How can I register both successful and unsuccessful login and logout attempts in Django?

Question

How can I register both successful and unsuccessful login and logout attempts in Django?

I want to record all user login and logout attempts in Django. This entry should show the history of all users who logged in / logged out, the IP address and the logon / logoff times.

The django_admin_log table seems to record only the ADD / DELETE / CHANGE actions of other models, not the user access history. I also already checked the signals user_logged_in , user_logged_out . It seems that if I use these signals, I need to create a new table to record the history of all logon / logoff. Is there a built-in method in Django for this? Or affordable packages? I checked other packages, and those related to login attempts limit only unsuccessful attempts, but do not record successful logins / logoffs.

+8

python django logging

ryan_2016 Jun 03 '16 at 15:40

source share

1 answer

ohrstrom · Answer 1 · 2016-06-03T18:04:58+0000

You can connect to the provided signals: django.contrib.auth.signals

Logging

 import logging from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed from django.dispatch import receiver log = logging.getLogger(__name__) @receiver(user_logged_in) def user_logged_in_callback(sender, request, user, **kwargs): # to cover more complex cases: # http://stackoverflow.com/questions/4581789/how-do-i-get-user-ip-address-in-django ip = request.META.get('REMOTE_ADDR') log.debug('login user: {user} via ip: {ip}'.format( user=user, ip=ip )) @receiver(user_logged_out) def user_logged_out_callback(sender, request, user, **kwargs): ip = request.META.get('REMOTE_ADDR') log.debug('logout user: {user} via ip: {ip}'.format( user=user, ip=ip )) @receiver(user_login_failed) def user_login_failed_callback(sender, credentials, **kwargs): log.warning('logout failed for: {credentials}'.format( credentials=credentials, ))

Writing to a Model / Database

Since this answer has not yet been accepted, here is an example that hurts actions in the model, rather than logging:

Model

 # <your_app>/models.py from django.db import models from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed from django.dispatch import receiver class AuditEntry(models.Model): action = models.CharField(max_length=64) ip = models.GenericIPAddressField(null=True) username = models.CharField(max_length=256, null=True) def __unicode__(self): return '{0} - {1} - {2}'.format(self.action, self.username, self.ip) @receiver(user_logged_in) def user_logged_in_callback(sender, request, user, **kwargs): ip = request.META.get('REMOTE_ADDR') AuditEntry.objects.create(action='user_logged_in', ip=ip, username=user.username) @receiver(user_logged_out) def user_logged_out_callback(sender, request, user, **kwargs): ip = request.META.get('REMOTE_ADDR') AuditEntry.objects.create(action='user_logged_out', ip=ip, username=user.username) @receiver(user_login_failed) def user_login_failed_callback(sender, credentials, **kwargs): AuditEntry.objects.create(action='user_login_failed', username=credentials.get('username', None))

Administrator

 # <your_app>/admin.py from django.contrib import admin from models import AuditEntry @admin.register(AuditEntry) class AuditEntryAdmin(admin.ModelAdmin): list_display = ['action', 'username', 'ip',] list_filter = ['action',]

How can I register both successful and unsuccessful login and logout attempts in Django?

Logging

Writing to a Model / Database

Model

Administrator

More articles: