refactored password form field for it can be set from settings

added extra logic in decorated login to handle two_factor no redirecty login added extra logic in decorated login to handle two_factor no redirecty login part 2 added extra logic in decorated login to handle two_factor no redirecty login part 3 removed extra changes
2026-05-26 16:04:02 +00:00 · 2014-10-01 17:51:27 -07:00 · 2014-10-01 17:51:27 -07:00 · b77daf2657
commit b77daf2657
parent 36a9d5d414
1 changed files with 5 additions and 1 deletions
--- a/axes/decorators.py
+++ b/axes/decorators.py
@ -43,6 +43,9 @@ USE_USER_AGENT = getattr(settings, 'AXES_USE_USER_AGENT', False)
 # use a specific username field to retrieve from login POST data
 USERNAME_FORM_FIELD = getattr(settings, 'AXES_USERNAME_FORM_FIELD', 'username')

+# use a specific password field to retrieve from login POST data
+PASSWORD_FORM_FIELD = getattr(settings, 'AXES_PASSWORD_FORM_FIELD', 'password')
+
 # see if the django app is sitting behind a reverse proxy
 BEHIND_REVERSE_PROXY = getattr(settings, 'AXES_BEHIND_REVERSE_PROXY', False)

@ -159,7 +162,7 @@ def query2str(items, max_length=1024):

    kvs = []
    for k, v in items:
-        if k != 'password':
+        if k != PASSWORD_FORM_FIELD:
            kvs.append(six.u('%s=%s') % (k, v))

    return '\n'.join(kvs)[:max_length]
@ -307,6 +310,7 @@ def watch_login(func):

        if request.method == 'POST':
            # see if the login was successful
+
            login_unsuccessful = (
                response and
                not response.has_header('location') and