Home/ Questions/Q 8058597
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T09:24:31+00:00

I am using Django-axes, and using the exact same steps described in readme on

  • 0

I am using Django-axes, and using the exact same steps described in readme on github. I am able to login and logout fine through django views, but none of the failed login attempts get captured if going throught the main website. None the less, failed login attempts from admin site get captured just fine. I am using the FailedLoginMiddleware, and nothing admin specific. I have double checked all the settings and configs, but I am still failing to find the source of the problem. Please help. 

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'axes.middleware.FailedLoginMiddleware',
)

INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'axes',
    'django.contrib.admin',
)

Here is the projects urls.py:

from django.conf.urls.defaults import patterns, include, url
from django.contrib.auth.views import login, logout, password_change 

from qs.forms import ValidatingPasswordChangeForm

from django.contrib import admin
admin.autodiscover()

urlpatterns = patterns('',
    (r'^login/$', login, {'template_name': 'auth/login.html'}),
    (r'^logout/$', logout, {'redirect_field_name': '/login', 
                            'template_name': 'auth/logged_out.html'}),
    (r'^passw_change/$', password_change, 
                           {'post_change_redirect': '/rage', 
                            'template_name': 'auth/password_change.html',
                            'password_change_form': ValidatingPasswordChangeForm}),

    (r'^passw_reset/$', 'views.rage_password_reset'),
    (r'^passw_reset/done/', 'views.rage_password_reset_done'),
    (r'^passw_reset/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/$', 'views.rage_password_reset_confirm'),
    (r'^passw_reset/complete/$', 'views.rage_password_reset_complete'),

    url(r'^$', 'be.views.main.index'),
    url(r'^admin/', include(admin.site.urls)),
)
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I can’t think of any reason why your config wouldn’t work- I use django-axes and my setup is the exact same as yours and it works fine. However, you can force axes to log everything by doing the following:

    1. Change axes.middleware.FailedLoginMiddleware to axes.middleware.FailedAdminLoginMiddleware in your settings.py. (FailedAuthLoginMiddleware obviously isn’t working for you, so don’t use it.)

    2. Edit your urls.conf:

      ...
from django.contrib.auth.views import login, logout, password_change
from axes.decorators import watch_login
...
urlpatterns = patterns('',
    (r'^login/$', watch_login(login), {'template_name': 'auth/login.html'}),
...

    This should force axes to log attempts- and doing so may also shed some light on what the initial issue was.

    • 0