From cb2c014334a890a2616d69d0cfd167a45805859d Mon Sep 17 00:00:00 2001
From: Camilo Nova <camilo.nova@gmail.com>
Date: Tue, 24 Feb 2015 11:16:24 -0500
Subject: [PATCH] Improved the way we ask if a user is lockable

Fixes #113
---
 axes/decorators.py | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/axes/decorators.py b/axes/decorators.py
index 090f36d..685f394 100644
--- a/axes/decorators.py
+++ b/axes/decorators.py
@@ -197,24 +197,25 @@ def is_user_lockable(request):
         # not a valid user
         return True
 
-    # Django 1.5 does not support profile anymore, ask directly to user
     if hasattr(user, 'nolockout'):
         # need to revert since we need to return
         # false for users that can't be blocked
         return not user.nolockout
 
-    try:
-        profile = user.get_profile()
-    except (SiteProfileNotAvailable, ObjectDoesNotExist, AttributeError):
-        # no profile
-        return True
+    elif hasattr(settings, 'AUTH_PROFILE_MODULE'):
+        try:
+            profile = user.get_profile()
+            if hasattr(profile, 'nolockout'):
+                # need to revert since we need to return
+                # false for users that can't be blocked
+                return not profile.nolockout
 
-    if hasattr(profile, 'nolockout'):
-        # need to revert since we need to return
-        # false for users that can't be blocked
-        return not profile.nolockout
-    else:
-        return True
+        except (SiteProfileNotAvailable, ObjectDoesNotExist, AttributeError):
+            # no profile
+            return True
+
+    # Default behavior for a user to be lockable
+    return True
 
 def _get_user_attempts(request):
     """Returns access attempt record if it exists.