def initialize(cls):
"""
Initialize Axes logging and show version information.
This method is re-entrant and can be called multiple times.
It displays version information exactly once at application startup.
"""
if cls.logging_initialized:
return
cls.logging_initialized = True
if not settings.AXES_ENABLED:
return
if not settings.AXES_VERBOSE:
return
log.info('AXES: BEGIN LOG')
log.info('AXES: Using django-axes %s', get_version())
if settings.AXES_ONLY_USER_FAILURES:
log.info('AXES: blocking by username only.')
elif settings.AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP:
log.info('AXES: blocking by combination of username and IP.')
else:
log.info('AXES: blocking by IP only.')
def is_axes_old():
"""Return true if using django-axes version strictly less than 5.0.0.
XXX: Remove this method and allow code that uses it after django-axes >=
5.0.0 becomes available in Debian stable.
"""
import axes
return LooseVersion(axes.get_version()) < LooseVersion('5.0')
def is_axes_old():
"""Return true if using django-axes version strictly less than 5.0.0.
XXX: Remove this method and allow code that uses it after django-axes >=
5.0.0 becomes available in Debian stable.
"""
import axes
try:
version = axes.get_version()
except AttributeError:
# axes.get_version() was removed in 5.0.13
return False
return LooseVersion(version) < LooseVersion('5.0')
VERBOSE = getattr(settings, 'AXES_VERBOSE', True)
# whitelist and blacklist
# todo: convert the strings to IPv4 on startup to avoid type conversion during processing
ONLY_WHITELIST = getattr(settings, 'AXES_ONLY_ALLOW_WHITELIST', False)
IP_WHITELIST = getattr(settings, 'AXES_IP_WHITELIST', None)
IP_BLACKLIST = getattr(settings, 'AXES_IP_BLACKLIST', None)
ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. "
"Note that both fields are case-sensitive.")
log = logging.getLogger(LOGGER)
if VERBOSE:
log.info('AXES: BEGIN LOG')
log.info('Using django-axes ' + axes.get_version())
if BEHIND_REVERSE_PROXY:
log.debug('Axes is configured to be behind reverse proxy...looking for header value %s', REVERSE_PROXY_HEADER)
def is_valid_ip(ip_address):
""" Check Validity of an IP address """
valid = True
try:
socket.inet_aton(ip_address.strip())
except:
valid = False
return valid
return ip in IP_WHITELIST
return False
def ip_in_blacklist(ip):
if IP_BLACKLIST is not None:
return ip in IP_BLACKLIST
return False
log = logging.getLogger(LOGGER)
if VERBOSE:
log.info('AXES: BEGIN LOG')
log.info('Using django-axes ' + axes.get_version())
def is_user_lockable(request):
"""Check if the user has a profile with nolockout
If so, then return the value to see if this user is special
and doesn't get their account locked out
"""
try:
field = getattr(User, 'USERNAME_FIELD', 'username')
kwargs = {field: request.POST.get('username')}
user = User.objects.get(**kwargs)
except User.DoesNotExist:
# not a valid user
return True
#!/usr/bin/env python
from setuptools import setup, find_packages
from axes import get_version
setup(
name='django-axes',
version=get_version(),
description='Keep track of failed login attempts in Django-powered sites.',
long_description='\n'.join([
open('README.rst', encoding='utf-8').read(),
open('CHANGES.rst', encoding='utf-8').read(),
]),
keywords='authentication django pci security',
author=', '.join([
'Josh VanderLinden',
'Philip Neustrom',
'Michael Blume',
'Alex Clark',
'Camilo Nova',
'Aleksi Hakli',
]),
maintainer='Jazzband',
maintainer_email='*****@*****.**',
url='https://github.com/jazzband/django-axes',
project_urls={
'Documentation': 'https://django-axes.readthedocs.io/',
'Source': 'https://github.com/jazzband/django-axes',
'Tracker': 'https://github.com/jazzband/django-axes/issues',
},
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import codecs
from setuptools import setup, find_packages
from axes import get_version
setup(
name='django-axes',
version=get_version(),
description="Keep track of failed login attempts in Django-powered sites.",
long_description=(
codecs.open("README.rst", encoding='utf-8').read() + '\n' +
codecs.open("CHANGES.txt", encoding='utf-8').read()),
keywords='authentication django pci security'.split(),
author='Josh VanderLinden, Philip Neustrom, Michael Blume, Camilo Nova',
author_email='*****@*****.**',
maintainer='Alex Clark',
maintainer_email='*****@*****.**',
url='https://github.com/django-pci/django-axes',
license='MIT',
package_dir={'axes': 'axes'},
include_package_data=True,
packages=find_packages(),
classifiers=[
'Development Status :: 5 - Production/Stable',
'Environment :: Web Environment',
'Framework :: Django',
'Intended Audience :: Developers',
'Intended Audience :: System Administrators',
'License :: OSI Approved :: MIT License',
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from setuptools import setup, find_packages
import axes
setup(
name='django-axes',
version=axes.get_version(),
description="Keep track of failed login attempts in Django-powered sites.",
long_description=open('README.rst', 'r').read(),
keywords='django, security, authentication',
author='Josh VanderLinden, Philip Neustrom, Michael Blume',
author_email='*****@*****.**',
url='http://bitbucket.org/codekoala/django-axes/',
license='MIT',
package_dir={'axes': 'axes'},
include_package_data=True,
packages=find_packages(),
classifiers=[
'Development Status :: 4 - Beta',
'Environment :: Web Environment',
'Framework :: Django',
'Intended Audience :: Developers',
'Intended Audience :: System Administrators',
'License :: OSI Approved :: MIT License',
'Operating System :: OS Independent',
'Programming Language :: Python',
'Topic :: Internet :: Log Analysis',
'Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware',
'Topic :: Security',
# whitelist and blacklist
# todo: convert the strings to IPv4 on startup to avoid type conversion during processing
ONLY_WHITELIST = getattr(settings, "AXES_ONLY_ALLOW_WHITELIST", False)
IP_WHITELIST = getattr(settings, "AXES_IP_WHITELIST", None)
IP_BLACKLIST = getattr(settings, "AXES_IP_BLACKLIST", None)
ERROR_MESSAGE = ugettext_lazy(
"Please enter a correct username and password. " "Note that both fields are case-sensitive."
