Added django-axes for failed login monitoring.

requirements.txt

@@ -3,9 +3,12 @@ asgiref>=3.2.3
 cffi>=1.13.2
 dj-database-url>=0.5.0
 Django>=3.0.2
+django-appconf>=1.0.3
+django-axes>=5.2.2
 django-debreach>=2.0.1
 django-dynamic-preferences>=1.8.1
 django-inline-actions>=2.3.0
+django-ipware==2.1.0
 djangorestframework>=3.11.0
 persisting-theory>=0.2.1
 psycopg2-binary>=2.8.4

savepointradio/savepointradio/settings.py

@@ -2,6 +2,7 @@
 Django settings file.
 '''
 
+import datetime
 import os
 
 from decouple import config, Csv
@@ -38,6 +39,11 @@ AUTH_PASSWORD_VALIDATORS = [
 
 AUTH_USER_MODEL = 'core.RadioUser'
 
+AUTHENTICATION_BACKENDS = [
+    'axes.backends.AxesBackend',
+    'django.contrib.auth.backends.ModelBackend',
+]
+
 DATABASES = {
     'default': config(
         'DATABASE_URL',
@@ -57,6 +63,7 @@ INSTALLED_APPS = [
     'django.contrib.messages',
     'django.contrib.staticfiles',
 
+    'axes',
     'dynamic_preferences',
     'rest_framework',
     'rest_framework.authtoken',
@@ -78,6 +85,7 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'axes.middleware.AxesMiddleware',
 ]
 
 PASSWORD_HASHERS = [
@@ -124,6 +132,26 @@ USE_TZ = True
 
 WSGI_APPLICATION = 'savepointradio.wsgi.application'
 
+#
+#  Django-Axes settings
+#
+
+AXES_COOLOFF_TIME = datetime.timedelta(minutes=15)
+
+AXES_ENABLED = True
+
+AXES_FAILURE_LIMIT = 5
+
+AXES_LOCK_OUT_AT_FAILURE = True
+
+AXES_META_PRECEDENCE_ORDER = [
+    'HTTP_X_FORWARDED_FOR',
+    'HTTP_X_REAL_IP',
+    'REMOTE_ADDR',
+]
+
+AXES_PROXY_COUNT = 1
+
 #
 #  Django Rest Framework settings
 #