from django.conf import settings
from django.contrib import auth
-from django.contrib.auth.middleware import RemoteUserMiddleware
+from django.contrib.auth.middleware import PersistentRemoteUserMiddleware
from django.contrib.auth.models import User
from django.utils.deprecation import MiddlewareMixin
from rest_framework import authentication
return None
-class HttpRemoteUserMiddleware(RemoteUserMiddleware):
+class HttpRemoteUserMiddleware(PersistentRemoteUserMiddleware):
"""This class allows authentication via HTTP_REMOTE_USER which is set for
example by certain SSO applications.
"""
client_ip, _ = ipware.get_client_ip(
meta=request.META,
)
+ username = credentials.get("username") or "anonymous"
if client_ip is None:
logger.info(
- f"Login failed for user `{credentials['username']}`."
- " Unable to determine IP address.",
+ f"Login failed for user `{username}`. Unable to determine IP address.",
)
else:
if client_ip.is_global:
# We got the client's IP address
logger.info(
- f"Login failed for user `{credentials['username']}`"
- f" from IP `{client_ip}.`",
+ f"Login failed for user `{username}` from IP `{client_ip}.`",
)
else:
# The client's IP address is private
logger.info(
- f"Login failed for user `{credentials['username']}`"
+ f"Login failed for user `{username}`"
f" from private IP `{client_ip}.`",
)