-
Notifications
You must be signed in to change notification settings - Fork 3
/
README
26 lines (21 loc) · 1.18 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
NOTE: This repo is ancient and written for Django 1.3 so odds are it is
not useful to anyone at this point.
A project that uses overrides the Django authentication function to track
failed login attempts on a per-user basis. Code is based on BruteBuster
(http://code.google.com/p/django-brutebuster/) but is simplified because of
the dropped requirement of tracking IP addresses. Django-Axes is another
source of inspiration (http://code.google.com/p/django-axes/).
Installation
1. Add failedloginblocker to your INSTALLED_APPS list in settings.py
2. Add failedloginblocker.middleware.FailedLoginBlockerMiddleware to
MIDDLEWARE_CLASSES in settings.py
3. Run 'python manage.py syncdb'
4. Restart your web server, if necessary.
Settings (set in settings.py if you want to override the defaults)
FLB_MAX_FAILURES - Number of failures to allow before blocking logins.
Default is set to 5.
FLB_BLOCK_INTERVAL - The interval from the last failed attempt to determine
whether the current login attempt is to count as a failure.
By default, decorators.py clears the failed logins if this interval
has expired.
Default is set to 1440 minutes (or 1 day).