Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/blueshoe/django-secure-passwords
Enterprise-grade django password management :key:
https://github.com/blueshoe/django-secure-passwords
authentication django enterprise password python security
Last synced: 9 days ago
JSON representation
Enterprise-grade django password management :key:
- Host: GitHub
- URL: https://github.com/blueshoe/django-secure-passwords
- Owner: Blueshoe
- License: mit
- Created: 2021-03-23T14:49:38.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2021-07-16T15:37:02.000Z (over 3 years ago)
- Last Synced: 2024-11-07T11:03:40.021Z (9 days ago)
- Topics: authentication, django, enterprise, password, python, security
- Language: Python
- Homepage:
- Size: 124 KB
- Stars: 8
- Watchers: 6
- Forks: 3
- Open Issues: 8
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
![django-secure-passwords logo](https://github.com/Blueshoe/django-secure-passwords/raw/master/docs/_static/img/logo.png)
--------------------------------------------------------------------------------
![Build Status](https://github.com/Blueshoe/django-secure-passwords/actions/workflows/python-app.yml/badge.svg)
[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=Blueshoe_django-secure-passwords&metric=alert_status)](https://sonarcloud.io/dashboard?id=Blueshoe_django-secure-passwords)
[![Coverage Status](https://coveralls.io/repos/github/Blueshoe/django-secure-passwords/badge.svg?branch=master)](https://coveralls.io/github/Blueshoe/django-secure-passwords?branch=master)
[![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)**Todo**
## Installation
django-secure-passwords is currently available only on Blueshoe's Python Package Index.
```bash
pip3 install django-secure-passwords
```Add *"django-secure-passwords"* to your *INSTALLED_APPS*:
```python
INSTALLED_APPS = [
"...",
"securepasswords",
]
```## Tracking of login attempts and account blocking
To track login attempts and lock account after a number of unsuccessful attempts use
[django-axes](https://github.com/jazzband/django-axes/) package. It can log successful and unsuccessful attempts, saving
this information to the database. The record consists of time of login, IP address, user
agent, username, path to which the login was attempted and the number of failed attempts.To install this package, run:
```bash
pip3 install django-axes
```Then, according to the [installation guide](https://django-axes.readthedocs.io/en/latest/2_installation.html) you need
to add these settings to your settings.py file:```python
INSTALLED_APPS = [
'...',
# Axes app can be in any position in the INSTALLED_APPS list.
'axes',
]
``````python
AUTHENTICATION_BACKENDS = [
# AxesBackend should be the first backend in the AUTHENTICATION_BACKENDS list.
'axes.backends.AxesBackend',
'...',
]
``````python
MIDDLEWARE = [
# The following is the list of default middleware in new Django projects.
'...',
# AxesMiddleware should be the last middleware in the MIDDLEWARE list.
# It only formats user lockout messages and renders Axes lockout responses
# on failed user authentication attempts from login views.
# If you do not want Axes to override the authentication response
# you can skip installing the middleware and use your own views.
'axes.middleware.AxesMiddleware',
]
```Different [configuration variables](https://django-axes.readthedocs.io/en/latest/4_configuration.html) are available,
those variables can be directly added to the settings.py file.## Usage
# TODO prettify
Recommended: usage of `AbstractBaseUser` subclass as `AUTH_USER_MODEL`