Skip to content

Commit

Permalink
Merge pull request #244 from whitesmith/add-django-defender
Browse files Browse the repository at this point in the history
Add django-axes
  • Loading branch information
dethos authored Aug 4, 2017
2 parents b412906 + f77e32b commit a106d75
Show file tree
Hide file tree
Showing 7 changed files with 49 additions and 31 deletions.
8 changes: 8 additions & 0 deletions hawkpost/settings/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
'allauth.socialaccount',
'allauth.socialaccount.providers.github',
'timezone_field',
'axes',
'humans',
'boxes',
'pages',
Expand Down Expand Up @@ -177,6 +178,13 @@
}
}

# Authentication Limits Config (AXES)
AXES_LOGIN_FAILURE_LIMIT = 5
AXES_COOLOFF_TIME = 1 # hour
AXES_USERNAME_FORM_FIELD = 'login'
AXES_DISABLE_SUCCESS_ACCESS_LOG = True


# GPG keyring for server-signing messages
GPG_SIGN_DIR = os.environ.get("SIGN_DIR")
GPG_SIGN_KEY = os.environ.get("SIGN_KEY")
Expand Down
4 changes: 4 additions & 0 deletions hawkpost/settings/production.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,3 +60,7 @@
RAVEN_CONFIG = {
'dsn': os.environ.get("SENTRY_URL")
}

# Axes Behind proxy
AXES_BEHIND_REVERSE_PROXY = True
AXES_NUM_PROXIES = 1
4 changes: 4 additions & 0 deletions hawkpost/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,13 @@
from django.conf.urls import url, include
from django.contrib import admin
from django.conf.urls.i18n import i18n_patterns
from axes.decorators import watch_login
from allauth.account.views import login

urlpatterns = [
url(r'^admin/login/$', watch_login(admin.site.login)),
url(r'^admin/', admin.site.urls),
url(r'^users/login/$', watch_login(login)),
url(r'^users/', include('allauth.urls')),
url(r'^users/', include('humans.urls')),
url(r'^box/', include('boxes.urls')),
Expand Down
57 changes: 28 additions & 29 deletions pages/static/javascripts/authform.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,57 +6,56 @@ $(document).ready(function(){
method: $this.attr("method"),
data: $this.serialize()
}).done(function(data){
document.location = data.location
document.location = data.location;
}).fail(function(data){
var errorContainer = $("#login-form-errors-js");
errorContainer.html("");
var errors = [];
var form_errors = data.responseJSON.form_errors;
if(form_errors.__all__){
errors = errors.concat(form_errors.__all__);
if (data.status === 400){
var errors = data.responseJSON.form.errors;
var form_fields = data.responseJSON.form.fields;
if(form_fields.login.errors){
errors = errors.concat(form_fields.login.errors);
}
if(form_fields.password.errors){
errors = errors.concat(form_fields.password.errors);
}
for(var i=0;i<errors.length;i++){
errorContainer.append("<p class='text-warning'>" + errors[i] + "</p>");
}
} else if (data.status === 403){
var msg = "Too many failed attempts. The account is locked for 1 hour. Please try again later.";
errorContainer.append("<p class='text-warning'>"+ msg +"</p>");
}
if(form_errors.email){
errors = errors.concat(form_errors.email);
}
if(form_errors.password){
errors = errors.concat(form_errors.password);
}
for(var i=0;i<errors.length;i++){
errorContainer.append("<p class='text-warning'>" + errors[i] + "</p>");
}
})
});
return false;
});

$("#signup-form-js").on("submit", function(){
var $this = $(this)
var $this = $(this);
$.ajax({
url: $this.attr("action"),
method: $this.attr("method"),
data: $this.serialize()
}).done(function(data){
document.location = data.location
document.location = data.location;
}).fail(function(data){
var errorContainer = $("#signup-form-errors-js");
errorContainer.html("");
var errors = [];
var form_errors = data.responseJSON.form_errors;
if(form_errors.__all__){
errors = errors.concat(form_errors.__all__);
}
if(form_errors.email){
errors = errors.concat(form_errors.email);
var errors = data.responseJSON.form.errors;
var form_fields = data.responseJSON.form.fields;
if(form_fields.email.errors){
errors = errors.concat(form_fields.email.errors);
}
if(form_errors.password1){
errors = errors.concat(form_errors.password1);
if(form_fields.password1.errors){
errors = errors.concat(form_fields.password1.errors);
}
if(form_errors.password2){
errors = errors.concat(form_errors.password2);
if(form_fields.password2.errors){
errors = errors.concat(form_fields.password2.errors);
}
for(var i=0;i<errors.length;i++){
errorContainer.append("<p class='text-warning'>" + errors[i] + "</p>");
}
})
});
return false;
});

Expand Down
1 change: 1 addition & 0 deletions requirements/base.in
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,4 @@ gunicorn==19.7.1
raven==6.1.0
django-timezone-field==2.0
django-braces==1.11.0
django-axes==2.3.3
3 changes: 2 additions & 1 deletion requirements/requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ celery==4.0.2
contextlib2==0.5.1 # via raven
defusedxml==0.4.1 # via python3-openid
django-allauth==0.32.0
django-axes==2.3.3
django-braces==1.11.0
django-dotenv==1.4.1
django-timezone-field==2.0
Expand All @@ -21,7 +22,7 @@ oauthlib==1.0.3 # via requests-oauthlib
psutil==4.1.0 # via gnupg
psycopg2==2.7.1
python3-openid==3.0.9 # via django-allauth
pytz==2016.3 # via celery, django, django-timezone-field
pytz==2016.3 # via celery, django, django-axes, django-timezone-field
raven==6.1.0
redis==2.10.5
requests-oauthlib==0.6.1 # via django-allauth
Expand Down
3 changes: 2 additions & 1 deletion requirements/requirements_dev.txt
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ contextlib2==0.5.1 # via raven
coverage==4.2
defusedxml==0.4.1 # via python3-openid
django-allauth==0.32.0
django-axes==2.3.3
django-braces==1.11.0
django-debug-toolbar==1.5
django-dotenv==1.4.1
Expand All @@ -26,7 +27,7 @@ oauthlib==1.0.3 # via requests-oauthlib
psutil==4.1.0 # via gnupg
psycopg2==2.7.1
python3-openid==3.0.9 # via django-allauth
pytz==2016.3 # via celery, django, django-timezone-field, hypothesis
pytz==2016.3 # via celery, django, django-axes, django-timezone-field, hypothesis
raven==6.1.0
redis==2.10.5
requests-oauthlib==0.6.1 # via django-allauth
Expand Down

0 comments on commit a106d75

Please sign in to comment.