I’ve run into a lot of attribute errors when using django-axes. Whenever I fix one of them by setting the default attributes, more start showing up. I followed the documentation for installation. Here is my code…
settings.py
""" Django settings for ChatTest project. Generated by 'django-admin startproject' using Django 3.1.1. For more information on this file, see https://docs.djangoproject.com/en/3.1/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/3.1/ref/settings/ """ from pathlib import Path import os import django # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! if('SECRET_KEY' in os.environ): SECRET_KEY = os.environ["SECRET_KEY"] if('SECRET_KEY' not in os.environ): SECRET_KEY = 'o1(-!s0um*rj47xv8vk@)pdq3)2c1o-et!v!rnqq3p4m(9592k' #Secret key I use for local development DEBUG = True ALLOWED_HOSTS = ['.railway.app','localhost', '127.0.0.1'] # Application definition INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'channels', 'Chat.apps.ChatConfig', 'django_cleanup.apps.CleanupConfig', 'axes', ] MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'axes.middleware.AxesMiddleware', ] X_FRAME_OPTIONS = 'DENY' ROOT_URLCONF = 'ChatTest.urls' TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ 'django.template.context_processors.debug', 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', ], }, }, ] WSGI_APPLICATION = 'ChatTest.wsgi.application' ASGI_APPLICATION = 'ChatTest.routing.application' # Database # https://docs.djangoproject.com/en/3.1/ref/settings/#databases if('PGDATABASE' in os.environ): DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql_psycopg2', 'NAME': os.environ["PGDATABASE"], 'USER': os.environ["PGUSER"], 'PASSWORD': os.environ["PGPASSWORD"], 'HOST': os.environ["PGHOST"], 'PORT': os.environ["PGPORT"], } } if('PGDATABASE' not in os.environ): DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': BASE_DIR / 'db.sqlite3', } } # Password validation # https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', }, { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', }, ] AUTH_USER_MODEL = 'Chat.Account' # Internationalization # https://docs.djangoproject.com/en/3.1/topics/i18n/ LANGUAGE_CODE = 'en-us' TIME_ZONE = 'Europe/Prague' USE_I18N = True USE_L10N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/3.1/howto/static-files/ STATIC_URL = '/static/' STATIC_ROOT = os.path.join(BASE_DIR, 'static/') STATICFILES_DIR = [os.path.join(BASE_DIR, 'static')] MEDIA_ROOT = os.path.join(BASE_DIR, 'media') MEDIA_URL = '/media/' if('REDIS_URL' in os.environ): CHANNEL_LAYERS = { "default": { "BACKEND": "channels_redis.core.RedisChannelLayer", "CONFIG": { "hosts": [os.environ.get('REDIS_URL')], }, }, } CACHES = { "default": { "BACKEND": "django_redis.cache.RedisCache", "LOCATION": [os.environ.get('REDIS_URL')], "OPTIONS": { "CLIENT_CLASS": "django_redis.client.DefaultClient" } } } if('REDIS_URL' not in os.environ): CHANNEL_LAYERS = { "default": { "BACKEND": "channels.layers.InMemoryChannelLayer" } } AUTHENTICATION_BACKENDS = [ # AxesBackend should be the first backend in the AUTHENTICATION_BACKENDS list. 'axes.backends.AxesBackend', # Django ModelBackend is the default authentication backend. 'django.contrib.auth.backends.ModelBackend', ] SION_COOKIE_SECURE = True CSRF_COOKIE_SECURE = True CSRF_USE_SESSIONS = False # Default: False - Store CSRF token in Session as opposed to in cookie CSRF_COOKIE_HTTPONLY = False SECURE_HSTS_SECONDS = 31536000 SECURE_HSTS_PRELOAD = True SECURE_HSTS_INCLUDE_SUBDOMAINS = True AXES_ENABLED = True AXES_FAILURE_LIMIT = 3 AXES_LOCK_OUT_AT_FAILURE = True AXES_COOLOFF_TIME = 0.1 # in hours - now set to 6 mins AXES_LOCKOUT_CALLABLE = "Chat.views.lockout" AXES_USERNAME_FORM_FIELD = "username" AXES_USERNAME_CALLABLE = None AXES_PROXY_ORDER = "left-most" AXES_PROXY_COUNT = None AXES_PROXY_TRUSTED_IPS = None AXES_ONLY_WHITELIST = False AXES_WHITELIST_CALLABLE = None AXES_LOCK_OUT_BY_USER_OR_IP = False AXES_META_PRECEDENCE_ORDER = [ 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR', ] django.setup()
At the bottom I tried to set some of the default attributes that were causing errors. Right now, the code above results in a 'Settings' object has no attribute 'AXES_HANDLER'
error.
In views.py when authenticating the user I have set request=request
as the documentation said. I’ve also added a lockout function:
def lockout(request, credentials, *args, **kwargs): messages.error(request, "Account locked. Try again in 6 minutes") return redirect('index')
Note: I am also using a custom user model so users can log in with their email. I tested it on a different project with django-axes and everything was working well. So I don’t think that’s the issue here.
Question: How do I fix this? Is there anything I need to install or configure differently?
Advertisement
Answer
Currently I am also using django-axes for custom views.py login page. What I did was to include decorator @axes_dispatch
on my login function. For Settings.py, ensure that AXES_USERNAME_FORM_FIELD
is configured to your user credential field. For mine, im using ’email’. So its should be changed to AXES_USERNAME_FORM_FIELD='email'
.
from axes.decorators import axes_dispatch views.py @axes_dispatch def user_login(request): ... settings.py AXES_USERNAME_FORM_FIELD='email'