diff --git a/requirements/base.txt b/requirements/base.txt index f4d9eacf..f9fa47db 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -90,7 +90,7 @@ django==3.2.23 # zgw-consumers django-admin-index==3.1.0 # via -r requirements/base.in -django-axes==5.41.1 +django-axes==6.3.0 # via -r requirements/base.in django-filter==2.4.0 # via @@ -98,8 +98,6 @@ django-filter==2.4.0 # commonground-api-common django-formtools==2.3 # via maykin-django-two-factor-auth -django-ipware==3.0.2 - # via django-axes django-jsonform==2.21.4 # via mozilla-django-oidc-db django-markup==1.3 @@ -112,7 +110,7 @@ django-phonenumber-field==5.2.0 # via maykin-django-two-factor-auth django-privates==2.0.0.post0 # via django-simple-certmanager -django-redis==5.2.0 +django-redis==5.4.0 # via -r requirements/base.in django-relativedelta==2.0.0 # via zgw-consumers diff --git a/requirements/ci.txt b/requirements/ci.txt index 3dea63c3..c5298725 100644 --- a/requirements/ci.txt +++ b/requirements/ci.txt @@ -121,7 +121,7 @@ django==3.2.23 # zgw-consumers django-admin-index==3.1.0 # via -r requirements/base.txt -django-axes==5.41.1 +django-axes==6.3.0 # via -r requirements/base.txt django-filter==2.4.0 # via @@ -131,10 +131,6 @@ django-formtools==2.3 # via # -r requirements/base.txt # maykin-django-two-factor-auth -django-ipware==3.0.2 - # via - # -r requirements/base.txt - # django-axes django-jsonform==2.21.4 # via # -r requirements/base.txt @@ -157,7 +153,7 @@ django-privates==2.0.0.post0 # via # -r requirements/base.txt # django-simple-certmanager -django-redis==5.2.0 +django-redis==5.4.0 # via -r requirements/base.txt django-relativedelta==2.0.0 # via diff --git a/requirements/dev.txt b/requirements/dev.txt index 4ccb8d7f..ed9fe5de 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -143,7 +143,7 @@ django==3.2.23 # zgw-consumers django-admin-index==3.1.0 # via -r requirements/ci.txt -django-axes==5.41.1 +django-axes==6.3.0 # via -r requirements/ci.txt django-debug-toolbar==4.2.0 # via -r requirements/dev.in @@ -157,10 +157,6 @@ django-formtools==2.3 # via # -r requirements/ci.txt # maykin-django-two-factor-auth -django-ipware==3.0.2 - # via - # -r requirements/ci.txt - # django-axes django-jsonform==2.21.4 # via # -r requirements/ci.txt @@ -183,7 +179,7 @@ django-privates==2.0.0.post0 # via # -r requirements/ci.txt # django-simple-certmanager -django-redis==5.2.0 +django-redis==5.4.0 # via -r requirements/ci.txt django-relativedelta==2.0.0 # via diff --git a/src/objects/conf/base.py b/src/objects/conf/base.py index 0ba9a077..b68fb4c7 100644 --- a/src/objects/conf/base.py +++ b/src/objects/conf/base.py @@ -347,15 +347,10 @@ # will be forgotten. Can be set to a python timedelta object or an integer. If # an integer, will be interpreted as a number of hours. Default: None AXES_COOLOFF_TIME = 1 -# If True only locks based on user id and never locks by IP if attempts limit -# exceed, otherwise utilize the existing IP and user locking logic Default: -# False -AXES_ONLY_USER_FAILURES = True # If set, specifies a template to render when a user is locked out. Template # receives cooloff_time and failure_limit as context variables. Default: None AXES_LOCKOUT_TEMPLATE = "account_blocked.html" -AXES_USE_USER_AGENT = True # Default: False -AXES_LOCK_OUT_BY_COMBINATION_USER_AND_IP = True # Default: False +AXES_LOCKOUT_PARAMETERS = [["ip_address", "user_agent", "username"]] # The default meta precedence order IPWARE_META_PRECEDENCE_ORDER = (