id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
18616	New auth signal: user_login_failed	Michael	nobody	"I've implemented a new signal in Django called `user_login_fail`, in `django.contrib.auth`.

It is fired whenever an unsuccessful use of `django.contrib.auth.authenticate()` occurs, so will apply to all unsuccessful login attempts.

An example of use:

{{{
from django.contrib.auth.signals import user_login_fail

def login_attempt_failure_handler(sender, **kwargs):
	print ""login attempt failure from %s: %r"" % (sender, kwargs)

user_login_failure.connect(login_attempt_failure_handler)
}}}

This would then print on the console while running the development server:

{{{
login attempt failure from django.contrib.auth: {'credentials': {'username': u'michael', 'password': u'notmypassword'}, 'signal': <django.dispatch.dispatcher.Signal object at 0x1ba58d0>}
}}}

I'm aware at the moment that this passes back the password, however the `authenticate` method takes in kwargs for it's authentication, and could include some extra information needed when notifying the administrator (such as a login realm).

The other issue is that this has no idea about what is the sender or the request associated with this signal.  I'm unsure of whether this could be fixed in the signal (and present some better information), or just delegate this responsibility to the use of the `traceback` module.

Patch / pull request is incoming."	New feature	closed	contrib.auth	dev	Normal	fixed		bradpitcher@…	Ready for checkin	1	0	0	0	0	0