried: [u'admin/defender/blocks/username/(?P[A-Za-z0-9-._@]+)/unblock$']
```

was raised when trying to access the `/admin/defender/blocks/` URL when a user with a plus sign had been locked out.
 2017-06-10 10:39:19 -04:00
Ken Cochrane
c4f3a61036 Bump for 0.4.3 release (#74) 
* Bump for 0.4.3 release

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>

* updated travis dependencies and fixed issue with 1.10,1.11 tests

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>

* Added travis settings

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>

* Revert django 1.11 support

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
 2017-04-14 18:30:58 -04:00
Jakub Kuszneruk
079c897203 Example djangorestframework auth method 
- sample authentication method described in README
piggyback:
- typo in lockout.html
 2017-03-21 11:03:42 -04:00
Jakub Kuszneruk
cd0a22c1c5 [#70] get username from request is more flexible 
- Every function which loads username from request has the optional paramter: get_username
piggyback:
- removed redefinition of USERNAME_FORM_FIELD from defender.config
 2017-03-10 20:04:45 +01:00
Karimov Dmitriy
32f60c3f8b Add test_disable_username_lockout 2016-06-20 13:36:02 +05:00
Karimov Dmitriy
d85752970b Add DEFENDER_DISABLE_USERNAME_LOCKOUT 2016-06-20 09:20:47 +05:00