Permalink
Commits on May 23, 2017
  1. Merge pull request #232 from HuntedCodes/pr-decorator-typo

    Typo fixup.
    camilonova committed on GitHub May 23, 2017
Commits on May 17, 2017
  1. Fixed extra typo.

    Jack Sullivan committed May 17, 2017
Commits on May 16, 2017
  1. Merge pull request #229 from HuntedCodes/logging-conf

    Logging respects configuration settings
    camilonova committed on GitHub May 16, 2017
Commits on May 13, 2017
  1. Boosting code coverage

    Jack Sullivan committed May 13, 2017
  2. Merge branch 'master' into logging-conf

    Conflicts:
    	axes/tests.py
    Jack Sullivan committed May 13, 2017
Commits on May 9, 2017
  1. Added pytz as a requirement. Fixes #230

    camilonova committed on GitHub May 9, 2017
  2. Merge pull request #228 from HuntedCodes/block-configs

    Fixes #222, and robust testing for lockout conditions
    camilonova committed on GitHub May 9, 2017
  3. Merge pull request #225 from aleksihakli/xff

    Fixed #224 -- Add AXES_NUM_PROXIES setting
    camilonova committed on GitHub May 9, 2017
Commits on Apr 26, 2017
  1. Handles successful AJAX logins.

    Jack Sullivan committed Apr 26, 2017
  2. In tests, only set cooldown if testing it

    The results for the cache unit tests were inconsistent, sometimes
    blocking and other time allowing. The source of the non-determinism
    was the COOLDOWN_TIME set to 2 seconds in the test. If a test took
    slightly longer than the cooldown time, it would fail. Testing times
    on Travis CI vary with each build, and would produce unreliable
    results.
    
    Now all tests have no cooldown period, except when the cooldown
    itself is being tested. This ensures accurate and predicable test
    results.
    Jack Sullivan committed Apr 26, 2017
  3. Fixed path_info formatting.

    Jack Sullivan committed Apr 26, 2017
  4. Fixed UTF-8 encoding bug.

    Jack Sullivan committed Apr 26, 2017
Commits on Apr 25, 2017
  1. Boosting code coverage.

    Jack Sullivan committed Apr 25, 2017
  2. Added user agent and verbose logging.

    Jack Sullivan committed Apr 25, 2017
  3. Log successful auth if configured

    When AXES_DISABLE_SUCCESS_ACCESS_LOG=False, write a log that
    successful authentication has happened, along with client info.
    Jack Sullivan committed Apr 25, 2017
  4. Factored out logging into functions

    Jack Sullivan committed Apr 25, 2017
  5. Log messages based on config settings

    Jack Sullivan committed Apr 25, 2017
Commits on Apr 23, 2017
  1. Fixed #222, cache blocks by user only and ip+user

    Cache hash keys now include usernames. The axes settings
    AXES_ONLY_USER_FAILURES and LOCK_OUT_BY_COMBINATION_USER_AND_IP
    are checked to decide which request attributes to include in
    generated cache hash keys.
    Jack Sullivan committed Apr 23, 2017
  2. Test blocking configs, using the cache.

    Added 12 tests that verify lockouts for default, AXES_ONLY_USER_FAILURES,
    and LOCK_OUT_BY_COMBINATION_USER_AND_IP settings, under four conditions
    each: same/different user, and same/different IP address. These tests
    verify the cache functionality.
    Jack Sullivan committed Apr 23, 2017
  3. ONLY_USER works when cache is disabled

    The _get_user_attempts function now checks for AXES_ONLY_USER_FAILURES,
    and only includes the IP when AXES_ONLY_USER_FAILURES = False.
    Jack Sullivan committed Apr 23, 2017
  4. Test blocking configs, without the cache enabled.

    Added 12 tests that verify lockouts for default, AXES_ONLY_USER_FAILURES,
    and LOCK_OUT_BY_COMBINATION_USER_AND_IP settings, under four conditions
    each: same/different user, and same/different IP address.
    
    Truth Table:
    
      ¦ ¦ ¦ ¦ ¦ ¦ ¦User       IP           Action
      ¦ ¦ ¦ ¦ ¦ ¦|--------------------------------
    IP Only      | Same       Same         Block
    (Default)    | Same       Different    Allow
      ¦ ¦ ¦ ¦ ¦ ¦| Different  Same         Block
      ¦ ¦ ¦ ¦ ¦ ¦| Different  Different    Allow
      ¦ ¦ ¦ ¦ ¦ ¦|--------------------------------
    User Only    | Same       Same         Block
      ¦ ¦ ¦ ¦ ¦ ¦| Same       Different    Block
      ¦ ¦ ¦ ¦ ¦ ¦| Different  Same         Allow
      ¦ ¦ ¦ ¦ ¦ ¦| Different  Different    Allow
      ¦ ¦ ¦ ¦ ¦ ¦|--------------------------------
    User and IP  | Same       Same         Block
      ¦ ¦ ¦ ¦ ¦ ¦| Same       Different    Allow
      ¦ ¦ ¦ ¦ ¦ ¦| Different  Same         Allow
      ¦ ¦ ¦ ¦ ¦ ¦| Different  Different    Allow
    Jack Sullivan committed Apr 23, 2017
  5. Using @patch instead of @override_settings

    Axes configuration values are pulled from axes.settings, into axes.decorators.
    Using @override_settings wasn't setting AXES_ONLY_USER_FAILURES. Patching
    the decorator in the test set the value correctly.
    Jack Sullivan committed Apr 23, 2017
Commits on Apr 10, 2017
  1. Add tests for proxy number parametrization

    aleksihakli committed with aleksihakli Apr 6, 2017
  2. Fixed #224 -- Add AXES_NUM_PROXIES setting

    This enables secure calculation of client IP value
    by allowing the end users to set the number of
    proxies they have in their current setups
    aleksihakli committed with aleksihakli Apr 6, 2017
Commits on Apr 7, 2017
  1. Merge pull request #226 from aleksihakli/logging

    Improve Logging
    camilonova committed on GitHub Apr 7, 2017
Commits on Apr 6, 2017
  1. Add AXES: prefix to all log values for consistency

    aleksihakli committed Apr 6, 2017
  2. Fixed #221 -- Add AXES_NUM_PROXIES setting

    This enables secure calculation of client IP value
    by allowing the end users to set the number of
    proxies they have in their current setups
    aleksihakli committed Apr 6, 2017
Commits on Jan 13, 2017
  1. Merge pull request #216 from Maplecroft/master

    Log failed access attempts regardless of settings
    camilonova committed on GitHub Jan 13, 2017
Commits on Jan 12, 2017
  1. Log failed access attempts regardless of settings

    Fixes #212
    jimr committed Jan 12, 2017
Commits on Dec 16, 2016
  1. Merge pull request #214 from wearespindle/master

    Updated configuration docs to include AXES_IP_WHITELIST
    camilonova committed on GitHub Dec 16, 2016
  2. Updated configuration docs to include AXES_IP_WHITELIST

    Minkey27 committed Dec 16, 2016
Commits on Dec 8, 2016
  1. Merge pull request #197 from jorlugaqui/cache-attemps

    WP: Cache failures in cache
    camilonova committed on GitHub Dec 8, 2016
Commits on Dec 7, 2016
  1. Add test for get_cache_key function

    jorlugaqui committed Dec 7, 2016
  2. Delete cache key in reset command line

    jorlugaqui committed Dec 7, 2016
  3. Add signals for setting/deleting cache keys

    jorlugaqui committed Dec 7, 2016