def audited_logout(request, *args, **kwargs):
# share some useful information
func = auth_views.logout
logging.info("Function: %s" % (func.__name__))
logging.info("Logged logout for user %s" % (request.user.username))
user = request.user
# it's a successful login.
ip = request.META.get('REMOTE_ADDR', '')
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.doc_type = AccessAudit.__name__
attempt.access_type = models.ACCESS_LOGOUT
attempt.user_agent = ua
attempt.user = user.username
attempt.session_key = request.session.session_key
attempt.ip_address = ip
attempt.get_data = []
attempt.post_data = []
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = 0
attempt.save()
# call the logout function
response = func(request, *args, **kwargs)
return response
def audited_logout (request, *args, **kwargs):
# share some useful information
func = auth_views.logout
logging.info("Function: %s" %(func.__name__))
logging.info("Logged logout for user %s" % (request.user.username))
user = request.user
# it's a successful login.
ip = request.META.get('REMOTE_ADDR', '')
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.doc_type=AccessAudit.__name__
attempt.access_type = models.ACCESS_LOGOUT
attempt.user_agent=ua
attempt.user = user.username
attempt.session_key = request.session.session_key
attempt.ip_address=ip
attempt.get_data=[]
attempt.post_data=[]
attempt.http_accept=request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info=request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start=0
attempt.save()
# call the logout function
response = func(request, *args, **kwargs)
return response
def decorated_logout(request, *args, **kwargs):
# share some useful information
if func.__name__ != 'decorated_logout' and VERBOSE:
log.info('AXES: Calling decorated logout function: %s',
func.__name__)
if args: log.info('args: %s', args)
if kwargs: log.info('kwargs: %s', kwargs)
log.info("Function: %s", func.__name__)
log.info("Logged logout for user %s", request.user.username)
user = request.user
#it's a successful login.
ip = request.META.get('REMOTE_ADDR', '')
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.doc_type = AccessAudit.__name__
attempt.access_type = models.ACCESS_LOGOUT
attempt.user_agent = ua
attempt.user = user.username
attempt.session_key = request.session.session_key
attempt.ip_address = ip
attempt.get_data = [] #[query2str(request.GET.items())]
attempt.post_data = []
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = 0
attempt.save()
# call the logout function
response = func(request, *args, **kwargs)
if func.__name__ == 'decorated_logout':
# if we're dealing with this function itself, don't bother checking
# for invalid login attempts. I suppose there's a bunch of
# recursion going on here that used to cause one failed login
# attempt to generate 10+ failed access attempt records (with 3
# failed attempts each supposedly)
return response
return response
def decorated_logout (request, *args, **kwargs):
# share some useful information
if func.__name__ != 'decorated_logout' and VERBOSE:
log.info('AXES: Calling decorated logout function: %s', func.__name__)
if args: log.info('args: %s', args)
if kwargs: log.info('kwargs: %s', kwargs)
log.info("Function: %s", func.__name__)
log.info("Logged logout for user %s", request.user.username)
user = request.user
#it's a successful login.
ip = request.META.get('REMOTE_ADDR', '')
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.doc_type=AccessAudit.__name__
attempt.access_type = models.ACCESS_LOGOUT
attempt.user_agent=ua
attempt.user = user.username
attempt.session_key = request.session.session_key
attempt.ip_address=ip
attempt.get_data=[] #[query2str(request.GET.items())]
attempt.post_data=[]
attempt.http_accept=request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info=request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start=0
attempt.save()
# call the logout function
response = func(request, *args, **kwargs)
if func.__name__ == 'decorated_logout':
# if we're dealing with this function itself, don't bother checking
# for invalid login attempts. I suppose there's a bunch of
# recursion going on here that used to cause one failed login
# attempt to generate 10+ failed access attempt records (with 3
# failed attempts each supposedly)
return response
return response
def log_request(request, login_unsuccessful):
failures = 0
attempt = get_user_attempt(request)
if attempt:
failures = attempt.failures_since_start
# no matter what, we want to lock them out
# if they're past the number of attempts allowed
if failures > FAILURE_LIMIT and LOCK_OUT_AT_FAILURE:
