Hopiu/django-defender
1
0
Fork 0
mirror of https://github.com/jazzband/django-defender.git synced 2026-03-16 22:10:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
221 commits 4 branches 24 tags 794 KiB
Commit graph

109 commits

Author SHA1 Message Date
horida
ce95906488 send user/ip blocked signal only once 2019-09-16 08:47:35 -04:00
horida
fcfa88d679 Add unblock signals 2019-09-08 10:05:04 -04:00
Chris Ledet
7ca76bb975 Add and test support for Django 2.2 2019-05-30 08:34:42 -04:00
fr0mhell
7400a4945f Feature update Python and Django versions (#126) 
* remove Python 3.3
* remove Django 1.8-1.10
* add Celery v4
* update travis config
* update admin URL
* replace MIDDLEWARE_CLASSES with MIDDLEWARE
 2019-01-29 07:50:02 -05:00
Andrei Baryshnikov
3031deb761 Add possibility to use custom utils.get_username_from_request function (#122) 
* Add `DEFENDER_GET_USERNAME_FROM_REQUEST_PATH` setting

This setting allow to override default `get_username_from_request`
function.

* Add `get_username` argument to `watch_login`

To be able to propagate this argument to other utils functions calls

* Minor code-style fixes

* Add example of use of `DEFENDER_GET_USERNAME_FROM_REQUEST_PATH` setting

* Update docs
 2018-05-29 10:32:08 -04:00
Jaimie Imrie
066dd238c8 Added ssl option when instantiating StrictRedis (#120) 2018-04-10 18:57:45 -04:00
William Boman
250c4d5388 add 2 new setting variables for more granular failure limit control (#113) 2018-04-10 09:22:51 -04:00
William Boman
b546224372 send signals when blocking username or ip (#114) 2018-04-10 09:21:37 -04:00
Ken Cochrane
fcfcd53076
Move mockredis to test requirements. replaces #115 (#119) 
Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
 2018-02-20 09:34:14 -05:00
Cobus Carstens
5aa69bac96 Only use the username if it is actually provided (#112) 
* Only use the username if it is actually provided

* Test that unspecified usernames cannot be blocked

* Added test to prevent Coveralls from complaining about a coverage regression.
 2018-02-01 06:30:26 -05:00
William Boman
2b6374f1da utils: add username kwarg for providing username directly rather than via callback arg (#107) 2018-02-01 06:27:38 -05:00
Sophie Wirth
cde53c5315 replace django.core.urlresolvers with django.urls to appeace Django2.… (#106) 
* replace django.core.urlresolvers with django.urls to appeace Django2.0 deprecations
* add try except block around imports for older version support
* add correct django version in setup.py install_reqs
 2017-12-11 13:52:50 -05:00
cburger
b2490e4e4c Correctly get raw client when using django_redis cache. (#104) 2017-10-27 09:38:11 -04:00
ruthus18
7c6a7d2b93 Update regex for 'unblock_username_view'. (#100) 
The reason why we need to handle almost all special symbols is in cases when username is like 'some!username'

 Issue: #76
 2017-08-31 11:12:14 -04:00
Teemu N
db7a9001db Middleware fix for django >= 1.10 (#93) 
Fixes the `TypeError: object.__init__() takes no parameters` that happens with the new MIDDLEWARE that is new in django 1.10
 2017-07-04 13:23:28 -04:00
Mattia Procopio
85817fd278 Force the username to lowercase (#90) 2017-07-01 09:24:51 -04:00
Ken Cochrane
4d9adc35c2 Cleanup the code to remove lint warnings (#87) 
* Cleanup the code to remove lint warnings

Signed-off-by: Ken Cochrane <kencochrane@gmail.com>

* Fixed typo

Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
 2017-06-28 17:09:44 -04:00
Mattia Procopio
b985d17beb Allow decoration of functions beyond the admin login (#86) 
* Allow decoration of functions beyond the admin login

* Exclude tests file from coverage

* Allow installing django 1.11

* Add python 3.6 for testing
 2017-06-26 12:23:23 -04:00
Francisco Rivera
d2b712eade Taking redis client from django.core.cache (#82) 
* new setting that point to an already configured redis client

* taking redis client from django cache setting

* adding informative exception

* dropping django 1.6 support

* dropping django 1.7 support

* adding tests

* removing old coverage stuff + pep8 fixes

* ups, wrong package

* supporting multiple backends

* adding documentation

* dropping python 2.6 support
 2017-06-24 19:17:15 -04:00
Israel Saeta Pérez
a59cbca0f6 Add support for Django 1.11 (#79) 2017-06-12 19:10:03 -04:00
Israel Saeta Pérez
69db1cfb70 Allow usernames with plus signs in unblock view (#77) 
This fixes bug #GH76 where an exception like

```
Reverse for 'defender_unblock_username_view' with arguments '(u'user+test@domain.tld',)' and keyword arguments '{}' not found. 1 pattern(s) tried: [u'admin/defender/blocks/username/(?P[A-Za-z0-9-._@]+)/unblock$']
```

was raised when trying to access the `/admin/defender/blocks/` URL when a user with a plus sign had been locked out.
 2017-06-10 10:39:19 -04:00
Ken Cochrane
c4f3a61036 Bump for 0.4.3 release (#74) 
* Bump for 0.4.3 release

