We've recently started logging missing template variables (similar to: https://docs.djangoproject.com/en/3.0/ref/templates/api/#how-invalid-variables-are-handled). In this process we noticed that the honeypot login page is complaining about three undefined variables:

1. site_title
2. site_header
3. username

Looking at the page visually, it also looked different than the actual Django login page - the title was missing from the honeypot page. After looking at django-admin-honeypot code and tinkering, I think the discrepancy is in views.py - specifically, if I add site_title to the context returned by get_context_data, it solves the issue.

My guess is that Django templates became more and more customizable, the context wasn't updated and so now there is this discrepancy. I wanted to make sure that my understanding of this is correct before submitting a PR. @dmpayton what do you think? Does it make sense?

(and of course, thanks for the great library!)

Running ./manage.py check on django/master yields the following:

WARNINGS: admin_honeypot.LoginAttempt.ip_address: (fields.W900) IPAddressField has been deprecated. Support for it (except in historical migrations) will be removed in Django 1.9. HINT: Use GenericIPAddressField instead.

Not urgent, but worth considering, IMO.

Hi,

As per Django 4.0

django.utils.translation.ugettext(), ugettext_lazy(), ugettext_noop(), ungettext(), and ungettext_lazy() are removed.

Here is the error:

...
File "/somepath/lib/python3.10/site-packages/admin_honeypot/models.py", line 2, in <module>
    from django.utils.translation import ugettext_lazy as _
ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation' (/somepath/lib/python3.10/site-packages/django/utils/translation/__init__.py)

Related to https://github.com/dmpayton/django-admin-honeypot/issues/83

Does anyone has an updated version of this since this hasn't been updated for sometime?

Depreciation warning from Django 3.1+: I suggest replacing all calls to ugettext() with gettext()

admin_honeypot\views.py:38: 
RemovedInDjango40Warning: django.utils.translation.ugettext() is deprecated in favor of django.utils.translation.gettext().
'title': _('Log in'),

/home/com/venv/bin/python /com/manage.py runserver 8000 
Watching for file changes with StatReloader
Exception in thread django-main-thread:
Traceback (most recent call last):
  File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.10/threading.py", line 953, in run
    self._target(*self._args, **self._kwargs)
  File "/com/venv/lib/python3.10/site-packages/django/utils/autoreload.py", line 64, in wrapper
    fn(*args, **kwargs)
  File "/com/venv/lib/python3.10/site-packages/django/core/management/commands/runserver.py", line 125, in inner_run
    autoreload.raise_last_exception()
  File "/com/venv/lib/python3.10/site-packages/django/utils/autoreload.py", line 87, in raise_last_exception
    raise _exception[1]
  File "/com/venv/lib/python3.10/site-packages/django/core/management/__init__.py", line 398, in execute
    autoreload.check_errors(django.setup)()
  File "/com/venv/lib/python3.10/site-packages/django/utils/autoreload.py", line 64, in wrapper
    fn(*args, **kwargs)
  File "/com/venv/lib/python3.10/site-packages/django/__init__.py", line 24, in setup
    apps.populate(settings.INSTALLED_APPS)
  File "/com/venv/lib/python3.10/site-packages/django/apps/registry.py", line 116, in populate
    app_config.import_models()
  File "/com/venv/lib/python3.10/site-packages/django/apps/config.py", line 304, in import_models
    self.models_module = import_module(models_module_name)
  File "/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
  File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
  File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
  File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
  File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
  File "<frozen importlib._bootstrap_external>", line 883, in exec_module
  File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
  File "/com/venv/lib/python3.10/site-packages/admin_honeypot/models.py", line 2, in <module>
    from django.utils.translation import ugettext_lazy as _
ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation' (/com/venv/lib/python3.10/site-packages/django/utils/translation/__init__.py)

I am surely use most current versions of dependencies.

Django 4.0.6 django-admin-honeypot 1.1.0

However, I saw some of issues from this repository about this errors and You said like this but It doesn't seem to solved! Please help

With Django 3.2 when

DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

is set in set then a migration is required for admin_honeypot

Migrations for 'admin_honeypot':
  /usr/local/lib/python3.8/site-packages/admin_honeypot/migrations/0003_alter_loginattempt_id.py
    - Alter field id on loginattempt

This fails due to write permissions (at least in my application)

The relevant documentation is at: https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto-created-primary-keys

In django celery beat the solution was the following : https://github.com/celery/django-celery-beat/commit/7416e22f03b19173b5ebd5cf42a7125cd0d0f051

Hello all :wave:.

I've been using a forked version of this in an app running on Google App Engine. It has a custom runtime specfied by a Dockerfile. Every login attempt at the honeypot site is said to originate from 172.17.0.6, which seems to be an infrastructure-related IP, rather than the user's IP.

The changes I made in the forked version shouldn't be a factor, so I was wondering if anyone had any thoughts?

Currently the user IP address cannot be collected properly if the site is behind a load balancer or proxy. This code adds a fallback in those situations so that the user IP can be collected properly.

Without this, it is impossible to correctly identify a user IP and so there is no way to ban any malicious users.

Hi all,

I find it kind of crazy that this library has no built in way to pull IP addresses from anything other than REMOTE_ADDR. On AWS, this is always the IP of my load balancer and it makes it completely useless.

I know I can add a middleware, but why can't we be better than this? django-axes (https://github.com/jazzband/django-axes) handles this really nicely by using django-ipware(https://github.com/un33k/django-ipware) to get the IP and allowing us to configure the ipware precedence order: https://django-axes.readthedocs.io/en/latest/4_configuration.html#configuring-reverse-proxies

Can we do something similar here?

Hi, currently im working on https://github.com/philipn/django-block-ip

But i think, it's a good idea add this function in this library, what do you think about that?