# We log them out in case they actually managed to enter
# the correct password.
logout(request)
log.warning('AXES: locked out %s after repeated login attempts.', attempt.ip_address)
return False
if login_unsuccessful:
#interpret the auth form to get the user in question
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
attempted_username = form.get_user().username
else:
attempted_username = form.data.get('username')
attempted_password = form.data.get('password')
# add a failed attempt for this user
failures += 1
# Create an AccessAttempt record if the login wasn't successful
# has already attempted, update the info
if attempt:
#attempt.get_data.append(query2str(request.GET.items()))
#attempt.post_data.append(query2str(request.POST.items()))
attempt.access_type = models.ACCESS_FAILED
attempt.user = attempted_username
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = failures
attempt.event_date = datetime.utcnow() #why do we do this?
attempt.save()
log.info('AXES: Repeated login failure by %s. Updating access '
'record. Count = %s', attempt.ip_address, failures)
else:
ip = request.META.get('REMOTE_ADDR', '')
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.event_date = datetime.utcnow()
attempt.doc_type=AccessAudit.__name__
attempt.access_type = models.ACCESS_FAILED
attempt.user_agent=ua
attempt.user = attempted_username
attempt.ip_address=ip
#attempt.get_data = [query2str(request.GET.items())]
#attempt.post_data= [query2str(request.POST.items())]
attempt.http_accept=request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info=request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start=failures
attempt.save()
log.info('AXES: New login failure by %s. Creating access record.', ip)
else:
#it's a successful login.
#if we're django 1.3, this will have already been logged.
if django.get_version() < '1.3':
AccessAudit.audit_login(request, request.user)
return True
def log_request(request, login_unsuccessful):
failures = 0
attempt = get_user_attempt(request)
if attempt:
failures = attempt.failures_since_start
# no matter what, we want to lock them out
# if they're past the number of attempts allowed
if failures > FAILURE_LIMIT and LOCK_OUT_AT_FAILURE:
# We log them out in case they actually managed to enter
# the correct password.
logout(request)
log.warning('AXES: locked out %s after repeated login attempts.',
attempt.ip_address)
return False
if login_unsuccessful:
#interpret the auth form to get the user in question
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
attempted_username = form.get_user().username
else:
attempted_username = form.data.get('username')
attempted_password = form.data.get('password')
# add a failed attempt for this user
failures += 1
# Create an AccessAttempt record if the login wasn't successful
# has already attempted, update the info
if attempt:
#attempt.get_data.append(query2str(request.GET.items()))
#attempt.post_data.append(query2str(request.POST.items()))
attempt.access_type = models.ACCESS_FAILED
attempt.user = attempted_username
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = failures
attempt.event_date = datetime.utcnow() #why do we do this?
attempt.save()
log.info(
'AXES: Repeated login failure by %s. Updating access '
'record. Count = %s', attempt.ip_address, failures)
else:
ip = request.META.get('REMOTE_ADDR', '')
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempt = AccessAudit()
attempt.event_date = datetime.utcnow()
attempt.doc_type = AccessAudit.__name__
attempt.access_type = models.ACCESS_FAILED
attempt.user_agent = ua
attempt.user = attempted_username
attempt.ip_address = ip
#attempt.get_data = [query2str(request.GET.items())]
#attempt.post_data= [query2str(request.POST.items())]
attempt.http_accept = request.META.get('HTTP_ACCEPT', '<unknown>')
attempt.path_info = request.META.get('PATH_INFO', '<unknown>')
attempt.failures_since_start = failures
attempt.save()
log.info('AXES: New login failure by %s. Creating access record.',
ip)
return True
