Greetings, As an enhancement to the existing collection of signals I wanted to propose the addition of a signal for the event of an unsuccessful login. Currently django.contrib.auth supports user_logged_in and user_logged_out for successful events. Addition of e.g. user_failed_login would allow this event to be handled. I'm interested in logging this as a security event for the application. I've seen past discussions on the topic of implementing protection against password guessing attacks. It seems to me that at least having the signal available would then give some basis for developers to flexibly implement customized approaches for handling and responding to login failures.
I've been advised that I can reach some form of similar functionality by subclassing the auth backend. Does the new signal approach have merit? -- Darren Spruell phatbuck...@gmail.com -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