Environment:

Request Method: POST Request URL: http://www.thecolornet.com/admin/login/?next=/admin/

Django Version: 1.9.5 Python Version: 3.4.3 Installed Applications: ('django.contrib.admin', 'django.contrib.sites', 'registration', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'admin_honeypot', 'markdown_deux', 'pagedown', 'rest_framework', 'custom_user', 'imagekit', 'crispy_forms', 'storages', 'newsletter', 'comments', 'blog', 'ajaxsearch') Installed Middleware: ('django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'django.middleware.security.SecurityMiddleware')

Traceback:

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/backends/utils.py" in execute

1.             return self.cursor.execute(sql, params)
   

The above exception (invalid input syntax for type inet: "b''" LINE 1: ...p", "path") VALUES ('[email protected]', 'b'''''::i... ^ ) was the direct cause of the following exception:

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/core/handlers/base.py" in get_response

1.                 response = self.process_exception_by_middleware(e, request)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/core/handlers/base.py" in get_response

1.                 response = wrapped_callback(request, _callback_args, *_callback_kwargs)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/views/generic/base.py" in view

1.         return self.dispatch(request, _args, *_kwargs)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/admin_honeypot/views.py" in dispatch

1.     return super(AdminHoneypot, self).dispatch(request, _args, *_kwargs)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/views/generic/base.py" in dispatch

1.     return handler(request, _args, *_kwargs)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/views/generic/edit.py" in post

1.         return self.form_invalid(form)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/admin_honeypot/views.py" in form_invalid

1.         path=self.request.get_full_path(),
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/manager.py" in manager_method

1.             return getattr(self.get_queryset(), name)(_args, *_kwargs)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/query.py" in create

1.     obj.save(force_insert=True, using=self.db)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/base.py" in save

1.                    force_update=force_update, update_fields=update_fields)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/base.py" in save_base

1.         updated = self._save_table(raw, cls, force_insert, force_update, using, update_fields)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/base.py" in _save_table

1.         result = self._do_insert(cls._base_manager, using, fields, update_pk, raw)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/base.py" in _do_insert

1.                            using=using, raw=raw)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/manager.py" in manager_method

1.             return getattr(self.get_queryset(), name)(_args, *_kwargs)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/query.py" in _insert

1.     return query.get_compiler(using=using).execute_sql(return_id)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/models/sql/compiler.py" in execute_sql

1.             cursor.execute(sql, params)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/backends/utils.py" in execute

1.         return super(CursorDebugWrapper, self).execute(sql, params)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/backends/utils.py" in execute

1.             return self.cursor.execute(sql, params)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/utils.py" in exit

1.             six.reraise(dj_exc_type, dj_exc_value, traceback)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/utils/six.py" in reraise

1.         raise value.with_traceback(tb)
   

File "/root/myproject2/myprojectenv2/lib/python3.4/site-packages/django/db/backends/utils.py" in execute

1.             return self.cursor.execute(sql, params)
   

Exception Type: DataError at /admin/login/ Exception Value: invalid input syntax for type inet: "b''" LINE 1: ...p", "path") VALUES ('[email protected]', 'b'''''::i... ^

I see that develop has been compatible with Django 4.0 since december 2021 but, to this day, there has been no release on PyPI and this dependency may be preventing projects from migrating to Django>=4

Context

I followed the documentation and configured my honeypot url. so that when the user visits /admin, their entries are logged as login attempts in the database.

I ran into template errors after I installed django-fastdev where the following template tags were missing on the admin route: subtitle, site_title, is_popup, and site_header

These are probably missing because I never configured them for my original admin page. There is a ticket about the subtitle being missing in this official Django issue. https://code.djangoproject.com/ticket/32681

Steps to Reproduce

1 - Follow the doc and get honeypot intercepting /admin requests 2 - Visit /admin route Admin login page shows as expected 3 - Pip install django-fastdev 4 - Visit /admin route again Template errors occur

Workaround

I went into the admin_honeypot.views.AdminHoneyPot and added these four variables to get_context_data

    def get_context_data(self, **kwargs):
        context = super(AdminHoneypot, self).get_context_data(**kwargs)
        path = self.request.get_full_path()
        context.update({
            'app_path': path,
            REDIRECT_FIELD_NAME: reverse('admin_honeypot:index'),
            'title': _('Log in'),
            'subtitle': None, # added
            'site_title': None, # added
            'is_popup': None, # added
            'site_header': None # added

        })
        return context

Now when I visit /admin I don't have any more template errors

Environment

django-fastdev 1.7.2 Python 3.9.7 Django 3.2.13

I've changed all ugettext_lazy as _ to gettext_lazy as _ and it working, but I have problem when deploying app on heroku..

from django.utils.translation import ugettext_lazy as _ remote: ImportError: cannot import name 'ugettext_lazy' from 'django.utils.translation' (/app/.heroku/python/lib/python3.10/site-packages/django/utils/translation/init.py)

The notify_admins function in listeners.py begins with this line:

    path = reverse('admin:admin_honeypot_loginattempt_change', args=(instance.pk,))

https://github.com/dmpayton/django-admin-honeypot/blob/c252b6cc18e8c690eead4d0780a49cdd3c78b8c7/admin_honeypot/listeners.py#L9

That URL does not exist, so I'm getting spammed with error emails saying:

NoReverseMatch at /admin/login/
Reverse for 'admin_honeypot_loginattempt_change' not found. 'admin_honeypot_loginattempt_change' is not a valid view function or pattern name.

• Fixed django 4.0 deprecation warnings
• flake8 of code
• added python 3.5, 3.6 and 3.8 to travis
• added django 3.1 to travis
• created a travis matrix so all valid combinations are being tested
• added some tags to the README