def notify_account_activity(user, request, activity, **kwargs): """Notification about important activity with account.""" address = get_ip_address(request) audit = AuditLog.objects.create(user, activity, address, **kwargs) if audit.should_notify(): send_notification_email( user.profile.language, user.email, 'account_activity', context={'message': audit.get_message()}, info='{0} from {1}'.format(activity, address), ) # Handle login rate limiting if activity == 'failed-auth' and user.has_usable_password(): kwargs = {} try: latest_login = AuditLog.objects.filter( user=user, activity='login' )[0] kwargs['timestamp__gte'] = latest_login.timestamp except IndexError: pass failures = AuditLog.objects.filter( user=user, activity='failed-auth', **kwargs ) if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: user.set_unusable_password() user.save(update_fields=['password']) notify_account_activity(user, request, 'locked')
def notify_account_activity(user, request, activity, **kwargs): """Notification about important activity with account. Returns whether the activity should be rate limited.""" address = get_ip_address(request) audit = AuditLog.objects.create(user, activity, address, **kwargs) if audit.should_notify(): profile = Profile.objects.get_or_create(user=user)[0] send_notification_email( profile.language, user.email, 'account_activity', context={'message': audit.get_message()}, info='{0} from {1}'.format(activity, address), ) # Handle rate limiting if activity == 'failed-auth' and user.has_usable_password(): failures = AuditLog.objects.get_after(user, 'login', 'failed-auth') if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: user.set_unusable_password() user.save(update_fields=['password']) notify_account_activity(user, request, 'locked') return True elif activity == 'reset-request': failures = AuditLog.objects.get_after(user, 'login', 'reset-request') if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: return True return False
def notify_account_activity(user, request, activity, **kwargs): """Notification about important activity with account.""" address = get_ip_address(request) audit = AuditLog.objects.create(user, activity, address, **kwargs) if audit.should_notify(): send_notification_email( user.profile.language, user.email, 'account_activity', context={'message': audit.get_message()}, info='{0} from {1}'.format(activity, address), ) # Handle login rate limiting if activity == 'failed-auth' and user.has_usable_password(): kwargs = {} try: latest_login = AuditLog.objects.filter(user=user, activity='login')[0] kwargs['timestamp__gte'] = latest_login.timestamp except IndexError: pass failures = AuditLog.objects.filter(user=user, activity='failed-auth', **kwargs) if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: user.set_unusable_password() user.save(update_fields=['password']) notify_account_activity(user, request, 'locked')
def notify_account_activity(user, request, activity, **kwargs): """Notification about important activity with account.""" kwargs['message'] = ACCOUNT_ACTIVITY[activity].format(**kwargs) send_notification_email( user.profile.language, user.email, 'account_activity', context=kwargs, info='{0} from {1}'.format(activity, get_ip_address(request)), )
def is_spam(text, request): """Generic spam checker interface.""" if settings.AKISMET_API_KEY: from akismet import Akismet akismet = Akismet( settings.AKISMET_API_KEY, get_site_url() ) return akismet.comment_check( get_ip_address(request), request.META.get('HTTP_USER_AGENT', ''), comment_content=text, comment_type='comment' ) return False
def test_get_ip_proxy(self): request = FakeRequest() self.assertEqual( get_ip_address(request), '7.8.9.0' )
def test_get_ip(self): request = FakeRequest() self.assertEqual( get_ip_address(request), '1.2.3.4' )
def test_get_ip_proxy(self): request = FakeRequest() self.assertEqual( get_ip_address(request), '7.8.9.0' )
def test_get_ip(self): request = FakeRequest() self.assertEqual( get_ip_address(request), '1.2.3.4' )