diff --git a/django/contrib/admin/sites.py b/django/contrib/admin/sites.py index abcff14cd1..5f397ecb01 100644 --- a/django/contrib/admin/sites.py +++ b/django/contrib/admin/sites.py @@ -300,7 +300,7 @@ class AdminSite(object): user = authenticate(username=username, password=password) if user is None: message = ERROR_MESSAGE - if u'@' in username: + if username is not None and u'@' in username: # Mistakenly entered e-mail address instead of username? Look it up. try: user = User.objects.get(email=username) diff --git a/tests/regressiontests/admin_views/tests.py b/tests/regressiontests/admin_views/tests.py index aafa303cec..669755051e 100644 --- a/tests/regressiontests/admin_views/tests.py +++ b/tests/regressiontests/admin_views/tests.py @@ -353,6 +353,9 @@ class AdminViewPermissionsTest(TestCase): LOGIN_FORM_KEY: 1, 'username': 'joepublic', 'password': 'secret'} + self.no_username_login = { + LOGIN_FORM_KEY: 1, + 'password': 'secret'} def testLogin(self): """ @@ -416,6 +419,14 @@ class AdminViewPermissionsTest(TestCase): # Login.context is a list of context dicts we just need to check the first one. self.assert_(login.context[0].get('error_message')) + # Requests without username should not return 500 errors. + request = self.client.get('/test_admin/admin/') + self.failUnlessEqual(request.status_code, 200) + login = self.client.post('/test_admin/admin/', self.no_username_login) + self.failUnlessEqual(login.status_code, 200) + # Login.context is a list of context dicts we just need to check the first one. + self.assert_(login.context[0].get('error_message')) + def testLoginSuccessfullyRedirectsToOriginalUrl(self): request = self.client.get('/test_admin/admin/') self.failUnlessEqual(request.status_code, 200)