make a file "models/plugin_conditionalrecaptcha.py" which contains:
MAX_LOGIN_FAILURES = 3 RECAPTCHA_PUBLIC_KEY = '' RECAPTCHA_PRIVATE_KEY = '' def _(): from gluon.tools import Recaptcha key = 'login_from:%s' % request.env.remote_addr num_login_attempts = cache.ram(key,lambda:0,None) if num_login_attempts >= MAX_LOGIN_FAILURES: auth.settings.login_captcha = Recaptcha( request,RECAPTCHA_PUBLIC_KEY,RECAPTCHA_PRIVATE_KEY) def login_attempt(form,key=key,n=num_login_attempts+1): cache.ram(key,lambda n=n:n,0) def login_success(form,key=key): cache.ram(key,lambda:0,0) auth.settings.login_onvalidation.append(login_attempt) auth.settings.login_onaccept.append(login_success) _() On Oct 3, 6:16 pm, sadik fanan <sadikfa...@gmail.com> wrote: > Hi , i am developing an online booking system on GAE.. > .the developement is allmost > complete...recently i have come to know about brutforce attacks on web based > application for admin login... > my application is in web2py framework > (python)...can anyone here please guide me on a functionality where in , > the admin > login will be disabled after 5 wrong password entries ... > ..is there any kind of > plugin available for this,,, > ,or any pre existing code that i can put into my code > to have this done....please reply on my mail id : sadikfa...@gmail.com > ..... if the > above mentioned thing is not possible at all > in web2py , please suggest other ways > to make more secured admin login