fix: correct login lock-out counter#55
Merged
anderstorstensson merged 1 commit intonextfrom Feb 16, 2026
Merged
Conversation
anderstorstensson
added a commit
that referenced
this pull request
Feb 16, 2026
* Add image labeling library support (#38) * Add image labeling guide feature - ZIP upload, new API endpoint, admin interface - Database: Add image_labeling_description field, ImageLabelingImage model - API: New /api/media/image_labeling/ endpoint and exclude_galleries parameter for /api/media/ * Apply ruff formatting * Fix linting issues * Format admin.py * Fix image labeling (#39) * Enable add another for image labeling * Only show taxa with images * Ruff and lint * Fix add another for ZIP archives (#40) * Preserve taxon descriptions during syncdb (#41) * Bump django 5 (#42) * Migrate to Django 5.2 * Add new endpoint for fetching image count summary * Convert institute from CharField to TagField * Add new endpoint for fetching first image per taxon * Additional tweaks of image labeling component (#43) * Change multiple taxa * Add upload limit * Update fields * Use priority for first page * Change multpile taxa * Update docs * Include counts for geographical area and not specified (#44) * Modifications based on user input on upload form (#45) * Use autocomplete for Taxon based on zip filename * Ruff format * Orphan image labeling taxon description (#46) * Preserve descriptions when taxon IDs change When taxa IDs change during taxa imports, image labeling descriptions are now preserved in an OrphanedDescription model instead of being lost. Administrators can review and reassign these descriptions via Django admin. - Add OrphanedDescription model for tracking lost descriptions - Update importdescriptions to store orphaned entries in database - Add admin interface for reviewing and reassigning descriptions - Show taxa with descriptions even when all images are moved - Add "Has Images" column to Labeling Guide Descriptions admin - Fixes issue where descriptions were lost during syncdb * Add bulk taxon change action for regular images (not just labeling) * Group image labeling component by plankton groups and some project housekeeping (#47) * Remove dead code and fix minor issues - Fix Facts.__str__ to use taxon.scientific_name instead of non-existent title - Remove unused _result variable in MediaAdmin.update_priority_list_json_view - Refactor duplicate change_taxon_action method to parent MediaAdmin class * Refactor image labeling taxonomy sidebar to use plankton groups (use input) - Add new API endpoint /api/media/image_labeling/grouped_by_plankton/ that returns taxa organized by plankton groups (Cyanobacteria, Diatoms, Dinoflagellates, Ciliates, Protozoa, Other) with unique class names - Allow ZIP uploads without taxon assignment (requires title/class name) - Change unknown taxon identifier from __no_taxon__ to "unknown" for cleaner URLs - Add OpenAPI documentation for the new grouped_by_plankton endpoint * bump django to 5.2.11 (#48) * bump django to 5.2.11 * reformat requirements.txt * Security hardening (#49) * fix: harden security settings and add login rate limiting - Add secure cookie settings (SESSION_COOKIE_SECURE, CSRF_COOKIE_SECURE, SESSION_COOKIE_HTTPONLY) and HTTPS enforcement, gated on DEBUG=False - Add django-axes for admin login brute-force protection (5 attempts, 1 hour cooloff per IP) - Validate syncdb log_id format in get_log_file for defense-in-depth * fix: hide is_superuser field from non-superuser staff in admin Non-superuser managers with user change permission could previously grant superuser access via the admin user form. The is_superuser field is now only visible to superusers. * ruff format * feat: improve login security UX with attempt warnings and failure logging (#50) Enable persistent access failure logging, show remaining login attempts before lockout, and clarify the lockout message as temporary. * bump pillow (#51) * bump backend version (#52) * bump sqlparse (#54) * fix: correct login lock-out counter (#55)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.