Merge pull request #98 from certego/develop

1.2.10

CHANGELOG.md

@@ -1,4 +1,7 @@
 ## 1.2.x
+### 1.2.10
+#### Changes
+* Added settings into the Config model (instead of into the settings.py file)
 ### 1.2.9
 #### Bugfix
 * Fixed the connection to the buffalogs_postgres container

buffalogs/buffalogs/settings/settings.py

@@ -215,13 +215,6 @@
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 DATA_UPLOAD_MAX_NUMBER_FIELDS = None
 
-# Certego settings
-CERTEGO_BUFFALOGS_DISTANCE_KM_ACCEPTED = 100
-CERTEGO_BUFFALOGS_VEL_TRAVEL_ACCEPTED = 300
-CERTEGO_BUFFALOGS_USER_MAX_DAYS = 20
-CERTEGO_BUFFALOGS_LOGIN_MAX_DAYS = 10
-CERTEGO_BUFFALOGS_ALERT_MAX_DAYS = 10
-CERTEGO_BUFFALOGS_IP_MAX_DAYS = 7
 
 # Celery config
 CELERY_BROKER_URL = CERTEGO_BUFFALOGS_RABBITMQ_URI

buffalogs/impossible_travel/management/commands/clear_models.py

@@ -31,4 +31,4 @@ def handle(self, *args, **options):
             Login.objects.all().delete()
             User.objects.all().delete()
             TaskSettings.objects.all().delete()
-            self.stdout.write(self.style.SUCCESS("All the models have been emptied, expect the Config model"))
+            self.stdout.write(self.style.SUCCESS("All the models have been emptied, except the Config model"))

buffalogs/impossible_travel/migrations/0010_config_alert_max_days_config_distance_accepted_and_more.py

@@ -0,0 +1,61 @@
+# Generated by Django 4.1.4 on 2024-01-22 11:38
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("impossible_travel", "0009_config_ignored_ips_config_ignored_users_and_more"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="config",
+            name="alert_max_days",
+            field=models.PositiveIntegerField(
+                default=30,
+                help_text="Days after which the alerts will be removed from the db",
+            ),
+        ),
+        migrations.AddField(
+            model_name="config",
+            name="distance_accepted",
+            field=models.PositiveIntegerField(
+                default=100,
+                help_text="Minimum distance (in Km) between two logins after which the impossible travel detection starts",
+            ),
+        ),
+        migrations.AddField(
+            model_name="config",
+            name="ip_max_days",
+            field=models.PositiveIntegerField(
+                default=30,
+                help_text="Days after which the IPs will be removed from the db",
+            ),
+        ),
+        migrations.AddField(
+            model_name="config",
+            name="login_max_days",
+            field=models.PositiveIntegerField(
+                default=30,
+                help_text="Days after which the logins will be removed from the db",
+            ),
+        ),
+        migrations.AddField(
+            model_name="config",
+            name="user_max_days",
+            field=models.PositiveIntegerField(
+                default=60,
+                help_text="Days after which the users will be removed from the db",
+            ),
+        ),
+        migrations.AddField(
+            model_name="config",
+            name="vel_accepted",
+            field=models.PositiveIntegerField(
+                default=300,
+                help_text="Minimum velocity (in Km/h) between two logins after which the impossible travel detection starts",
+            ),
+        ),
+    ]

buffalogs/impossible_travel/models.py

@@ -74,3 +74,13 @@ class Config(models.Model):
     ignored_ips = ArrayField(models.CharField(max_length=100), blank=True, default=list)
     allowed_countries = ArrayField(models.CharField(max_length=20), blank=True, default=list)
     vip_users = ArrayField(models.CharField(max_length=100), blank=True, default=list)
+    distance_accepted = models.PositiveIntegerField(
+        default=100, help_text="Minimum distance (in Km) between two logins after which the impossible travel detection starts"
+    )
+    vel_accepted = models.PositiveIntegerField(
+        default=300, help_text="Minimum velocity (in Km/h) between two logins after which the impossible travel detection starts"
+    )
+    user_max_days = models.PositiveIntegerField(default=60, help_text="Days after which the users will be removed from the db")
+    login_max_days = models.PositiveIntegerField(default=30, help_text="Days after which the logins will be removed from the db")
+    alert_max_days = models.PositiveIntegerField(default=30, help_text="Days after which the alerts will be removed from the db")
+    ip_max_days = models.PositiveIntegerField(default=30, help_text="Days after which the IPs will be removed from the db")

buffalogs/impossible_travel/modules/impossible_travel.py

@@ -1,10 +1,9 @@
 import logging
 from datetime import datetime
 
-from django.conf import settings
 from django.utils import timezone
 from geopy.distance import geodesic
-from impossible_travel.models import Alert, Login, UsersIP
+from impossible_travel.models import Alert, Config, Login, UsersIP
 
 
 class Impossible_Travel:
@@ -27,11 +26,12 @@ def calc_distance(self, db_user, prev_login, last_login_user_fields):
         :return: dictionary with info about the impossible travel alert
         :rtype: dict
         """
+        app_config = Config.objects.get(id=1)
         alert_info = {}
         vel = 0
         distance_km = geodesic((prev_login.latitude, prev_login.longitude), (last_login_user_fields["lat"], last_login_user_fields["lon"])).km
 
