Cooloff function and minor refactor #1

wants to merge 21 commits into


None yet
2 participants

MichaelBlume commented Sep 15, 2010

Hey, we're using axes in Loggly (so thanks for that =)), and I decided to hack in a way to let lockouts cool off automatically after a set period of time. I also refactored some (ok, most) of the decorator into its own function so that I could use it with Piston. Let me know how you like the changes, and if there's anything I can fix up on them =)

Mike Blume and others added some commits Sep 14, 2010

Mike Blume
add nifty cooloff feature.
Allows user to define an amount of time after which old failed attempts
will be forgotten.
Mike Blume
check for lockout immediately, rather than mucking with the database.
This has the side effect that a locked-out user attempting to log in does
not reset their cooloff time. This is good, since the reverse may feel
overly 'punitive' to the user.
move check_request out to its own function, so folks can import it.
check_request takes a request and a boolean, is_unsuccessful.

It updates the database as needed, then returns True if the response
should continue unchanged, and False if it should be blocked.

it also logs out the request if we're blocking.
allow more flexibility in lockout display
creates settings for either an URL to redirect to, or a template to
Mike Blume
successful login resets failure count
If a user fails to login, then logs in successfully, we wipe the slate.
Mike Blume
add reset command.
from axes.utils import reset

reset() will reset all lockouts and access records.
reset(ip) will clear lockout/records for ip

reset will print a message to std out if there is nothing to reset,
unless called with silent = True

codekoala commented Oct 1, 2010

I've reviewed these changes and merged them into the main repo. Fantastic work! I also made some modifications of my own, so don't forget to merge!

This issue was closed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment