def testRepeatedFailedLogin(self):
from auditcare.decorators import login
login.FAILURE_LIMIT = 3
login.LOCK_OUT_AT_FAILURE=True
login.COOLOFF_TIME = timedelta(seconds=4)
start_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
firstlogin_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEquals(start_count+1, firstlogin_count)
first_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(first_audit.access_type, models.ACCESS_FAILED)
self.assertEquals(first_audit.failures_since_start, 1)
start_failures = first_audit.failures_since_start
for n in range(1, 3):
#we are logging in within the cooloff period, so let's check to see if it doesn't increment.
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
next_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEquals(firstlogin_count, next_count)
next_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(next_audit.access_type, models.ACCESS_FAILED)
self.assertEquals(next_audit.failures_since_start, n+start_failures)
time.sleep(1)
time.sleep(3)
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
cooled_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(cooled_audit.failures_since_start, 1)
def testRepeatedFailedLogin(self):
from auditcare.decorators import login
login.FAILURE_LIMIT = 3
login.LOCK_OUT_AT_FAILURE=True
login.COOLOFF_TIME = timedelta(seconds=4)
start_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
firstlogin_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEquals(start_count+1, firstlogin_count)
first_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(first_audit.access_type, models.ACCESS_FAILED)
self.assertEquals(first_audit.failures_since_start, 1)
start_failures = first_audit.failures_since_start
for n in range(1,3):
#we are logging in within the cooloff period, so let's check to see if it doesn't increment.
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
next_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEquals(firstlogin_count, next_count)
next_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(next_audit.access_type, models.ACCESS_FAILED)
self.assertEquals(next_audit.failures_since_start, n+start_failures)
time.sleep(1)
time.sleep(3)
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
cooled_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(cooled_audit.failures_since_start,1)
def testLogin(self):
#login
start_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
login_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEqual(start_count+1, login_count)
latest_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(latest_audit.access_type, models.ACCESS_LOGIN)
def testLogin(self):
#login
start_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
login_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEqual(start_count+1, login_count)
latest_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(latest_audit.access_type, models.ACCESS_LOGIN)
def testSingleFailedLogin(self):
start_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
login_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEquals(start_count+1, login_count)
#got the basic count, now let's inspect this value to see what kind of result it is.
latest_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(latest_audit.access_type, models.ACCESS_FAILED)
self.assertEquals(latest_audit.failures_since_start, 1)
def testSingleFailedLogin(self):
start_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
response = self.client.post(reverse('auth_login'), {'username': '******', 'password': '******'})
login_count = AccessAudit.view('auditcare/login_events', key=['user', '*****@*****.**']).count()
self.assertEquals(start_count+1, login_count)
#got the basic count, now let's inspect this value to see what kind of result it is.
latest_audit = get_latest_access(['user', '*****@*****.**'])
self.assertEquals(latest_audit.access_type, models.ACCESS_FAILED)
self.assertEquals(latest_audit.failures_since_start, 1)
def get_user_attempt(request):
"""
Returns access attempt record if it exists.
Otherwise return None.
"""
ip = request.META.get('REMOTE_ADDR', '')
if USE_USER_AGENT:
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempts = AccessAudit.view('auditcare/login_events',
key=['ip_ua', ip, ua],
include_docs=True,
limit=25).all()
#attempts = AccessAttempt.objects.filter( user_agent=ua, ip_address=ip )
else:
attempts = AccessAudit.view('auditcare/login_events',
key=['ip', ip],
include_docs=True,
limit=25).all()
#attempts = AccessAttempt.objects.filter( ip_address=ip )
attempts = sorted(attempts, key=lambda x: x.event_date, reverse=True)
if not attempts:
log.info("No attempts for given access, creating new attempt")
return None
#walk the attempts
attempt = None
for at in attempts:
if at.access_type == models.ACCESS_FAILED:
attempt = at
break
elif at.access_type == models.ACCESS_LOGIN:
attempt = None
break
elif at.access_type == models.ACCESS_LOGOUT:
attempt = None
break
if COOLOFF_TIME and attempt and datetime.utcnow(
) - attempt.event_date < COOLOFF_TIME:
log.info(
"Last login failure is still within the cooloff time, incrementing last access attempt."
)
else:
log.info(
"Last login failure is outside the cooloff time, creating new access attempt."
