Add user ban check to login view and log failed attempts
This commit is contained in:
@@ -290,6 +290,15 @@ def login(request: HttpRequest):
|
|||||||
messages.success(request, f"¡Bienvenido {user.first_name or user.username}!")
|
messages.success(request, f"¡Bienvenido {user.first_name or user.username}!")
|
||||||
return redirect("index")
|
return redirect("index")
|
||||||
else:
|
else:
|
||||||
|
user1: User = User.objects.get(username=username)
|
||||||
|
if user1.registration_status == User.RegisterStatus.BANNED:
|
||||||
|
audit_logger.warning(
|
||||||
|
"LOGIN FAILED email=%s reason=user_banned ip=%s",
|
||||||
|
email,
|
||||||
|
client_ip,
|
||||||
|
)
|
||||||
|
messages.error(request, "Error, La cuenta esta bloqueada")
|
||||||
|
return render(request, "tienda/login.html")
|
||||||
audit_logger.warning(
|
audit_logger.warning(
|
||||||
"LOGIN_FAILED email=%s reason=invalid_credentials ip=%s",
|
"LOGIN_FAILED email=%s reason=invalid_credentials ip=%s",
|
||||||
email,
|
email,
|
||||||
|
|||||||
Reference in New Issue
Block a user