a Sic^2@sddlmZddlmZddlmZddlmZmZm Z m Z ddl m Z ddl mZddlmZmZmZddlmZdd lmZmZdd lmZmZmZmZmZdd lmZm Z m!Z!dd l"m#Z#ee$Z%Gd ddeeZ&dS)) getLogger)Optional) transaction)FSumValueQ)Concat)timezone)clean_expired_user_attemptsget_user_attemptsreset_user_attempts)settings)AxesBaseHandlerAbstractAxesHandler)get_client_strget_client_usernameget_credentialsget_failure_limit get_query_str) AccessLog AccessAttemptAccessFailureLog)user_locked_outc@seZdZdZddddeeeeeedddZddeeed d d Z ddeeed d d Z e j deeeedddZ d eeedddZd!edddZddZddZddZddZdS)"AxesDatabaseHandlera Signal handler implementation that records user login attempts to database and locks users out if necessary. .. note:: The get_user_attempts function is called several time during the authentication and lockout process, caching its output can be dangerous. NF) ip_addressusernameip_or_username)rrrreturncCsftj}|r*|t|dt|dB}n |r:|j|d}|rJ|j|d}|\}}td||S)N)rrz-AXES: Reset %d access attempts from database.)robjectsallfilterrdeleteloginfo)selfrrrattemptscount_r*R/var/www/html/django/DPS/env/lib/python3.9/site-packages/axes/handlers/database.pyreset_attempts%s     z"AxesDatabaseHandler.reset_attempts)age_days)r-rcCsd|dur(tj\}}td|n8ttj|d}tjj |d\}}td|||S)Nz-AXES: Reset all %d access logs from database.daysZattempt_time__ltezjs  z3AxesDatabaseHandler.get_failures..)r max)r&requestr;Z attempts_listZ attempt_countr*r*r+ get_failureshs   z AxesDatabaseHandler.get_failures)r;c Ksdtd|dur tddSt|jt||}t||j|j|j |}t j st|j rt||_ tjd|||jddSt|jdd}t|jdd}|||rtd|dSt jr|durtd nttjj||j|j|||j|j d |jd d \} } | r td |nfd} tdt| || _ tdt| || _!|j| _"|j | _#t$dd | _%|j| _&| 'td|Wdn1s0Y|(||} | |_)t j*r| t+||krtd|d|_ ||_ tjd|||jdt j,r`tBt-jj.||j|j|j|j |j|j d|j/|dWdn1sV0YdS)zWhen user login fails, save AccessFailureLog record in database, save AccessAttempt record in database, mark request with lockout attribute and emit lockout signal. z>AXES: User login failed, running database handler for failure.NzPAXES: AxesDatabaseHandler.user_login_failed does not function without a request.axes)rArrZ0x00z.AXES: Login failed from whitelisted client %s.z^AXES: Username is None and AXES_ONLY_USER_FAILURES is enabled, new record will NOT be created.r7)get_data post_data http_accept path_infor< attempt_time)rr user_agentdefaultszBAXES: New login failure by %s. Created new record in the database.z --------- rErFr<zLAXES: Repeated login failure by %s. Updated existing record in the database.z3AXES: Locking out %s after repeated login failures.T)rrrJrGrHrI locked_outr)0r$r%errorr axes_attempt_timerraxes_ip_addressaxes_user_agentaxes_path_infor-AXES_RESET_COOL_OFF_ON_FAILURE_DURING_LOCKOUTaxes_locked_outaxes_credentialsrsendrGETreplacePOSTis_whitelistedAXES_ONLY_USER_FAILURESwarningratomicrr select_for_update get_or_createaxes_http_acceptr rrErFrGrHrr<rIsaverBaxes_failures_since_startAXES_LOCK_OUT_AT_FAILURErAXES_ENABLE_ACCESS_FAILURE_LOGrcreater:) r&senderr;rAkwargsr client_strrErFattemptcreated separatorr<r*r*r+user_login_failedus          $    z%AxesDatabaseHandler.user_login_failedc Kst|j|}t|}t||j|j|j|}t d|t j sdt j j||j|j|j|j|jdt jrt||}t d||dS)zN When user logs in, update the AccessLog related to the user. zAXES: Successful login by %s.)rrrJrGrHrIz;AXES: Deleted %d failed login attempts by %s from database.N)r rN get_usernamerrrOrPrQr$r%rAXES_DISABLE_ACCESS_LOGrr rdr_AXES_RESET_ON_SUCCESSr ) r&rerAuserrfrr;rgr(r*r*r+user_logged_ins6    z"AxesDatabaseHandler.user_logged_incKsdt|j|r|nd}t||j|j|j|}td||r`t j s`t j j |ddj|jddS)zO When user logs out, update the AccessLog related to the user. NzAXES: Successful logout by %s.T)rZlogout_time__isnull) logout_time)r rNrlrrOrPrQr$r%rrmrr r"update)r&rerArorfrrgr*r*r+user_logged_out(s    z#AxesDatabaseHandler.user_logged_outcKsdS)z Handles the ``axes.models.AccessAttempt`` object post save signal. When needed, all post_save actions for this backend should be located here. Nr*r&instancerfr*r*r+post_save_access_attemptAsz,AxesDatabaseHandler.post_save_access_attemptcKsdS)z Handles the ``axes.models.AccessAttempt`` object post delete signal. When needed, all post_delete actions for this backend should be located here. Nr*rtr*r*r+post_delete_access_attemptIsz.AxesDatabaseHandler.post_delete_access_attempt)N)N)__name__ __module__ __qualname____doc__rstrboolintr,r5r6r&AXES_ACCESS_FAILURE_LOG_PER_USER_LIMITr:dictrBrkrprsrvrwr*r*r*r+rs2     (rN)'loggingrtypingr django.dbrdjango.db.modelsrrrrdjango.db.models.functionsr django.utilsr Z axes.attemptsr r r axes.confraxes.handlers.baserr axes.helpersrrrrrZ axes.modelsrrrZ axes.signalsrrxr$rr*r*r*r+s