savepoint

2026-03-16 22:30:23 +00:00 · 2025-01-17 13:50:07 -06:00 · 2025-01-17 13:50:07 -06:00 · 129e93cc0e
commit 129e93cc0e
parent ce3bfd51be
3 changed files with 23 additions and 2 deletions
--- a/axes/conf.py
+++ b/axes/conf.py
@ -1,4 +1,5 @@
 from django.conf import settings
+from django.contrib.auth import get_user_model
 from django.utils.translation import gettext_lazy as _

 # disable plugin when set to False
@ -43,7 +44,7 @@ settings.AXES_ENABLE_ADMIN = getattr(settings, "AXES_ENABLE_ADMIN", True)

 # use a specific username field to retrieve from login POST data
 settings.AXES_USERNAME_FORM_FIELD = getattr(
-    settings, "AXES_USERNAME_FORM_FIELD", "username"
+    settings, "AXES_USERNAME_FORM_FIELD", get_user_model().USERNAME_FIELD
 )

 # use a specific password field to retrieve from login POST data
--- a/tests/base.py
+++ b/tests/base.py
@ -3,6 +3,7 @@ from string import ascii_letters, digits
 from time import sleep

 from django.contrib.auth import get_user_model
+from django.contrib.auth.base_user import AbstractBaseUser
 from django.http import HttpRequest
 from django.test import TestCase
 from django.urls import reverse
@ -194,3 +195,11 @@ class AxesTestCase(TestCase):
        self.cool_off()
        self.check_login()
        self.check_logout()
+
+
+class CustomTestUserModel(AbstractBaseUser):
+    class Meta:
+        app_label = "tests"
+        db_table = "auth_user"
+    USERNAME_FIELD = "email"
+    
--- a/tests/test_login.py
+++ b/tests/test_login.py
@ -15,7 +15,7 @@ from django.urls import reverse
 from axes.conf import settings
 from axes.helpers import get_cache, make_cache_key_list, get_cool_off, get_failure_limit
 from axes.models import AccessAttempt
-from tests.base import AxesTestCase
+from tests.base import AxesTestCase, CustomTestUserModel


 class DjangoLoginTestCase(TestCase):
@ -145,6 +145,17 @@ class DatabaseLoginTestCase(AxesTestCase):
            response, self.LOGIN_FORM_KEY, status_code=self.ALLOWED, html=True
        )

+    @override_settings(AUTH_USER_MODEL='tests.CustomTestUserModel')
+    def test_custom_user_model_login(self):
+        """
+        Test a valid login for a custom username field on a custom user model.
+        """
+
+        response = self._login(self.email, self.password)
+        self.assertNotContains(
+            response, self.LOGIN_FORM_KEY, status_code=self.ALLOWED, html=True
+        )
+
    def test_lockout_limit_once(self):
        """
        Test the login lock trying to login one more time than failure limit.