def __call__(self, request): response = self.get_response(request) if getattr(request, 'axes_locked_out', None): response = get_lockout_response(request) # type: ignore return response
def __call__(self, request): response = self.get_response(request) if settings.AXES_ENABLED: if getattr(request, "axes_locked_out", None): response = get_lockout_response(request) # type: ignore return response
def process_exception(self, request: AxesHttpRequest, exception): # pylint: disable=inconsistent-return-statements """ Handle exceptions raised by the Axes signal handler class when requests fail checks. Note that only ``AxesSignalPermissionDenied`` is handled by this middleware class. :return: Configured ``HttpResponse`` for failed authentication attempts and lockouts. """ if isinstance(exception, AxesSignalPermissionDenied): return get_lockout_response(request)
def process_exception(self, request: AxesHttpRequest, exception): # pylint: disable=inconsistent-return-statements """ Handle exceptions raised by the Axes signal handler class when requests fail checks. Note that only ``AxesSignalPermissionDenied`` is handled by this middleware class. :return: Configured ``HttpResponse`` for failed authentication attempts and lockouts. """ if isinstance(exception, AxesSignalPermissionDenied): return get_lockout_response(request)
def process_exception(self, request: AxesHttpRequest, exception): # pylint: disable=inconsistent-return-statements """ Exception handler that processes exceptions raised by the axes signal handler when request fails with login. Refer to axes.signals.log_user_login_failed for the error code. :param request: HTTPRequest that will be locked out. :param exception: Exception raised by Django views or signals. Only AxesSignalPermissionDenied will be handled. :return: HTTPResponse that indicates the lockout or None. """ if isinstance(exception, AxesSignalPermissionDenied): return get_lockout_response(request)
def __call__(self, request): response = self.get_response(request) if "rest_framework" in settings.INSTALLED_APPS: AxesProxyHandler.update_request(request) username = get_client_username(request) credentials = get_credentials(username) failures_since_start = AxesProxyHandler.get_failures( request, credentials) if (settings.AXES_LOCK_OUT_AT_FAILURE and failures_since_start >= get_failure_limit( request, credentials)): request.axes_locked_out = True if getattr(request, "axes_locked_out", None): response = get_lockout_response(request) # type: ignore return response
def test_get_lockout_response_lockout_template(self, render): self.assertFalse(render.called) get_lockout_response(request=self.request) self.assertTrue(render.called)
def test_get_lockout_response_cool_off(self): get_lockout_response(request=self.request)
def test_get_lockout_response_lockout_json(self): self.request.is_ajax = lambda: True response = get_lockout_response(request=self.request) self.assertEqual(type(response), JsonResponse)
def inner(request, *args, **kwargs): if AxesProxyHandler.is_allowed(request): return func(request, *args, **kwargs) return get_lockout_response(request)
def test_get_lockout_response_override_path(self): response = get_lockout_response(self.request, self.credentials) self.assertEqual(400, response.status_code)
def test_get_lockout_response_lockout_template(self, render): self.assertFalse(render.called) get_lockout_response(request=self.request) self.assertTrue(render.called)
def test_get_lockout_response_cool_off(self): get_lockout_response(request=self.request)
def inner(request: AxesHttpRequest, *args, **kwargs): if AxesProxyHandler.is_allowed(request): return func(request, *args, **kwargs) return get_lockout_response(request)
def inner(self, *args, **kwargs): if AxesProxyHandler.is_allowed(self.request): return func(self, *args, **kwargs) return get_lockout_response(self.request)
def test_get_lockout_response_lockout_json(self): self.request.META["HTTP_X_REQUESTED_WITH"] = "XMLHttpRequest" response = get_lockout_response(request=self.request) self.assertEqual(type(response), JsonResponse)
def test_get_lockout_response_lockout_response(self): response = get_lockout_response(request=self.request) self.assertEqual(type(response), HttpResponse)
def test_get_lockout_response_lockout_json(self): self.request.is_ajax = lambda: True response = get_lockout_response(request=self.request) self.assertEqual(type(response), JsonResponse)
def test_get_lockout_response_override_invalid(self): with self.assertRaises(TypeError): get_lockout_response(self.request, self.credentials)
def test_get_lockout_response_lockout_response(self): response = get_lockout_response(request=self.request) self.assertEqual(type(response), HttpResponse)