mtrdesign · gutyril · Sep 5, 2019 · Sep 5, 2019 · Feb 9, 2021
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,6 @@
+*.pyc
+csv/
+www/static/
+.idea/
+*.DS_Store
+
diff --git a/BruteBuster.egg-info/PKG-INFO b/BruteBuster.egg-info/PKG-INFO
@@ -0,0 +1,19 @@
+Metadata-Version: 1.1
+Name: BruteBuster
+Version: 0.2.1
+Summary: BruteBuster is a simple, pluggable Django app that can help you protect against password bruteforcing attempts.
+Home-page: https://github.com/gutyril/django-brutebuster
+Author: UNKNOWN
+Author-email: UNKNOWN
+License: The Python Packaging Authority
+Description: UNKNOWN
+Platform: UNKNOWN
+Classifier: Environment :: Web Environment
+Classifier: Framework :: DjangoFramework :: Django :: 1.8.2
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: The Python Packaging Authority
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python
+Classifier: Programming Language :: Python :: 2.7
+Classifier: Topic :: Internet :: WWW/HTTP
+Classifier: Topic :: Internet :: WWW/HTTP :: Dynamic Content
diff --git a/BruteBuster.egg-info/SOURCES.txt b/BruteBuster.egg-info/SOURCES.txt
@@ -0,0 +1,16 @@
+LICENSE
+MANIFEST.in
+README.md
+setup.py
+BruteBuster/__init__.py
+BruteBuster/admin.py
+BruteBuster/apps.py
+BruteBuster/decorators.py
+BruteBuster/middleware.py
+BruteBuster/models.py
+BruteBuster.egg-info/PKG-INFO
+BruteBuster.egg-info/SOURCES.txt
+BruteBuster.egg-info/dependency_links.txt
+BruteBuster.egg-info/top_level.txt
+BruteBuster/migrations/0001_initial.py
+BruteBuster/migrations/__init__.py
diff --git a/BruteBuster.egg-info/dependency_links.txt b/BruteBuster.egg-info/dependency_links.txt
@@ -0,0 +1 @@
+
diff --git a/BruteBuster.egg-info/top_level.txt b/BruteBuster.egg-info/top_level.txt
@@ -0,0 +1 @@
+BruteBuster
diff --git a/__init__.py → BruteBuster/__init__.py b/__init__.py → BruteBuster/__init__.py
diff --git a/admin.py → BruteBuster/admin.py b/admin.py → BruteBuster/admin.py
diff --git a/apps.py → BruteBuster/apps.py b/apps.py → BruteBuster/apps.py
diff --git a/decorators.py → BruteBuster/decorators.py b/decorators.py → BruteBuster/decorators.py
@@ -1,7 +1,8 @@
 # BruteBuster by Cyber Security Consulting (www.csc.bg)
 
 """Decorators used by BruteBuster"""
-
+from django.core.exceptions import ValidationError
+from django.utils.translation import ugettext as _
 
 def protect_and_serve(auth_func):
     """
@@ -16,7 +17,7 @@ def protect_and_serve(auth_func):
 
     def decor(*args, **kwargs):
         # Import here to avoid AppRegistryNotReady("Apps aren't loaded yet.") Exception
-        from BruteBuster.models import FailedAttempt
+        from BruteBuster.models import FailedAttempt, BB_BLOCK_INTERVAL
         from BruteBuster.middleware import get_request
         """
         This is the wrapper that gets installed around the default
@@ -42,7 +43,7 @@ def decor(*args, **kwargs):
                     # of too many recent failures
                     fa.failures += 1
                     fa.save()
-                    return None
+                    raise ValidationError(_("User has been blocked after too many failed login attempts. Please retry in {} minutes").format(BB_BLOCK_INTERVAL))
             else:
                 # the block interval is over, so let's start
                 # with a clean sheet

diff --git a/BruteBuster/middleware.py b/BruteBuster/middleware.py
@@ -0,0 +1,37 @@
+# BruteBuster by Cyber Security Consulting (www.csc.bg)
+
+"""
+Brutebuster needs access to the REMOTE_IP of the incoming request. We're doing
+this by adding the request object to the thread_local space
+"""
+
+try:
+    from threading import local
+except ImportError:
+    from django.utils.threading_local import local
+
+_thread_locals = local()
+
+
+def get_request():
+    return getattr(_thread_locals, 'request', None)
+
+
+class RequestMiddleware(object):
+    """Provides access to the request object via thread locals"""
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+        # One-time configuration and initialization.
+
+    def __call__(self, request):
+        _thread_locals.request = request
+        # Code to be executed for each request before
+        # the view (and later middleware) are called.
+
+        response = self.get_response(request)
+
+        # Code to be executed for each request/response after
+        # the view is called.
+
+        return response
diff --git a/BruteBuster/migrations/0001_initial.py b/BruteBuster/migrations/0001_initial.py
@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='FailedAttempt',
+            fields=[
+                ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
+                ('username', models.CharField(max_length=255, verbose_name=b'Username')),
+                ('IP', models.GenericIPAddressField(null=True, verbose_name=b'IP Address')),
+                ('failures', models.PositiveIntegerField(default=0, verbose_name=b'Failures')),
+                ('timestamp', models.DateTimeField(auto_now=True, verbose_name=b'Last failed attempt')),
+            ],
+            options={
+                'ordering': ['-timestamp'],
+            },
+        ),
+        migrations.AlterUniqueTogether(
+            name='failedattempt',
+            unique_together=set([('username', 'IP')]),
+        ),
+    ]
diff --git a/BruteBuster/migrations/__init__.py b/BruteBuster/migrations/__init__.py
diff --git a/models.py → BruteBuster/models.py b/models.py → BruteBuster/models.py
@@ -1,4 +1,3 @@
-# BruteBuster by Cyber Security Consulting (www.csc.bg)
 
 """
 BruteBuster DB model.

diff --git a/MANIFEST.in b/MANIFEST.in
@@ -0,0 +1,4 @@
+include LICENSE
+include README.rst
+recursive-include docs *
+recursive-include promotion/fixtures *
diff --git a/middleware.py b/middleware.py
diff --git a/setup.py b/setup.py
@@ -0,0 +1,35 @@
+import os
+from setuptools import find_packages, setup
+
+# with open(os.path.join(os.path.dirname(__file__), 'README.rst')) as readme:
+#     README = readme.read()
+
+# allow setup.py to be run from any path
+os.chdir(os.path.normpath(os.path.join(os.path.abspath(__file__), os.pardir)))
+
+setup(
+    name='BruteBuster',
+    version='0.2.1',
+    packages=find_packages(),
+    include_package_data=True,
+    license='The Python Packaging Authority', 
+    description='BruteBuster is a simple, pluggable Django app that can help you protect against password bruteforcing attempts.',
+    long_description="",
+    url='https://github.com/gutyril/django-brutebuster',
+    author='',
+    author_email='',
+    classifiers=[
+        'Environment :: Web Environment',
+        'Framework :: Django'
+        'Framework :: Django :: 1.8.2',  # replace "X.Y" as appropriate
+        'Intended Audience :: Developers',
+        'License :: OSI Approved :: The Python Packaging Authority',  # example license
+        'Operating System :: OS Independent',
+        'Programming Language :: Python',
+        # Replace these appropriately if you are stuck on Python 2.
+        'Programming Language :: Python :: 2.7',
+        'Topic :: Internet :: WWW/HTTP',
+        'Topic :: Internet :: WWW/HTTP :: Dynamic Content',
+    ],
+)
+