-        if distance_km > settings.CERTEGO_BUFFALOGS_DISTANCE_KM_ACCEPTED:
+        if distance_km > app_config.distance_accepted:
             last_timestamp_datetimeObj_aware = timezone.make_aware(datetime.strptime(last_login_user_fields["timestamp"], "%Y-%m-%dT%H:%M:%S.%fZ"))
             prev_timestamp_datetimeObj_aware = prev_login.timestamp  # already aware in the db
 
@@ -43,7 +43,7 @@ def calc_distance(self, db_user, prev_login, last_login_user_fields):
 
             vel = distance_km / diff_timestamp_hours
 
-            if vel > settings.CERTEGO_BUFFALOGS_VEL_TRAVEL_ACCEPTED:
+            if vel > app_config.vel_accepted:
                 alert_info["alert_name"] = Alert.ruleNameEnum.IMP_TRAVEL
                 alert_info[
                     "alert_desc"

buffalogs/impossible_travel/tasks.py

@@ -15,17 +15,18 @@
 
 def clear_models_periodically():
     """Delete old data in the models"""
+    app_config = Config.objects.get(id=1)
     now = timezone.now()
-    delete_user_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_USER_MAX_DAYS)
+    delete_user_time = now - timedelta(days=app_config.user_max_days)
     User.objects.filter(updated__lte=delete_user_time).delete()
 
-    delete_login_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_ALERT_MAX_DAYS)
+    delete_login_time = now - timedelta(days=app_config.login_max_days)
     Login.objects.filter(updated__lte=delete_login_time).delete()
 
-    delete_alert_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_ALERT_MAX_DAYS)
+    delete_alert_time = now - timedelta(days=app_config.alert_max_days)
     Alert.objects.filter(updated__lte=delete_alert_time).delete()
 
-    delete_ip_time = now - timedelta(days=settings.CERTEGO_BUFFALOGS_IP_MAX_DAYS)
+    delete_ip_time = now - timedelta(days=app_config.ip_max_days)
     UsersIP.objects.filter(updated__lte=delete_ip_time).delete()
 
 

buffalogs/impossible_travel/tests/setup.py

@@ -44,6 +44,7 @@ def setup(self):
             ]
         )
         Config.objects.create(
+            id=1,
             ignored_users=["N/A", "Not Available"],
             ignored_ips=["0.0.0.0", "192.168.1.0/24"],
             allowed_countries=["Italy", "United States"],

buffalogs/impossible_travel/tests/test_impossible_travel.py

@@ -1,6 +1,6 @@
 from django.test import TestCase
 from django.utils import timezone
-from impossible_travel.models import Login, User, UsersIP
+from impossible_travel.models import Config, Login, User, UsersIP
 from impossible_travel.modules import impossible_travel
 
 
@@ -9,6 +9,13 @@ class TestImpossibleTravel(TestCase):
 
     @classmethod
     def setUpTestData(self):
+        Config.objects.create(
+            id=1,
+            ignored_users=["N/A", "Not Available"],
+            ignored_ips=["0.0.0.0", "192.168.1.0/24"],
+            allowed_countries=["Italy", "United States"],
+            vip_users=["Asa Strickland", "Krista Moran"],
+        )
         user_obj = User.objects.create(
             username="Lorena Goldoni",
             risk_score="Low",
@@ -26,7 +33,7 @@ def setUpTestData(self):
         )
 
     def test_calc_distance(self):
-        # if distance >  settings.CERTEGO_BUFFALOGS_DISTANCE_KM_ACCEPTED --> FALSE
+        # if distance >  Config.distance_accepted --> FALSE
         last_login_user_fields = {
             "timestamp": "2023-03-08T17:10:33.358Z",
             "lat": "40.364",

buffalogs/requirements.txt

@@ -17,8 +17,7 @@ kombu>=5.2.4
 nodeenv>=1.7.0
 pathspec>=0.10.3
 prompt-toolkit>=3.0.33
-psycopg>=3.1.12
-psycopg-binary>=3.1.12
+psycopg[binary]>=3.1.12
 pygal>=3.0.0
 pygal-maps-world>=1.0.2
 python-dateutil>=2.8.2

django-buffalogs/buffalogs.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: buffalogs
-Version: 1.2.9
+Version: 1.2.10
 Summary: A Django app to detect anomaly logins.
 Home-page: UNKNOWN
 Author: Lorena Goldoni

django-buffalogs/buffalogs.egg-info/SOURCES.txt

@@ -31,6 +31,7 @@ impossible_travel/migrations/0006_alert_is_vip.py
 impossible_travel/migrations/0007_login_event_id_login_ip.py
 impossible_travel/migrations/0008_usersip.py
 impossible_travel/migrations/0009_config_ignored_ips_config_ignored_users_and_more.py
+impossible_travel/migrations/0010_config_alert_max_days_config_distance_accepted_and_more.py
 impossible_travel/migrations/__init__.py
 impossible_travel/modules/impossible_travel.py
 impossible_travel/modules/login_from_new_country.py

django-buffalogs/setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = buffalogs
-version = 1.2.9
+version = 1.2.10
 description = A Django app to detect anomaly logins.
 long_description = file: README.rst
 author = Lorena Goldoni