Skip to content
/ django-doberman Public

🐕 Django app that locks out users after too many failed login attempts

License

MIT license
7 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

django-py/django-doberman

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

95 Commits
doberman
doberman
 
 
images
images
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CNAME
CNAME
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
README.rst
README.rst
 
 
setup.py
setup.py
 
 

Repository files navigation

https://raw.githubusercontent.com/nicchub/django-doberman/master/images/DjangoDoberman.png

django-doberman Django app that locks out users after too many failed login attempts.

https://travis-ci.org/django-py/django-doberman.svg?branch=master

Requirements

  • Python => 2.7
  • Django => 1.7

Installation

  1. You can install the latest stable package running this command:

    $ pip install django-doberman

Also you can install the development version running this command:

$ pip install -e git+http://github.com/nicchub/django-doberman.git#egg=django_doberman-dev

  1. Add doberman to INSTALLED_APPS in your Django settings file

    INSTALLED_APPS = (

    ...

    'django.contrib.messages',

    'django.contrib.admin',

    ...

    'doberman',

)

  1. ./manage.py migrate doberman || or sync your database

Development

You can contribute to this project forking it from github and sending pull requests.

Running tests

Tests can be run, after you clone the repository and having django installed, like:

PYTHONPATH=$PYTHONPATH:$PWD django-admin.py test doberman --settings=doberman.tests.test_settings

Configuration

DOBERMAN_MAX_FAILED_ATTEMPTS

Default: 10.

Number of max failed login attempt.

DOBERMAN_LOCKOUT_TIME

Default: 600 (10 minutes).

Number of seconds after the failed login attempts are forgotten in seconds.

DOBERMAN_REAL_IP_ONLY

'Default': True

Set to False if you are working on localhost or a development environment.

DOBERMAN_LOGIN_FORGOTTEN_SECONDS

Default: 300

Timeout forgotten login attempts of user.

DOBERMAN_USERNAME_FORM_FIELD

Default: 'username'

Field username form field, change when you are use a diferent "username", for example: 'email'.

DOBERMAN_LOCKOUT_TEMPLATE
Path to alternative lockout template.
DOBERMAN_MODEL

Default: 'doberman.FailedAccessAttempt'

Allow to use a custom Model for tracking failed Access Attempts.

DOBERMAN_IP_META_PRECEDENCE_ORDER

Default: (

'HTTP_X_FORWARDED_FOR', # X-Forwarded-For: client, proxy1, proxy2

'HTTP_CLIENT_IP',

'HTTP_X_REAL_IP',

'HTTP_X_FORWARDED',

'HTTP_X_CLUSTER_CLIENT_IP',

'HTTP_FORWARDED_FOR',

'HTTP_FORWARDED',

'HTTP_VIA',

'REMOTE_ADDR',

)

This used for discovery the real IP, you can change the precedence order.

Usage

Add doberman.decorators.watch_login decorator to your login view. Example:

class LoginView(FormView):
    template_name = 'example/login.html'
    form_class = AuthenticationForm

    @method_decorator(watch_login)
    def dispatch(self, request, *args, **kwargs):
        if request.user.is_authenticated():
            return redirect(settings.LOGIN_REDIRECT_URL)
        return super(LoginView, self).dispatch(request, *args, **kwargs)

    def form_valid(self, form):
        user = form.get_user()
        login(self.request, user)
        return super(LoginView, self).form_valid(form)

    def get_success_url(self):
        return reverse('logged_in')

Authors

Library is by Hanlle Nicolas Mendoza.

Bitdeli badge

About

🐕 Django app that locks out users after too many failed login attempts

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

7 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

5 tags

Packages

No packages published

Languages