django-login

I created a site with django. Users should be able to login. The login-view looks like this: from django.contrib.auth import authenticate, login from django.contrib.auth.models import User .... if request.method == 'POST': username = request.POST['username']#get username password = request.POST['txtPwd']# and password user = authenticate(username=username, password=password) #checking username and pwd if user is not None: if user.is_active: login(request, user) But with this "solution" i can't handle an brute force attack. So I looked around and found this: Throttling brute force login attacks

I want to redirect access of unauthenticated users to the login page, after which the logged-in user should be redirected to the originally requested page. According to documentation, this is easily achieved using the @user_passes_test decorator. But it seems I'd have to decorate every view, which is crazy, there are too many and it's error-prone. What is a good way to turn on this functionality globally (except for a small fixed set of views, such as login )? That is, default everything to logged-in-only + handle anonymous viewing explicitly, where needed. have a look at middleware . these

I'm using Django's authentication, and in the login.html template, the following statement is generating an error: {% url 'django.contrib.auth.views.login' %} TemplateSyntaxError at /login Caught NoReverseMatch while rendering: Reverse for ''django.contrib.auth.views.login'' with arguments '()' and keyword arguments '{}' not found. This url is defined in my urls.py: (r'^login$', 'django.contrib.auth.views.login') I have installed the auth system: INSTALLED_APPS = ( 'django.contrib.auth', ... ) Any ideas? Dominic Rodger As of Django 1.10: As of Django 1.10, it is no longer possible to use the

I am trying to create an auth backend to allow my users to log in using either their email address or their username in Django 1.6 with a custom user model. The backend works when I log in with a user name but for some reason does not with an email. Is there something I am forgetting to do? from django.conf import settings from django.contrib.auth.models import User class EmailOrUsernameModelBackend(object): """ This is a ModelBacked that allows authentication with either a username or an email address. """ def authenticate(self, username=None, password=None): if '@' in username: kwargs = {