mirror of
https://github.com/ae-utbm/sith.git
synced 2024-11-22 06:03:20 +00:00
Reorganize honeypot settings
This commit is contained in:
parent
d6b27f2f21
commit
0fb61938ce
@ -21,7 +21,6 @@ from django.contrib.auth import get_user
|
||||
from django.contrib.auth.middleware import (
|
||||
AuthenticationMiddleware as DjangoAuthenticationMiddleware,
|
||||
)
|
||||
from django.http import HttpResponse
|
||||
from django.utils.functional import SimpleLazyObject
|
||||
|
||||
module, klass = settings.AUTH_ANONYMOUS_MODEL.rsplit(".", 1)
|
||||
@ -71,7 +70,3 @@ class SignalRequestMiddleware:
|
||||
def __call__(self, request):
|
||||
_threadlocal.request = request
|
||||
return self.get_response(request)
|
||||
|
||||
|
||||
def custom_honeypot_error(request, context):
|
||||
return HttpResponse("Upon reading this, the http client was enlightened.")
|
||||
|
12
sith/honeypot.py
Normal file
12
sith/honeypot.py
Normal file
@ -0,0 +1,12 @@
|
||||
import logging
|
||||
from typing import Any
|
||||
|
||||
from django.http import HttpResponse
|
||||
from django.test.client import WSGIRequest
|
||||
|
||||
|
||||
def custom_honeypot_error(
|
||||
request: WSGIRequest, context: dict[str, Any]
|
||||
) -> HttpResponse:
|
||||
logging.warning(f"HoneyPot blocked user with ip {request.META.get('REMOTE_ADDR')}")
|
||||
return HttpResponse("Upon reading this, the http client was enlightened.")
|
@ -41,10 +41,11 @@ import os
|
||||
import sys
|
||||
|
||||
import sentry_sdk
|
||||
from django.utils.module_loading import import_string
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
from sentry_sdk.integrations.django import DjangoIntegration
|
||||
|
||||
from .honeypot import custom_honeypot_error
|
||||
|
||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||
|
||||
os.environ["HTTPS"] = "off"
|
||||
@ -55,16 +56,6 @@ os.environ["HTTPS"] = "off"
|
||||
# SECURITY WARNING: keep the secret key used in production secret!
|
||||
SECRET_KEY = "(4sjxvhz@m5$0a$j0_pqicnc$s!vbve)z+&++m%g%bjhlz4+g2"
|
||||
|
||||
# Those values are to be changed in production to be more effective
|
||||
HONEYPOT_FIELD_NAME = "body2"
|
||||
HONEYPOT_VALUE = "content"
|
||||
|
||||
# Make honeypot errors less suspicious
|
||||
# Since the app is not loaded yet, we wrap the import_string function in a lambda call to lazy load it
|
||||
HONEYPOT_RESPONDER = lambda request, context: import_string(
|
||||
"core.middleware.custom_honeypot_error"
|
||||
)(request, context)
|
||||
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = False
|
||||
TESTING = "pytest" in sys.modules
|
||||
@ -293,6 +284,11 @@ LOGIN_REDIRECT_URL = "/"
|
||||
DEFAULT_FROM_EMAIL = "bibou@git.an"
|
||||
SITH_COM_EMAIL = "bibou_com@git.an"
|
||||
REST_FRAMEWORK["UNAUTHENTICATED_USER"] = "core.models.AnonymousUser"
|
||||
# Those values are to be changed in production to be more effective
|
||||
HONEYPOT_FIELD_NAME = "body2"
|
||||
HONEYPOT_VALUE = "content"
|
||||
HONEYPOT_RESPONDER = custom_honeypot_error # Make honeypot errors less suspicious
|
||||
|
||||
|
||||
# Email
|
||||
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
|
||||
|
Loading…
Reference in New Issue
Block a user