Django-axes

------------------

- Add ``AXES_ONLY_ADMIN_SITE`` flag for only running Axes on admin site.
[hramezani]
- Add ``axes_reset_logs`` command for removing old AccessLog records.
[tlebrize]
- Allow ``AxesBackend`` subclasses to pass the ``axes.W003`` system check.
[adamchainz]

------------------

- Fix lockout message showing when lockout is disabled
with the ``AXES_LOCK_OUT_AT_FAILURE`` setting.
[mogzol]

- Add support for callable ``AXES_FAILURE_LIMIT`` setting.
[bbayles]

------------------

- Deprecate ``AXES_DISABLE_SUCCESS_ACCESS_LOG`` flag in favour of
``AXES_DISABLE_ACCESS_LOG`` which has mostly the same functionality.
Update documentation to better reflect the behaviour of the flag.
[aleksihakli]

------------------

- Change the lockout response calculation to request flagging
instead of exception throwing in the signal handler and middleware.
Move request attribute calculation from middleware to handler layer.
Deprecate ``axes.request.AxesHttpRequest`` object type definition.
[aleksihakli]

- Deprecate the old version 4.x ``axes.backends.AxesModelBackend`` class.
[aleksihakli]

- Improve documentation on attempt tracking, resets, Axes customization,
project and component compatibility and integrations, and other things.
[aleksihakli]

------------------

- Fix regression with OAuth2 authentication backends not having remote
IP addresses set and throwing an exception in cache key calculation.
[aleksihakli]

------------------

- Fix ``django.contrib.auth`` module ``login`` and ``logout`` functionality
so that they work with the handlers without the an ``AxesHttpRequest``
to improve cross compatibility with other Django applications.
[aleksihakli]

- Change IP address resolution to allow empty or missing addresses.
[aleksihakli]

- Add error logging for missing request attributes in the handler layer
so that users get better indicators of misconfigured applications.
[aleksihakli]