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>

* updated travis dependencies and fixed issue with 1.10,1.11 tests

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>

* Added travis settings

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>

* Revert django 1.11 support

Signed-off-by: Ken Cochrane <KenCochrane@gmail.com>
 2017-04-14 18:30:58 -04:00
Jakub Kuszneruk
079c897203 Example djangorestframework auth method 
- sample authentication method described in README
piggyback:
- typo in lockout.html
 2017-03-21 11:03:42 -04:00
Jakub Kuszneruk
cd0a22c1c5 [#70] get username from request is more flexible 
- Every function which loads username from request has the optional paramter: get_username
piggyback:
- removed redefinition of USERNAME_FORM_FIELD from defender.config
 2017-03-10 20:04:45 +01:00
Karimov Dmitriy
32f60c3f8b Add test_disable_username_lockout 2016-06-20 13:36:02 +05:00
Karimov Dmitriy
d85752970b Add DEFENDER_DISABLE_USERNAME_LOCKOUT 2016-06-20 09:20:47 +05:00
Ken Cochrane
f5b40a1820 Merge pull request #56 from kencochrane/remove_admin_filter 
removing the django admin filter for username
 2016-05-27 14:13:02 -04:00
Ken Cochrane
57a069bc61 Merge pull request #58 from mrbaboon/patch-1 
Fix DataError on login
 2016-05-27 14:12:32 -04:00
Ken Cochrane
1a105a6604 Merge pull request #59 from btoueg/patch-1 
Fix for usernames with capital letters
 2016-05-27 14:12:16 -04:00
Benjamin Toueg
7fc366e4ca Fix for usernames with capital letters 2016-05-13 16:37:22 +02:00
Alex White
9209f0579f Fix DataError on login 
A watched login failure causes a 500 saving a 256 character long username into the login attempts.  Conditionally slice it to fit AccessAttempt
 2016-05-11 14:07:50 -07:00
Eric Buckley
2913b5f38b making urlpatterns a plain list 
as of Django 1.8, creating urlpatterns with the
`django.conf.urls.patterns` function became deprecated and will be
removed in 1.10.

https://docs.djangoproject.com/en/1.8/ref/urls/#patterns
 2016-04-19 21:09:26 -07:00
Ken Cochrane
9cef057520 removing the django admin filter for username 2016-02-09 12:11:06 -05:00
Vladimir Bolshakov
2ce4e16979 Use url method instead of patterns in test URLs setup. 2016-02-01 19:09:59 +03:00
Vladimir Bolshakov
23a690395c Use render shortcut instead of render_to_response. 2016-02-01 19:09:28 +03:00
Vladimir Bolshakov
c3495605ea Fix testing of failed login redirect to URL for Django 1.9. 
Location header in redirect can be relative URL from Django 1.9.
 2016-02-01 19:08:54 +03:00
Vladimir Bolshakov
948877c156 Fix formatting. 2016-02-01 19:07:16 +03:00
Vladimir Bolshakov
f4e0ddc032 assertEquals -> assertEqual 2016-02-01 19:06:38 +03:00
Vladimir Bolshakov
44c8746d8c Templates settings as recommended from Django 1.8 2016-02-01 19:05:17 +03:00
bc Wong
831bb299f9 Always define the task to store login attempt 
Adding function definitions based on config values makes testing hard.
The task function is always there, and we choose to call it depending on
config during runtime.
 2016-01-24 17:28:20 -08:00
bc Wong
f9047162d4 Add helpers that do not assume how to retrieve username 
The `is_already_locked` method assumes how the username is stored in the
request. This patch adds helpers that don't to allow for more flexible
implementation.
 2016-01-24 09:41:43 -08:00
Ken Cochrane
6b91730722 cleanup the boolean logic around is_already_locked() 2015-10-23 15:00:56 -04:00
Ken Cochrane
6e2ea2b94a fix compatibility issues with python 2.6, and disable testing on django versions 1.6.x and 1.7.x on python 3.5 2015-10-22 13:37:41 -04:00
Ken Cochrane
cc45409078 fixed pep8 issues 2015-10-21 16:44:12 -04:00
Ken Cochrane
64c5684c12 Added so that you can disable IP lockouts if you want 2015-10-21 16:33:08 -04:00
nephridium
64736040af Remove obsolete comments 2015-06-29 18:42:09 +08:00
nephridium
a3207d582a Add tests for utils get_blocked_ips() and get_blocked_usernames() 2015-06-29 18:33:33 +08:00
nephridium
67ebb8edff Make key_list read from redis Python 3 compatible 
Converts from bytes to string using .decode('utf-8')
 2015-06-26 22:17:50 +08:00
Alex White
319027c1e6 Fix line length meet PEP8 2015-04-21 16:24:01 -07:00
Alex White
b583f6f54f Add combined username & ip tests 2015-04-21 15:22:29 -07:00