Add basic log in brute force protection

This commit is contained in:
Christopher C. Wells 2021-06-21 20:41:23 -07:00
parent a2da7e32f9
commit 27ea845bbb
3 changed files with 40 additions and 20 deletions

27
Pipfile
View File

@ -3,23 +3,24 @@ verify_ssl = true
url = "https://pypi.python.org/simple" url = "https://pypi.python.org/simple"
[packages] [packages]
django = "*"
djangorestframework = "*"
django-filter = "*"
django-widget-tweaks = "*"
plotly = "*"
faker = "*"
dj-database-url = "*"
gunicorn = "*"
whitenoise = "*"
psycopg2-binary = "*"
easy-thumbnails = "*"
python-dotenv = "*"
django-storages = "*"
boto3 = "*" boto3 = "*"
dj-database-url = "*"
django = "*"
django-axes = "*"
django-filter = "*"
django-import-export = "*" django-import-export = "*"
django-storages = "*"
django-widget-tweaks = "*"
djangorestframework = "*"
easy-thumbnails = "*"
faker = "*"
gunicorn = "*"
plotly = "*"
psycopg2-binary = "*"
python-dotenv = "*"
pyyaml = "*" pyyaml = "*"
uritemplate = "*" uritemplate = "*"
whitenoise = "*"
[dev-packages] [dev-packages]
coveralls = "*" coveralls = "*"

View File

@ -35,6 +35,7 @@ INSTALLED_APPS = [
'dashboard', 'dashboard',
'reports', 'reports',
'axes',
'django_filters', 'django_filters',
'rest_framework', 'rest_framework',
'rest_framework.authtoken', 'rest_framework.authtoken',
@ -67,6 +68,7 @@ MIDDLEWARE = [
'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware', 'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware',
'axes.middleware.AxesMiddleware',
] ]
@ -127,6 +129,11 @@ WSGI_APPLICATION = 'babybuddy.wsgi.application'
# Authentication # Authentication
# https://docs.djangoproject.com/en/3.0/topics/auth/default/ # https://docs.djangoproject.com/en/3.0/topics/auth/default/
AUTHENTICATION_BACKENDS = [
'axes.backends.AxesBackend',
'django.contrib.auth.backends.ModelBackend',
]
LOGIN_REDIRECT_URL = '/' LOGIN_REDIRECT_URL = '/'
LOGIN_URL = '/login/' LOGIN_URL = '/login/'
@ -244,9 +251,18 @@ REST_FRAMEWORK = {
# See https://django-import-export.readthedocs.io/ # See https://django-import-export.readthedocs.io/
IMPORT_EXPORT_IMPORT_PERMISSION_CODE = 'add' IMPORT_EXPORT_IMPORT_PERMISSION_CODE = 'add'
IMPORT_EXPORT_EXPORT_PERMISSION_CODE = 'change' IMPORT_EXPORT_EXPORT_PERMISSION_CODE = 'change'
IMPORT_EXPORT_USE_TRANSACTIONS = True IMPORT_EXPORT_USE_TRANSACTIONS = True
# Axes configuration
# See https://django-axes.readthedocs.io/en/latest/4_configuration.html
AXES_COOLOFF_TIME = 1
AXES_FAILURE_LIMIT = 5
# Session configuration # Session configuration
# Used by RollingSessionMiddleware to determine how often to reset the session. # Used by RollingSessionMiddleware to determine how often to reset the session.
# See https://docs.djangoproject.com/en/3.0/topics/http/sessions/ # See https://docs.djangoproject.com/en/3.0/topics/http/sessions/
@ -255,6 +271,7 @@ ROLLING_SESSION_REFRESH = 86400
# Set default auto field for models. # Set default auto field for models.
# See https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto-created-primary-keys # See https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto-created-primary-keys
DEFAULT_AUTO_FIELD = 'django.db.models.AutoField' DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
# Baby Buddy configuration # Baby Buddy configuration

View File

@ -1,36 +1,38 @@
-i https://pypi.python.org/simple -i https://pypi.python.org/simple
asgiref==3.3.4; python_version >= '3.6' asgiref==3.3.4; python_version >= '3.6'
boto3==1.17.89 boto3==1.17.98
botocore==1.20.89; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5' botocore==1.20.98; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
defusedxml==0.7.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' defusedxml==0.7.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
diff-match-patch==20200713; python_version >= '2.7' diff-match-patch==20200713; python_version >= '2.7'
dj-database-url==0.5.0 dj-database-url==0.5.0
django-axes==5.19.0
django-filter==2.4.0 django-filter==2.4.0
django-import-export==2.5.0 django-import-export==2.5.0
django-ipware==3.0.2
django-storages==1.11.1 django-storages==1.11.1
django-widget-tweaks==1.4.8 django-widget-tweaks==1.4.8
django==3.2.4 django==3.2.4
djangorestframework==3.12.4 djangorestframework==3.12.4
easy-thumbnails==2.7.1 easy-thumbnails==2.7.1
et-xmlfile==1.1.0; python_version >= '3.6' et-xmlfile==1.1.0; python_version >= '3.6'
faker==8.6.0 faker==8.8.1
gunicorn==20.1.0 gunicorn==20.1.0
jmespath==0.10.0; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3' jmespath==0.10.0; python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'
markuppy==1.14 markuppy==1.14
odfpy==1.4.1 odfpy==1.4.1
openpyxl==3.0.7 openpyxl==3.0.7
pillow==8.2.0; python_version >= '3.6' pillow==8.2.0; python_version >= '3.6'
plotly==4.14.3 plotly==5.0.0
psycopg2-binary==2.8.6 psycopg2-binary==2.9.1
python-dateutil==2.8.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' python-dateutil==2.8.1; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
python-dotenv==0.17.1 python-dotenv==0.18.0
pytz==2021.1 pytz==2021.1
pyyaml==5.4.1 pyyaml==5.4.1
retrying==1.3.3
s3transfer==0.4.2 s3transfer==0.4.2
six==1.16.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3' six==1.16.0; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
sqlparse==0.4.1; python_version >= '3.5' sqlparse==0.4.1; python_version >= '3.5'
tablib[html,ods,xls,xlsx,yaml]==3.0.0; python_version >= '3.6' tablib[html,ods,xls,xlsx,yaml]==3.0.0; python_version >= '3.6'
tenacity==7.0.0
text-unidecode==1.3 text-unidecode==1.3
uritemplate==3.0.1 uritemplate==3.0.1
urllib3==1.26.5; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4' urllib3==1.26.5; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'