Fixed #15043 -- Updated the login function to send the user_logged_in signal after the user's session got recycled instead of before. Thanks, Rob Hudson.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15168 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-10 08:15:52 +00:00 · 2011-01-10 08:15:52 +00:00 · 937548bba4
parent 730769d1af
commit 937548bba4
1 changed files with 1 additions and 2 deletions
--- a/django/contrib/auth/init.py
+++ b/django/contrib/auth/init.py
@ -70,8 +70,6 @@ def login(request, user):
    if user is None:
        user = request.user
    # TODO: It would be nice to support different login methods, like signed cookies.
-    user_logged_in.send(sender=user.__class__, request=request, user=user)
-
    if SESSION_KEY in request.session:
        if request.session[SESSION_KEY] != user.id:
            # To avoid reusing another user's session, create a new, empty
@ -84,6 +82,7 @@ def login(request, user):
    request.session[BACKEND_SESSION_KEY] = user.backend
    if hasattr(request, 'user'):
        request.user = user
+    user_logged_in.send(sender=user.__class__, request=request, user=user)

 def logout(request):
    """