这里有人成功配置django-axes吗? Axes 是一个模块,可让您在指定次数的登录尝试失败后锁定用户。 我有三个问题无法解决。 首先,即使我已超过失败限制,我的应用程序仍允许我尝试登录,其次,如果我超过失败限制,我的站点不会显示锁定模板,第三,我的管理站点未显示任何登录失败。 我已经阅读了 Github 上的文档,但我仍然没有看到我做错了什么。 我的文件如下所示。 感谢您的帮助。
# Relevant settings in settings.py
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'login',
'axes',
)
# MIDDLEWARE_CLASSES contains usual classes
MIDDLEWARE_CLASSES += (
'axes.middleware.FailedLoginMiddleware',
)
AXES_LOGIN_FAILURE_LIMIT = 1
import datetime as dt
delta = dt.timedelta(minutes=1)
AXES_COOLOFF_TIME = delta
AXES_LOCKOUT_URL = '/accounts/locked_out/'
AXES_LOCKOUT_TEMPLATE = 'registration/locked_out.html'
# Relevant routes in urls.py
urlpatterns = patterns('',
# This is my login view, nothing special there
url(r'^$', 'login.views.firewall_login'),
# The view for Axes lockout
url(r'^accounts/locked_out/$',
'login.views.locked_out',
{'template': 'registration/locked_out.html'}),
url(r'^admin/', include(admin.site.urls)),
)
# views.py
def locked_out(request, template):
"""User is redirected here after they're locked out."""
return render(request, template)
将此添加到您的setting.py
:
AUTHENTICATION_BACKENDS = [
# AxesBackend should be the first backend in the AUTHENTICATION_BACKENDS list.
'axes.backends.AxesBackend',
# Django ModelBackend is the default authentication backend.
'django.contrib.auth.backends.ModelBackend',
]
我能帮忙的就是你需要添加
AXES_ENABLE_ACCESS_FAILURE_LOG = True # log access failures to the database.
不幸的是,我自己不确定其他问题