如何在 Django 中记录成功和失败的登录和注销尝试？

我想在 Django 中记录所有用户登录和注销尝试。该记录应显示所有登录/注销用户的历史记录、IP 地址和登录/注销时间。

The django_admin_log表似乎只记录其他模型的ADD/DELETE/CHANGE活动，而不是用户访问的历史记录。我也已经检查过user_logged_in, user_logged_out信号。看来如果我要使用这些信号，我需要创建一个新表来记录所有用户登录/注销的历史记录。 Django 中有内置方法可以做到这一点吗？或者有可用的套餐吗？我检查了其他软件包，那些与登录尝试相关的软件包仅限制失败的尝试，但不记录成功的登录/注销。

您可以连接到提供的信号：django.contrib.auth.signals https://docs.djangoproject.com/en/1.9/ref/contrib/auth/#module-django.contrib.auth.signals

记录到日志

import logging
from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed
from django.dispatch import receiver

log = logging.getLogger(__name__)

@receiver(user_logged_in)
def user_logged_in_callback(sender, request, user, **kwargs):    
    # to cover more complex cases:
    # http://stackoverflow.com/questions/4581789/how-do-i-get-user-ip-address-in-django
    ip = request.META.get('REMOTE_ADDR')

    log.debug('login user: {user} via ip: {ip}'.format(
        user=user,
        ip=ip
    ))

@receiver(user_logged_out)
def user_logged_out_callback(sender, request, user, **kwargs): 
    ip = request.META.get('REMOTE_ADDR')

    log.debug('logout user: {user} via ip: {ip}'.format(
        user=user,
        ip=ip
    ))

@receiver(user_login_failed)
def user_login_failed_callback(sender, credentials, **kwargs):
    log.warning('login failed for: {credentials}'.format(
        credentials=credentials,
    ))

记录到模型/数据库

因此，到目前为止，这个答案尚未被接受 - 这里有一个例子，它使模型中的操作而不是日志记录变得痛苦：

Model

# <your_app>/models.py

from django.db import models
from django.contrib.auth.signals import user_logged_in, user_logged_out, user_login_failed
from django.dispatch import receiver


class AuditEntry(models.Model):
    action = models.CharField(max_length=64)
    ip = models.GenericIPAddressField(null=True)
    username = models.CharField(max_length=256, null=True)

    def __unicode__(self):
        return '{0} - {1} - {2}'.format(self.action, self.username, self.ip)

    def __str__(self):
        return '{0} - {1} - {2}'.format(self.action, self.username, self.ip)


@receiver(user_logged_in)
def user_logged_in_callback(sender, request, user, **kwargs):  
    ip = request.META.get('REMOTE_ADDR')
    AuditEntry.objects.create(action='user_logged_in', ip=ip, username=user.username)


@receiver(user_logged_out)
def user_logged_out_callback(sender, request, user, **kwargs):  
    ip = request.META.get('REMOTE_ADDR')
    AuditEntry.objects.create(action='user_logged_out', ip=ip, username=user.username)


@receiver(user_login_failed)
def user_login_failed_callback(sender, credentials, **kwargs):
    AuditEntry.objects.create(action='user_login_failed', username=credentials.get('username', None))

Admin

# <your_app>/admin.py
from django.contrib import admin
from models import AuditEntry

@admin.register(AuditEntry)
class AuditEntryAdmin(admin.ModelAdmin):
    list_display = ['action', 'username', 'ip',]
    list_filter = ['action',]