mirror of
https://github.com/ae-utbm/sith.git
synced 2024-11-12 17:23:26 +00:00
Reorganize honeypot settings
This commit is contained in:
parent
d6b27f2f21
commit
0fb61938ce
@ -21,7 +21,6 @@ from django.contrib.auth import get_user
|
|||||||
from django.contrib.auth.middleware import (
|
from django.contrib.auth.middleware import (
|
||||||
AuthenticationMiddleware as DjangoAuthenticationMiddleware,
|
AuthenticationMiddleware as DjangoAuthenticationMiddleware,
|
||||||
)
|
)
|
||||||
from django.http import HttpResponse
|
|
||||||
from django.utils.functional import SimpleLazyObject
|
from django.utils.functional import SimpleLazyObject
|
||||||
|
|
||||||
module, klass = settings.AUTH_ANONYMOUS_MODEL.rsplit(".", 1)
|
module, klass = settings.AUTH_ANONYMOUS_MODEL.rsplit(".", 1)
|
||||||
@ -71,7 +70,3 @@ class SignalRequestMiddleware:
|
|||||||
def __call__(self, request):
|
def __call__(self, request):
|
||||||
_threadlocal.request = request
|
_threadlocal.request = request
|
||||||
return self.get_response(request)
|
return self.get_response(request)
|
||||||
|
|
||||||
|
|
||||||
def custom_honeypot_error(request, context):
|
|
||||||
return HttpResponse("Upon reading this, the http client was enlightened.")
|
|
||||||
|
12
sith/honeypot.py
Normal file
12
sith/honeypot.py
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
import logging
|
||||||
|
from typing import Any
|
||||||
|
|
||||||
|
from django.http import HttpResponse
|
||||||
|
from django.test.client import WSGIRequest
|
||||||
|
|
||||||
|
|
||||||
|
def custom_honeypot_error(
|
||||||
|
request: WSGIRequest, context: dict[str, Any]
|
||||||
|
) -> HttpResponse:
|
||||||
|
logging.warning(f"HoneyPot blocked user with ip {request.META.get('REMOTE_ADDR')}")
|
||||||
|
return HttpResponse("Upon reading this, the http client was enlightened.")
|
@ -41,10 +41,11 @@ import os
|
|||||||
import sys
|
import sys
|
||||||
|
|
||||||
import sentry_sdk
|
import sentry_sdk
|
||||||
from django.utils.module_loading import import_string
|
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from sentry_sdk.integrations.django import DjangoIntegration
|
from sentry_sdk.integrations.django import DjangoIntegration
|
||||||
|
|
||||||
|
from .honeypot import custom_honeypot_error
|
||||||
|
|
||||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||||
|
|
||||||
os.environ["HTTPS"] = "off"
|
os.environ["HTTPS"] = "off"
|
||||||
@ -55,16 +56,6 @@ os.environ["HTTPS"] = "off"
|
|||||||
# SECURITY WARNING: keep the secret key used in production secret!
|
# SECURITY WARNING: keep the secret key used in production secret!
|
||||||
SECRET_KEY = "(4sjxvhz@m5$0a$j0_pqicnc$s!vbve)z+&++m%g%bjhlz4+g2"
|
SECRET_KEY = "(4sjxvhz@m5$0a$j0_pqicnc$s!vbve)z+&++m%g%bjhlz4+g2"
|
||||||
|
|
||||||
# Those values are to be changed in production to be more effective
|
|
||||||
HONEYPOT_FIELD_NAME = "body2"
|
|
||||||
HONEYPOT_VALUE = "content"
|
|
||||||
|
|
||||||
# Make honeypot errors less suspicious
|
|
||||||
# Since the app is not loaded yet, we wrap the import_string function in a lambda call to lazy load it
|
|
||||||
HONEYPOT_RESPONDER = lambda request, context: import_string(
|
|
||||||
"core.middleware.custom_honeypot_error"
|
|
||||||
)(request, context)
|
|
||||||
|
|
||||||
# SECURITY WARNING: don't run with debug turned on in production!
|
# SECURITY WARNING: don't run with debug turned on in production!
|
||||||
DEBUG = False
|
DEBUG = False
|
||||||
TESTING = "pytest" in sys.modules
|
TESTING = "pytest" in sys.modules
|
||||||
@ -293,6 +284,11 @@ LOGIN_REDIRECT_URL = "/"
|
|||||||
DEFAULT_FROM_EMAIL = "bibou@git.an"
|
DEFAULT_FROM_EMAIL = "bibou@git.an"
|
||||||
SITH_COM_EMAIL = "bibou_com@git.an"
|
SITH_COM_EMAIL = "bibou_com@git.an"
|
||||||
REST_FRAMEWORK["UNAUTHENTICATED_USER"] = "core.models.AnonymousUser"
|
REST_FRAMEWORK["UNAUTHENTICATED_USER"] = "core.models.AnonymousUser"
|
||||||
|
# Those values are to be changed in production to be more effective
|
||||||
|
HONEYPOT_FIELD_NAME = "body2"
|
||||||
|
HONEYPOT_VALUE = "content"
|
||||||
|
HONEYPOT_RESPONDER = custom_honeypot_error # Make honeypot errors less suspicious
|
||||||
|
|
||||||
|
|
||||||
# Email
|
# Email
|
||||||
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
|
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
|
||||||
|
Loading…
Reference in New Issue
Block a user