AxesBackend 需要请求作为参数进行身份验证

问题描述 投票:0回答:1

我需要对我的 django 站点的帐户登录尝试添加限制,我找到了流行的 django-axes 库,遵循文档和代码示例,但是当我尝试登录我的帐户时(密码是否正确)或没有)我收到错误 AxesBackend 需要一个请求作为参数进行身份验证,即使我的代码完全遵循说明并且我正在传递请求。 以下是与此相关的所有代码:

设置.py

INSTALLED_APPS = [
    ...
    'axes',
]

MIDDLEWARE = [
    ...
    'axes.middleware.AxesMiddleware',
]

AXES_FAILURE_LIMIT =  4
AXES_RESET_ON_SUCCESS = True
AXES_COOLOFF_TIME = 1

AUTHENTICATION_BACKENDS = [
   'axes.backends.AxesBackend', # Axes must be first
   'django.contrib.auth.backends.ModelBackend',
]

AUTH_USER_MODEL = "users.User"
LOGIN_URL = "/user/login/"

views.py

from django.contrib import auth, messages

def login(request):

    if request.method == "POST":
        form = UserLoginForm(data=request.POST)
        if form.is_valid():
            username = request.POST["username"]
            password = request.POST["password"]
            user = auth.authenticate(request=request, username=username, password=password)

            if user:
                auth.login(request, user)

                redirect_page = request.POST.get("next", None)

                if redirect_page and redirect_page != reverse("user:logout"):
                    return HttpResponseRedirect(request.POST.get("next"))

                return HttpResponseRedirect(reverse("main:main_page"))
    else:

        form = UserLoginForm()

    context = {"title": "Вход", "form": form}

    return render(request, "users/login.html", context)

forms.py

from django import forms
from django.contrib.auth.forms import (
    AuthenticationForm,
    UserCreationForm,
    UserChangeForm,
)
from users.models import User


class UserLoginForm(AuthenticationForm):

    username = forms.CharField()
    password = forms.CharField()

    class Meta:
        model = User
        fields = ["username", "password"]

版本库

Django==5.0.4
django-axes==6.5.2

我将非常感谢您的帮助!

完整追溯

Traceback (most recent call last):
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\core\handlers\exception.py", line 55, in inner
    response = get_response(request)
               ^^^^^^^^^^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\core\handlers\base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "C:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\bismuth\users\views.py", line 17, in login
    if form.is_valid():
       ^^^^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\forms\forms.py", line 197, in is_valid    
    return self.is_bound and not self.errors
                                 ^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\forms\forms.py", line 192, in errors      
    self.full_clean()
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\forms\forms.py", line 328, in full_clean  
    self._clean_form()
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\forms\forms.py", line 349, in _clean_form 
    cleaned_data = self.clean()
                   ^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\contrib\auth\forms.py", line 250, in clean
    self.user_cache = authenticate(
                      ^^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\views\decorators\debug.py", line 75, in sensitive_variables_wrapper
    return func(*func_args, **func_kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\django\contrib\auth\__init__.py", line 79, in authenticate
    user = backend.authenticate(request, **credentials)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\axes\helpers.py", line 615, in inner
    return func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^
  File "c:\Users\danii\OneDrive\Рабочий стол\coins\Project Bismuth\venv\Lib\site-packages\axes\backends.py", line 46, in authenticate      
    raise AxesBackendRequestParameterRequired(
axes.exceptions.AxesBackendRequestParameterRequired: AxesBackend requires a request as an argument to authenticate
[07/Oct/2024 10:27:42] "POST /user/login/ HTTP/1.1" 500 125895
django django-views django-settings django-login
1个回答
0
投票

它失败的原因是因为你的 

UserLoginForm
已经尝试了 
authenticate()
,而失败是因为它没有 
request
对象。

好消息是:我们可以让表单处理请求,例如:

from django.urls import redirect


def login(request):
    if request.method == 'POST':
        form = UserLoginForm(request=request, data=request.POST)
        if form.is_valid():
            user = form.get_user()
            if user:
                auth.login(request, user)
                redirect_page = request.POST.get('next', None)

                if redirect_page and redirect_page != reverse('user:logout'):
                    return HttpResponseRedirect(request.POST.get('next'))
                return redirect('main:main_page')
    else:
        form = UserLoginForm()
    context = {'title': 'Вход', 'form': form}
    return render(request, 'users/login.html', context)
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.