예제 #1
0
    def initialize(cls):
        """
        Initialize Axes logging and show version information.

        This method is re-entrant and can be called multiple times.
        It displays version information exactly once at application startup.
        """

        if cls.logging_initialized:
            return
        cls.logging_initialized = True

        if not settings.AXES_ENABLED:
            return

        if not settings.AXES_VERBOSE:
            return

        log.info('AXES: BEGIN LOG')
        log.info('AXES: Using django-axes %s', get_version())

        if settings.AXES_ONLY_USER_FAILURES:
            log.info('AXES: blocking by username only.')
        elif settings.AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP:
            log.info('AXES: blocking by combination of username and IP.')
        else:
            log.info('AXES: blocking by IP only.')
예제 #2
0
def is_axes_old():
    """Return true if using django-axes version strictly less than 5.0.0.

    XXX: Remove this method and allow code that uses it after django-axes >=
    5.0.0 becomes available in Debian stable.

    """
    import axes
    return LooseVersion(axes.get_version()) < LooseVersion('5.0')
예제 #3
0
def is_axes_old():
    """Return true if using django-axes version strictly less than 5.0.0.

    XXX: Remove this method and allow code that uses it after django-axes >=
    5.0.0 becomes available in Debian stable.

    """
    import axes
    try:
        version = axes.get_version()
    except AttributeError:
        # axes.get_version() was removed in 5.0.13
        return False

    return LooseVersion(version) < LooseVersion('5.0')
예제 #4
0
VERBOSE = getattr(settings, 'AXES_VERBOSE', True)

# whitelist and blacklist
# todo: convert the strings to IPv4 on startup to avoid type conversion during processing
ONLY_WHITELIST = getattr(settings, 'AXES_ONLY_ALLOW_WHITELIST', False)
IP_WHITELIST = getattr(settings, 'AXES_IP_WHITELIST', None)
IP_BLACKLIST = getattr(settings, 'AXES_IP_BLACKLIST', None)

ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. "
                              "Note that both fields are case-sensitive.")


log = logging.getLogger(LOGGER)
if VERBOSE:
    log.info('AXES: BEGIN LOG')
    log.info('Using django-axes ' + axes.get_version())


if BEHIND_REVERSE_PROXY:
    log.debug('Axes is configured to be behind reverse proxy...looking for header value %s', REVERSE_PROXY_HEADER)


def is_valid_ip(ip_address):
    """ Check Validity of an IP address """
    valid = True
    try:
        socket.inet_aton(ip_address.strip())
    except:
        valid = False
    return valid
예제 #5
0
        return ip in IP_WHITELIST

    return False


def ip_in_blacklist(ip):
    if IP_BLACKLIST is not None:
        return ip in IP_BLACKLIST

    return False


log = logging.getLogger(LOGGER)
if VERBOSE:
    log.info('AXES: BEGIN LOG')
    log.info('Using django-axes ' + axes.get_version())


def is_user_lockable(request):
    """Check if the user has a profile with nolockout
    If so, then return the value to see if this user is special
    and doesn't get their account locked out
    """
    try:
        field = getattr(User, 'USERNAME_FIELD', 'username')
        kwargs = {field: request.POST.get('username')}
        user = User.objects.get(**kwargs)
    except User.DoesNotExist:
        # not a valid user
        return True
예제 #6
0
#!/usr/bin/env python

from setuptools import setup, find_packages

from axes import get_version

setup(
    name='django-axes',
    version=get_version(),
    description='Keep track of failed login attempts in Django-powered sites.',
    long_description='\n'.join([
        open('README.rst', encoding='utf-8').read(),
        open('CHANGES.rst', encoding='utf-8').read(),
    ]),
    keywords='authentication django pci security',
    author=', '.join([
        'Josh VanderLinden',
        'Philip Neustrom',
        'Michael Blume',
        'Alex Clark',
        'Camilo Nova',
        'Aleksi Hakli',
    ]),
    maintainer='Jazzband',
    maintainer_email='*****@*****.**',
    url='https://github.com/jazzband/django-axes',
    project_urls={
        'Documentation': 'https://django-axes.readthedocs.io/',
        'Source': 'https://github.com/jazzband/django-axes',
        'Tracker': 'https://github.com/jazzband/django-axes/issues',
    },
예제 #7
0
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import codecs
from setuptools import setup, find_packages

from axes import get_version

setup(
    name='django-axes',
    version=get_version(),
    description="Keep track of failed login attempts in Django-powered sites.",
    long_description=(
        codecs.open("README.rst", encoding='utf-8').read() + '\n' +
        codecs.open("CHANGES.txt", encoding='utf-8').read()),
    keywords='authentication django pci security'.split(),
    author='Josh VanderLinden, Philip Neustrom, Michael Blume, Camilo Nova',
    author_email='*****@*****.**',
    maintainer='Alex Clark',
    maintainer_email='*****@*****.**',
    url='https://github.com/django-pci/django-axes',
    license='MIT',
    package_dir={'axes': 'axes'},
    include_package_data=True,
    packages=find_packages(),
    classifiers=[
        'Development Status :: 5 - Production/Stable',
        'Environment :: Web Environment',
        'Framework :: Django',
        'Intended Audience :: Developers',
        'Intended Audience :: System Administrators',
        'License :: OSI Approved :: MIT License',
예제 #8
0
#!/usr/bin/env python
# -*- coding: utf-8 -*-

