Attila Oláh <attilao...@gmail.com> added the comment: I implemented something similar in a plugin ( http://svn.tranchitella.it/listing.php? repname=public&path=/repoze.who.plugins.sqlalchemy/ ), with passing an optional 'user_audit' argument to the plugin maker in who.ini, then the authenticator will call a method upon each failed login. It's up to the application to store it, i.e. in a database, and after a certain number of failed logins, either refuse to authenticate, or show a CAPTCHA. This might, or might not be what you're looking for, though.
---------- status: unread -> chatting __________________________________ Repoze Bugs <b...@bugs.repoze.org> <http://bugs.repoze.org/issue84> __________________________________ _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
