Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

django-allauth compatibility

See original GitHub issue

For me django-axes didn’t work with django-allauth package by default.

Problem 1:

After some digging in code I’ve made my own apps.py that monkey patches allauth’s LoginView the same way as axes does it to django’s LoginView:

class AppConfig(apps.AppConfig):
    name = 'my_app_name'

    def ready(self):
        from allauth.account.views import LoginView  # <-- Just this line is changed
        from django.utils.decorators import method_decorator

        from axes import signals    # we must load signals
        from axes.decorators import axes_dispatch
        from axes.decorators import axes_form_invalid

        LoginView.dispatch = method_decorator(axes_dispatch)(LoginView.dispatch)
        LoginView.form_invalid = method_decorator(axes_form_invalid)(LoginView.form_invalid)

It may be useful to either point that out in readme or to modify apps.py to try to detect allauth and patch it too.

Problem 2:

axes rely on having login id stored under AXES_USERNAME_FORM_FIELD key both in request.POST and in credentials arg of user_login_failed signal. This is not the case with allauth. They allways use login key in post POST data but it becomes username key in credentials dict in signal handler.

When I put AXES_USERNAME_FORM_FIELD='login' in use with AXES_ONLY_USER_FAILURES=True it causes empty username go to cache key and therefore locking everybody out when anyone is locked. They all get the same cache key then.

I’m using: django-axes==4.0.1 django-allauth==0.34.0 (note: 0.31.0 didn’t work with my fix either, had to upgrade) django==1.11

Issue Analytics

State:
Created 6 years ago
Comments:9 (6 by maintainers)

Top GitHub Comments

1reaction

gruchacommented, Jan 13, 2018

For now I’ll only paste my solution to Problem 2 mentioned above:

In settings: AXES_USERNAME_FORM_FIELD = 'login'

In my_app.forms.py:

from allauth.account.forms import LoginForm

class AllauthCompatLoginForm(LoginForm):
    def user_credentials(self):
        """
        For `axes` and `allauth` compatibility we simply add "login" key to the creentials
        dict so it is consistent with POST's "login" data key. 
        """
        credentials = super(AllauthCompatLoginForm, self).user_credentials()
        credentials['login'] = credentials.get('email') or credentials.get('username')
        return credentials

And then use this custom form in urls.py:

from allauth.account import views as allauth_views
from my_app.forms import AllauthCompatLoginForm

urlpatterns = [
    ...
    url(r'^accounts/login/$', # Override allauth's default view with our compatibility mod
        allauth_views.LoginView.as_view(form_class=AllauthCompatLoginForm),
        name="account_login"),
    url(r'^accounts/', include('allauth.urls')),
]

Also, Problem 1 might be solved in more elegant way by wrapping the view in urls.py as you mentioned in issue #287

I hope this helps somebody.

0reactions

aleksihaklicommented, Jan 19, 2018

Fixed in #294.

Top Results From Across the Web

Release Notes — django-allauth 0.43.0 documentation

Django 1.7 / Python 3.2 compatibility has been dropped. Due to providers being registered in the same file as their definition it was...

Django 4.0 compatibility · Issue #3098 · pennersr/django-allauth

Currently using django-allauth version 0.50.0 with Django version 4.0.3 on Python 3.10, and it seems to work perfectly fine.

django-allauth - Django Packages

Version License Released Status 0.51.0 MIT 06/07/2022 Beta 0.50.0 MIT 03/25/2022 Beta 0.49.0 MIT 02/22/2022 Beta

django-allauth-cas - PyPI

Tests only target the latest allauth version compatible for each Django version supported: Django 1.9 with django-allauth 0.32.0;. Django 1.8, 1.10, 1.11, ...

django-allauth Documentation - Read the Docs

Source code http://github.com/pennersr/django-allauth. Mailing list http://groups.google.com/group/django- ... True to maintain backwards compatibility.