Cerberos is a django app that watches failed logins and block the user after N attempts.
When a user have tried to login a certain number of times, cerberos blocks the login view to the user.
Intallation is very simple:
pip install cerberos
After that, add 'cerberos' to INSTALLED_APPS
and run the migrations:
python manage.py migrate cerberos
To enable cerberos the login view must be decorated with cerberos.decorators.watch_logins.
from django.contrib.auth.views import login # Login view url(r'^login/', watch_logins(login)),
When the user is locked, it renders the template cerberos/user-locked.html. You can override the template to show the users the information you want.
These parameters are passed to the template:
- ip: The ip address of the user locked
- failed_access: The FailedAccessAttempt instance
MAX_FAILED_LOGINS: The maximum number of failed logins before blocking the user.
MEMORY_FOR_FAILED_LOGINS: The number in seconds after the failed access attemps will be forgotten. If set to 0, the attempts won’t be forgotten. Default = 0
For running the tests, make sure tox is installed in your system, and run:
python setup.py test