from setuptools import setup, find_packages
import axes

setup(
    name='django-axes',
    version=axes.get_version(),
    description="Keep track of failed login attempts in Django-powered sites.",
    long_description=open('README.rst', 'r').read(),
    keywords='django, security, authentication',
    author='Josh VanderLinden, Philip Neustrom, Michael Blume',
    author_email='*****@*****.**',
    url='http://bitbucket.org/codekoala/django-axes/',
    license='MIT',
    package_dir={'axes': 'axes'},
    include_package_data=True,
    packages=find_packages(),
    classifiers=[
        'Development Status :: 4 - Beta',
        'Environment :: Web Environment',
        'Framework :: Django',
        'Intended Audience :: Developers',
        'Intended Audience :: System Administrators',
        'License :: OSI Approved :: MIT License',
        'Operating System :: OS Independent',
        'Programming Language :: Python',
        'Topic :: Internet :: Log Analysis',
        'Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware',
        'Topic :: Security',
예제 #9
0
# whitelist and blacklist
# todo: convert the strings to IPv4 on startup to avoid type conversion during processing
ONLY_WHITELIST = getattr(settings, "AXES_ONLY_ALLOW_WHITELIST", False)
IP_WHITELIST = getattr(settings, "AXES_IP_WHITELIST", None)
IP_BLACKLIST = getattr(settings, "AXES_IP_BLACKLIST", None)

ERROR_MESSAGE = ugettext_lazy(
    "Please enter a correct username and password. " "Note that both fields are case-sensitive."
)


log = logging.getLogger(LOGGER)
if VERBOSE:
    log.info("AXES: BEGIN LOG")
    log.info("Using django-axes " + axes.get_version())


if BEHIND_REVERSE_PROXY:
    log.debug("Axes is configured to be behind reverse proxy...looking for header value %s", REVERSE_PROXY_HEADER)


def is_valid_ip(ip_address):
    """ Check Validity of an IP address """
    valid = True
    try:
        socket.inet_aton(ip_address.strip())
    except:
        valid = False
    return valid
예제 #10
0
#source_encoding = 'utf-8-sig'

# The master toctree document.
master_doc = 'index'

# General information about the project.
project = 'Django Axes'
copyright = '2016, jazzband'
author = 'jazzband'

# The version info for the project you're documenting, acts as replacement for
# |version| and |release|, also used in various other places throughout the
# built documents.
#
# The short X.Y version.
version = axes.get_version()
# The full version, including alpha/beta/rc tags.
release = axes.get_version()

# The language for content autogenerated by Sphinx. Refer to documentation
# for a list of supported languages.
#
# This is also used if you do content translation via gettext catalogs.
# Usually you set "language" from the command line for these cases.
language = None

# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
#today = ''
# Else, today_fmt is used as the format for a strftime call.
#today_fmt = '%B %d, %Y'
예제 #11
0
 def test_get_version(self):
     self.assertEqual(get_version(), 'test')
예제 #12
0
import logging

from django.http import HttpResponse
from django.http import HttpResponseRedirect
from django.shortcuts import render

from axes import get_version
from axes.conf import settings
from axes.attempts import is_already_locked
from axes.utils import iso8601


log = logging.getLogger(settings.AXES_LOGGER)
if settings.AXES_VERBOSE:
    log.info('AXES: BEGIN LOG')
    log.info('AXES: Using django-axes ' + get_version())
    if settings.AXES_ONLY_USER_FAILURES:
        log.info('AXES: blocking by username only.')
    elif settings.AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP:
        log.info('AXES: blocking by combination of username and IP.')
    else:
        log.info('AXES: blocking by IP only.')


def axes_dispatch(func):
    def inner(request, *args, **kwargs):
        if is_already_locked(request):
            return lockout_response(request)

        return func(request, *args, **kwargs)
예제 #13
0
 def test_get_version(self):
     self.assertEqual(get_version(), 'test')
예제 #14
0
        return ip in gs("IP_WHITELIST")
    else:
        return False


def ip_in_blacklist(ip):
    if gs("IP_BLACKLIST") is not None:
        return ip in gs("IP_BLACKLIST")
    else:
        return False


log = logging.getLogger(gs("LOGGER"))
if gs("VERBOSE"):
    log.debug("AXES: BEGIN LOG")
    log.debug("Using django-axes " + axes.get_version())


def is_user_lockable(request):
    """ Check if the user has a profile with nolockout
    If so, then return the value to see if this user is special
    and doesn't get their account locked out """
    username = request.POST.get("username", None)
    try:
        user = User.objects.get(username=username)
    except User.DoesNotExist:
        # not a valid user
        return True
    try:
        profile = user.get_profile()
    except:
예제 #15
0
#VERBOSE = getattr(settings, 'AXES_VERBOSE', True)

# whitelist and blacklist
# todo: convert the strings to IPv4 on startup to avoid type conversion during processing
ONLY_WHITELIST = getattr(settings, 'AXES_ONLY_ALLOW_WHITELIST', False)
IP_WHITELIST = getattr(settings, 'AXES_IP_WHITELIST', None)
IP_BLACKLIST = getattr(settings, 'AXES_IP_BLACKLIST', None)

ERROR_MESSAGE = ugettext_lazy("Please enter a correct username and password. "
                              "Note that both fields are case-sensitive.")


log = logging.getLogger(LOGGER)

log.debug('AXES: BEGIN LOG')
log.debug('Using django-axes ' + axes.get_version())


if BEHIND_REVERSE_PROXY:
    log.debug('Axes is configured to be behind reverse proxy...looking for header value %s', REVERSE_PROXY_HEADER)


def get_ip_address_from_request(request):
    """ Makes the best attempt to get the client's real IP or return the loopback """
    
    # Would rather rely on middleware to set up a good REMOTE_ADDR than try to get
    # fancy here. Also, just use django's built in ipv4/ipv6 normalization logic
    ip_address = request.META.get('REMOTE_ADDR', 'bad address')
    try:
        validate_ipv4_address(ip_address)
    except: