Hopiu/django-defender
1
0
Fork 0
mirror of https://github.com/jazzband/django-defender.git synced 2026-04-28 10:44:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
326 commits 4 branches 24 tags 794 KiB
Commit graph

84 commits

Author SHA1 Message Date
David Kremer
f7ea5b63a4 remove unused imports 2023-10-12 15:57:23 +02:00
David Kremer
0f796e8a7a remove test about url parsing 2023-10-12 15:56:44 +02:00
Ken Cochrane
b0f90e690a
fixing issue #219 don't add redis username by default (#227) 
* fixing issue #219 don't add Redis username by default
 2023-02-23 09:59:52 -05:00
Dashgin
a4b3f9f332 remove_prefix method working same for all python versions 2023-02-21 11:01:20 -05:00
Dashgin
d90dfa8db7 added test for remove_prefix method 2023-02-21 11:01:20 -05:00
djmore4
374971bfc5 Remove incorrect tests 2022-11-13 11:09:53 -05:00
djmore4
5139005106 Fix test name and correct logic in data.py 2022-11-13 11:09:53 -05:00
djmore4
359ee90082 I think we're finally done here 2022-11-13 11:09:53 -05:00
djmore4
b9b067472c Whoops, they worked I guess. Let's see if they still do or we need more changes. Also improve coverage 2022-11-13 11:09:53 -05:00
djmore4
de1c876b99 Using assertEquals and an exception to test where the logic is going wrong 2022-11-13 11:09:53 -05:00
djmore4
717d44aa7d Update README further and make another adjustment to the tests 2022-11-13 11:09:53 -05:00
djmore4
1bf9d6e7d1 Refactor once again 2022-11-13 11:09:53 -05:00
djmore4
a280c90bc0 Refactor once again 2022-11-13 11:09:53 -05:00
djmore4
7121db4b0f another different approach 2022-11-13 11:09:53 -05:00
djmore4
be523281ab Hopefully this clears up the issues in the tests 2022-11-13 11:09:53 -05:00
djmore4
2d288b247a Try some new things 2022-11-13 11:09:53 -05:00
djmore4
177f2ecce8 Add new config options and update logic/tests to account for them 2022-11-13 11:09:53 -05:00
Jona Andersen
44ecbee250 Strip port number from IP address in X-Forwarded-For 2022-05-01 14:22:28 -04:00
Hasan Ramezani
55ab5c6961 Replace assertEquals with assertEqual. 2021-10-13 21:47:34 +03:30
Ryan Bales
e5edaf3b5d bugfix for IP backdoor to DEFENDER_LOCK_OUT_BY_IP_AND_USERNAME 2021-08-01 15:19:34 -04:00
Hasan Ramezani
cc06ab33fd Drop support Django < 2.2 and add support for Django > 3 2020-11-27 16:32:46 +01:00
Hasan Ramezani
5e6e52fcbb Drop Python2.7 support. 2020-11-23 17:30:46 +01:00
calmkart
71312eb841
FIX: support for special character in redis password(such like '@') (#155) 
* FIX: if special character in redis password, we can set DEFENDER_REDIS_PASSWORD_QUOTE to True, and use quote password

* MOD:add test cases with password_quota = True
 2020-03-13 08:13:54 -04:00
Aleksi Häkli
a1d526f318
PEP8 formatting (#147) 
Run black with Python 2.7 as target version
to unify the code styling and make it more
linter and style guide compliant
 2019-11-15 20:22:14 +02:00
horida
ce95906488 send user/ip blocked signal only once 2019-09-16 08:47:35 -04:00
horida
fcfa88d679 Add unblock signals 2019-09-08 10:05:04 -04:00
Andrei Baryshnikov
3031deb761 Add possibility to use custom utils.get_username_from_request function (#122) 
* Add `DEFENDER_GET_USERNAME_FROM_REQUEST_PATH` setting

This setting allow to override default `get_username_from_request`
function.

* Add `get_username` argument to `watch_login`

To be able to propagate this argument to other utils functions calls

* Minor code-style fixes

* Add example of use of `DEFENDER_GET_USERNAME_FROM_REQUEST_PATH` setting

* Update docs
 2018-05-29 10:32:08 -04:00
William Boman
250c4d5388 add 2 new setting variables for more granular failure limit control (#113) 2018-04-10 09:22:51 -04:00
William Boman
b546224372 send signals when blocking username or ip (#114) 2018-04-10 09:21:37 -04:00
Cobus Carstens
5aa69bac96 Only use the username if it is actually provided (#112) 
* Only use the username if it is actually provided

* Test that unspecified usernames cannot be blocked

* Added test to prevent Coveralls from complaining about a coverage regression.
 2018-02-01 06:30:26 -05:00
William Boman
2b6374f1da utils: add username kwarg for providing username directly rather than via callback arg (#107) 2018-02-01 06:27:38 -05:00
Sophie Wirth
cde53c5315 replace django.core.urlresolvers with django.urls to appeace Django2.… (#106) 
* replace django.core.urlresolvers with django.urls to appeace Django2.0 deprecations
* add try except block around imports for older version support
* add correct django version in setup.py install_reqs
 2017-12-11 13:52:50 -05:00
ruthus18
7c6a7d2b93 Update regex for 'unblock_username_view'. (#100) 
The reason why we need to handle almost all special symbols is in cases when username is like 'some!username'

 Issue: #76
 2017-08-31 11:12:14 -04:00
Mattia Procopio
85817fd278 Force the username to lowercase (#90) 2017-07-01 09:24:51 -04:00
Ken Cochrane
4d9adc35c2 Cleanup the code to remove lint warnings (#87) 
* Cleanup the code to remove lint warnings

Signed-off-by: Ken Cochrane <kencochrane@gmail.com>

* Fixed typo

Signed-off-by: Ken Cochrane <kencochrane@gmail.com>
 2017-06-28 17:09:44 -04:00
Mattia Procopio
b985d17beb Allow decoration of functions beyond the admin login (#86) 
* Allow decoration of functions beyond the admin login

* Exclude tests file from coverage

* Allow installing django 1.11

* Add python 3.6 for testing
 2017-06-26 12:23:23 -04:00
Francisco Rivera
d2b712eade Taking redis client from django.core.cache (#82) 
* new setting that point to an already configured redis client

* taking redis client from django cache setting

* adding informative exception

* dropping django 1.6 support

* dropping django 1.7 support

* adding tests

* removing old coverage stuff + pep8 fixes

* ups, wrong package

* supporting multiple backends

* adding documentation

* dropping python 2.6 support
 2017-06-24 19:17:15 -04:00
Israel Saeta Pérez
69db1cfb70 Allow usernames with plus signs in unblock view (#77) 
This fixes bug #GH76 where an exception like

```
Reverse for 'defender_unblock_username_view' with arguments '(u'user+test@domain.tld',)' and keyword arguments '{}' not found. 1 pattern(s) tried: [u'admin/defender/blocks/username/(?P[A-Za-z0-9-._@]+)/unblock$']
```

was raised when trying to access the `/admin/defender/blocks/` URL when a user with a plus sign had been locked out.
 2017-06-10 10:39:19 -04:00
Karimov Dmitriy
32f60c3f8b Add test_disable_username_lockout 2016-06-20 13:36:02 +05:00
Vladimir Bolshakov
c3495605ea Fix testing of failed login redirect to URL for Django 1.9. 
Location header in redirect can be relative URL from Django 1.9.
 2016-02-01 19:08:54 +03:00
Vladimir Bolshakov
948877c156 Fix formatting. 2016-02-01 19:07:16 +03:00
Vladimir Bolshakov
f4e0ddc032 assertEquals -> assertEqual 2016-02-01 19:06:38 +03:00
bc Wong
f9047162d4 Add helpers that do not assume how to retrieve username 
The `is_already_locked` method assumes how the username is stored in the
request. This patch adds helpers that don't to allow for more flexible
implementation.
 2016-01-24 09:41:43 -08:00
Ken Cochrane
6e2ea2b94a fix compatibility issues with python 2.6, and disable testing on django versions 1.6.x and 1.7.x on python 3.5 2015-10-22 13:37:41 -04:00
Ken Cochrane
64c5684c12 Added so that you can disable IP lockouts if you want 2015-10-21 16:33:08 -04:00
nephridium
64736040af Remove obsolete comments 2015-06-29 18:42:09 +08:00
nephridium
a3207d582a Add tests for utils get_blocked_ips() and get_blocked_usernames() 2015-06-29 18:33:33 +08:00
Alex White
b583f6f54f Add combined username & ip tests 2015-04-21 15:22:29 -07:00
Ken Cochrane
fb095e4ca9 cleaned up some landscape.io warnings 2015-03-20 11:09:45 -04:00
Ken Cochrane
fd4f58a20c took marcus's advice and used the built in django validator 2015-02-24 22:02:06 -05:00