Fixed #2770 -- Fixed a database connection leak in

django.contrib.auth.handlers.modpython. git-svn-id: http://code.djangoproject.com/svn/django/trunk@3789 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-22 12:01:15 +00:00 · 2006-09-22 12:01:15 +00:00 · 9e05fc1598
parent 14be60c4cb
commit 9e05fc1598
1 changed files with 18 additions and 13 deletions
--- a/django/contrib/auth/handlers/modpython.py
+++ b/django/contrib/auth/handlers/modpython.py
@ -22,6 +22,8 @@ def authenhandler(req, **kwargs):
        os.environ['DJANGO_SETTINGS_MODULE'] = settings_module

    from django.contrib.auth.models import User
+    from django import db
+    db.reset_queries()

    # check that the username is valid
    kwargs = {'username': req.user, 'is_active': True}
@ -30,18 +32,21 @@ def authenhandler(req, **kwargs):
    if superuser_only:
        kwargs['is_superuser'] = True
    try:
-        user = User.objects.get(**kwargs)
-    except User.DoesNotExist:
-        return apache.HTTP_UNAUTHORIZED
-
-    # check the password and any permission given
-    if user.check_password(req.get_basic_auth_pw()):
-        if permission_name:
-            if user.has_perm(permission_name):
-                return apache.OK
+        try:
+            user = User.objects.get(**kwargs)
+        except User.DoesNotExist:
+            return apache.HTTP_UNAUTHORIZED
+    
+        # check the password and any permission given
+        if user.check_password(req.get_basic_auth_pw()):
+            if permission_name:
+                if user.has_perm(permission_name):
+                    return apache.OK
+                else:
+                    return apache.HTTP_UNAUTHORIZED
            else:
-                return apache.HTTP_UNAUTHORIZED
+                return apache.OK
        else:
-            return apache.OK
-    else:
-        return apache.HTTP_UNAUTHORIZED
+            return apache.HTTP_UNAUTHORIZED
+    finally:
+        db.connection.close()