diff options
| author | Étienne Loks <etienne.loks@iggdrasil.net> | 2023-04-07 15:00:00 +0200 |
|---|---|---|
| committer | Étienne Loks <etienne.loks@iggdrasil.net> | 2023-04-17 15:47:16 +0200 |
| commit | eddc473c05d4913dfcb8b7e747a94b22968f6ea3 (patch) | |
| tree | eefcabbe9bf046d62b754344c043837a6890c8b2 /example_project/settings.py | |
| parent | 54a9b7389355119cc142ed61bdf3641c99630a60 (diff) | |
| download | Ishtar-eddc473c05d4913dfcb8b7e747a94b22968f6ea3.tar.bz2 Ishtar-eddc473c05d4913dfcb8b7e747a94b22968f6ea3.zip | |
Optional security for login attempt: loging, deactivate account after many failed login.
Diffstat (limited to 'example_project/settings.py')
| -rw-r--r-- | example_project/settings.py | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/example_project/settings.py b/example_project/settings.py index 25a60fb93..a0f677755 100644 --- a/example_project/settings.py +++ b/example_project/settings.py @@ -133,6 +133,7 @@ MIDDLEWARE = [ "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.locale.LocaleMiddleware", + "axes.middleware.AxesMiddleware", ] TEMPLATES = [ @@ -159,7 +160,10 @@ TEMPLATES = [ ROOT_URLCONF = "example_project.urls" -AUTHENTICATION_BACKENDS = ("ishtar_common.backend.ObjectPermBackend",) +AUTHENTICATION_BACKENDS = ( + "axes.backends.AxesBackend", + "ishtar_common.backend.ObjectPermBackend", +) INSTALLED_APPS = [ "registration", @@ -170,6 +174,7 @@ INSTALLED_APPS = [ "archaeological_warehouse", "archaeological_finds", "compressor", + "axes", "rest_framework", "rest_framework.authtoken", "django.contrib.auth", @@ -190,6 +195,10 @@ TRANSLATION_OVERLOAD_DEBUG = False SESSION_EXPIRE_AT_BROWSER_CLOSE = False SESSION_COOKIE_AGE = 5 * 24 * 60 * 60 +AXES_ENABLED = False +AXES_FAILURE_LIMIT = 5 +AXES_COOLOFF_TIME = 2 # hours +AXES_RESET_ON_SUCCESS = True MAIN_APP = "" @@ -402,7 +411,7 @@ if DEBUG_TOOLBAR: sys.path.insert(0, "..") global DEBUG_TOOLBAR_PANELS global DEBUG_TOOLBAR_CONFIG - MIDDLEWARE += ["debug_toolbar.middleware.DebugToolbarMiddleware"] + MIDDLEWARE.insert(len(MIDDLEWARE) - 1, "debug_toolbar.middleware.DebugToolbarMiddleware") INSTALLED_APPS += ["debug_toolbar"] DEBUG_TOOLBAR_PANELS = ( "debug_toolbar.panels.versions.VersionsPanel", @@ -455,11 +464,12 @@ if SENTRY_ID and sentry_sdk: if ISHTAR_SECURE_OPTIONS: + AXES_ENABLED = True # log logging attempts and block account on many fails # verify https is ok before activating - MIDDLEWARE += [ + MIDDLEWARE = MIDDLEWARE[:-1] + [ "django.middleware.security.SecurityMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", - ] + ] + [MIDDLEWARE[-1]] SECURE_HSTS_SECONDS = 31536000 SECURE_HSTS_PRELOAD = True SECURE_HSTS_INCLUDE_SUBDOMAINS = True |