)
log = logging.getLogger(LOGGER)
if VERBOSE:
log.info("AXES: BEGIN LOG")
log.info("Using django-axes " + axes.get_version())
if BEHIND_REVERSE_PROXY:
log.debug("Axes is configured to be behind reverse proxy...looking for header value %s", REVERSE_PROXY_HEADER)
def is_valid_ip(ip_address):
""" Check Validity of an IP address """
valid = True
try:
socket.inet_aton(ip_address.strip())
except:
valid = False
return valid
#source_encoding = 'utf-8-sig' # The master toctree document. master_doc = 'index' # General information about the project. project = 'Django Axes' copyright = '2016, jazzband' author = 'jazzband' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the # built documents. # # The short X.Y version. version = axes.get_version() # The full version, including alpha/beta/rc tags. release = axes.get_version() # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. # # This is also used if you do content translation via gettext catalogs. # Usually you set "language" from the command line for these cases. language = None # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: #today = '' # Else, today_fmt is used as the format for a strftime call. #today_fmt = '%B %d, %Y'
def test_get_version(self):
self.assertEqual(get_version(), 'test')
import logging
from django.http import HttpResponse
from django.http import HttpResponseRedirect
from django.shortcuts import render
from axes import get_version
from axes.conf import settings
from axes.attempts import is_already_locked
from axes.utils import iso8601
log = logging.getLogger(settings.AXES_LOGGER)
if settings.AXES_VERBOSE:
log.info('AXES: BEGIN LOG')
log.info('AXES: Using django-axes ' + get_version())
if settings.AXES_ONLY_USER_FAILURES:
log.info('AXES: blocking by username only.')
elif settings.AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP:
log.info('AXES: blocking by combination of username and IP.')
else:
log.info('AXES: blocking by IP only.')
def axes_dispatch(func):
def inner(request, *args, **kwargs):
if is_already_locked(request):
return lockout_response(request)
return func(request, *args, **kwargs)
def test_get_version(self):
self.assertEqual(get_version(), 'test')
return ip in gs("IP_WHITELIST")
else:
return False
def ip_in_blacklist(ip):
if gs("IP_BLACKLIST") is not None:
return ip in gs("IP_BLACKLIST")
else:
return False
log = logging.getLogger(gs("LOGGER"))
if gs("VERBOSE"):
log.debug("AXES: BEGIN LOG")
log.debug("Using django-axes " + axes.get_version())
def is_user_lockable(request):
""" Check if the user has a profile with nolockout
If so, then return the value to see if this user is special
and doesn't get their account locked out """
username = request.POST.get("username", None)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
# not a valid user
return True
try:
profile = user.get_profile()
except:
#VERBOSE = getattr(settings, 'AXES_VERBOSE', True)
# whitelist and blacklist
# todo: convert the strings to IPv4 on startup to avoid type conversion during processing
ONLY_WHITELIST = getattr(settings, 'AXES_ONLY_ALLOW_WHITELIST', False)
IP_WHITELIST = getattr(settings, 'AXES_IP_WHITELIST', None)
IP_BLACKLIST = getattr(settings, 'AXES_IP_BLACKLIST', None)
ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. "
"Note that both fields are case-sensitive.")
log = logging.getLogger(LOGGER)
log.debug('AXES: BEGIN LOG')
log.debug('Using django-axes ' + axes.get_version())
if BEHIND_REVERSE_PROXY:
log.debug('Axes is configured to be behind reverse proxy...looking for header value %s', REVERSE_PROXY_HEADER)
def get_ip_address_from_request(request):
""" Makes the best attempt to get the client's real IP or return the loopback """
# Would rather rely on middleware to set up a good REMOTE_ADDR than try to get
# fancy here. Also, just use django's built in ipv4/ipv6 normalization logic
ip_address = request.META.get('REMOTE_ADDR', 'bad address')
try:
validate_ipv4_address(ip_address)
except:
