Cannot use Token-based Authentication Backend unless AXES_ONLY_USER_FAILURES is set to True.

[Kraust]

I am running into a similar issue as #597 where I am using a Token Authentication Backend along side User-based authentication backends and I want to use Axes only for those User-based backends. I am running into an issue where my token based authentication will generate user_login_failed callbacks and as a result try and create AccessAttempt records with a username of "None" (a string).

I can work around this by setting AXES_ONLY_USER_FAILURES to True, however I really would like to do IP-based blocking (maybe AXES_LOCK_OUT_BY_USER_OR_IP or even just IP-based lockouts instead.