Reputation: 506
Django - Suspending/deactivating an account for N amount of seconds
In my Django application, If the user enters the wrong password more than 7 times, then I want to suspend/deactivate their account for 10 seconds.
I perform an If statement to see if the wrong password has been inputted more than 7 times, and that works fine.
Inside the if statement, I want to set user.is_active to False for 10 seconds so they cannot login. After 10 seconds has passed, I want user.is_active to be set back to True so they can attempt to login again.
How would I implement this functionality? Thank you.
Update - views.py:
if user.active_after > current:
return JsonResponse({'message': 'Yes! Not locked'}, status=200)
models.py
active_after = models.DateTimeField(auto_now=True)
Error I receive: TypeError: can't compare offset-naive and offset-aware datetimes
Does anyone know how to fix this?
Upvotes: 3
Views: 421
Answers (1)
Reputation: 5030
One way is to preventing user in Front-end (i.e. using javascript, ....). If you want to add in backend as well, you can add datetime field such as user.active_after which each model should only be active after that time.
Then when you got a wrong password, you can change that field to:
current = datetime.datetime.now()
# add 10 seconds to current time
user.active_after = current + datetime.timedelta(0,10)
Upvotes: 1
Related Questions
- Autologout a user after specific time in django
- Logging users out of a Django site after N minutes of inactivity
- Django - run a function every x seconds
- implementing a timer in a django app
- How to trigger an event after 30 seconds has passed in Django?
- Django - How to call a function after a certain amount of time
- Change Django Admin Inactivity Timeout
- How can I detect user is inactive for 5 seconds in order to assign session key?
- django increase inactivity timeout
- Setting a timeout function in django