)
return None
return attempt
def auditor(request, template="ewsghana/auditor.html"):
auditEvents = AccessAudit.view("auditcare/by_date_access_events", descending=True, include_docs=True).all()
realEvents = []
for a in auditEvents:
designation = organization = facility = location = first_name = last_name = ''
try:
user = User.objects.get(username=a.user)
except User.DoesNotExist:
# OK - anonymous user
pass
else:
first_name = user.first_name
last_name = user.last_name
try:
profile = user.get_profile()
except LogisticsProfile.DoesNotExist:
profile = None
else:
designation = profile.designation if profile.designation else ''
organization = profile.organization if profile.organization else ''
facility = profile.supply_point if profile.supply_point else ''
location = profile.location if profile.location else ''
realEvents.append({'user': a.user,
'date': a.event_date,
'class': a.doc_type,
'access_type': a.access_type,
'first_name': first_name,
'last_name': last_name,
'designation': designation,
'organization': organization,
'facility': facility,
'location': location })
return render_to_response(template,
{"audit_table": AuditLogTable(realEvents, request=request)},
context_instance=RequestContext(request))
def get_latest_access(key):
access_events = AccessAudit.view('auditcare/login_events',
key=key,
include_docs=True).all()
access_events = sorted(access_events,
key=lambda x: x.event_date,
reverse=True)
return access_events[0]
def export_all(request):
auditEvents = AccessAudit.view("auditcare/by_date_access_events", descending=True, include_docs=True).all()
response = HttpResponse()
response['Content-Disposition'] = 'attachment; filename="AuditAll.xls"'
writer = csv.UnicodeWriter(response)
writer.writerow(['User', 'Access Type', 'Date'])
for a in auditEvents:
writer.writerow([a.user, a.access_type, a.event_date])
return response
def export_all(request):
auditEvents = AccessAudit.view("auditcare/by_date_access_events", descending=True, include_docs=True).all()
response = HttpResponse()
response['Content-Disposition'] = 'attachment; filename="AuditAll.xls"'
writer = csv.UnicodeWriter(response)
writer.writerow(['User', 'Access Type', 'Date'])
for a in auditEvents:
writer.writerow([a.user, a.access_type, a.event_date])
return response
def auditAll(request, template="auditcare/index.html"):
auditEvents = AccessAudit.view("auditcare/by_date_access_events", descending=True, include_docs=True).all()
realEvents = [{'user': a.user,
'date': a.event_date,
'class': a.doc_type,
'access_type': a.access_type } for a in auditEvents]
return render_to_response(template,
{"audit_table": AuditLogTable(realEvents, request=request)},
context_instance=RequestContext(request))
def get_user_attempt(request):
"""
Returns access attempt record if it exists.
Otherwise return None.
"""
ip = request.META.get('REMOTE_ADDR', '')
if USE_USER_AGENT:
ua = request.META.get('HTTP_USER_AGENT', '<unknown>')
attempts = AccessAudit.view('auditcare/login_events', key=['ip_ua',ip, ua], include_docs=True, limit=25).all()
#attempts = AccessAttempt.objects.filter( user_agent=ua, ip_address=ip )
else:
attempts = AccessAudit.view('auditcare/login_events',key=['ip', ip], include_docs=True, limit=25).all()
#attempts = AccessAttempt.objects.filter( ip_address=ip )
attempts = sorted(attempts, key=lambda x: x.event_date, reverse=True)
if not attempts:
log.info("No attempts for given access, creating new attempt")
return None
#walk the attempts
attempt = None
for at in attempts:
if at.access_type == models.ACCESS_FAILED:
attempt = at
break
elif at.access_type == models.ACCESS_LOGIN:
attempt = None
break
elif at.access_type == models.ACCESS_LOGOUT:
attempt = None
break
if COOLOFF_TIME and attempt and datetime.utcnow() - attempt.event_date < COOLOFF_TIME:
log.info("Last login failure is still within the cooloff time, incrementing last access attempt.")
else:
log.info("Last login failure is outside the cooloff time, creating new access attempt.")
return None
return attempt
def auditor(request, template="ewsghana/auditor.html"):
auditEvents = AccessAudit.view("auditcare/by_date_access_events",
descending=True,
include_docs=True).all()
realEvents = []
for a in auditEvents:
designation = organization = facility = location = first_name = last_name = ''
try:
user = User.objects.get(username=a.user)
except User.DoesNotExist:
# OK - anonymous user
pass
else:
first_name = user.first_name
last_name = user.last_name
try:
profile = user.get_profile()
except LogisticsProfile.DoesNotExist:
profile = None
else:
designation = profile.designation if profile.designation else ''
organization = profile.organization if profile.organization else ''
facility = profile.supply_point if profile.supply_point else ''
location = profile.location if profile.location else ''
realEvents.append({
'user': a.user,
'date': a.event_date,
'class': a.doc_type,
'access_type': a.access_type,
'first_name': first_name,
'last_name': last_name,
'designation': designation,
'organization': organization,
'facility': facility,
'location': location
})
return render_to_response(
template, {"audit_table": AuditLogTable(realEvents, request=request)},
context_instance=RequestContext(request))
def get_latest_access(key):
access_events = AccessAudit.view('auditcare/login_events', key=key, include_docs=True).all()
access_events = sorted(access_events, key=lambda x: x.event_date, reverse=True)
return access_events[0]