[1.11.x] Refs #28207 -- Fixed contrib.auth.authenticate() if 'backend' is in the credentials.

Regression in 3008f30f19.

Backport of a3ba2662cd from master
This commit is contained in:
Daniel Hahler 2017-05-22 17:03:18 +02:00 committed by Tim Graham
parent bd6a3546d4
commit a810f4aa04
2 changed files with 25 additions and 2 deletions

View File

@ -67,7 +67,7 @@ def authenticate(request=None, **credentials):
"""
for backend, backend_path in _get_backends(return_tuples=True):
try:
user = _authenticate_with_backend(backend, backend_path, request, **credentials)
user = _authenticate_with_backend(backend, backend_path, request, credentials)
except PermissionDenied:
# This backend says to stop in our tracks - this user should not be allowed in at all.
break
@ -81,13 +81,14 @@ def authenticate(request=None, **credentials):
user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request)
def _authenticate_with_backend(backend, backend_path, request, **credentials):
def _authenticate_with_backend(backend, backend_path, request, credentials):
args = (request,)
# Does the backend accept a request argument?
try:
inspect.getcallargs(backend.authenticate, request, **credentials)
except TypeError:
args = ()
credentials.pop('request', None)
# Does the backend accept a request keyword argument?
try:
inspect.getcallargs(backend.authenticate, request=request, **credentials)

View File

@ -4,6 +4,7 @@ from django.contrib.auth import authenticate
from django.test import SimpleTestCase, override_settings
mock_request = object()
mock_backend = object()
class NoRequestBackend(object):
@ -19,6 +20,14 @@ class RequestNotPositionArgBackend:
assert request is mock_request
class RequestNotPositionArgWithUsedKwargBackend:
def authenticate(self, username=None, password=None, request=None, backend=None):
assert username == 'username'
assert password == 'pass'
assert request is mock_request
assert backend is mock_backend
class AcceptsRequestBackendTest(SimpleTestCase):
"""
A deprecation warning is shown for backends that have an authenticate()
@ -26,6 +35,7 @@ class AcceptsRequestBackendTest(SimpleTestCase):
"""
no_request_backend = '%s.NoRequestBackend' % __name__
request_not_positional_backend = '%s.RequestNotPositionArgBackend' % __name__
request_not_positional_with_used_kwarg_backend = '%s.RequestNotPositionArgWithUsedKwargBackend' % __name__
@override_settings(AUTHENTICATION_BACKENDS=[no_request_backend])
def test_no_request_deprecation_warning(self):
@ -68,3 +78,15 @@ class AcceptsRequestBackendTest(SimpleTestCase):
"Update %s.authenticate() to accept a positional `request` "
"argument." % self.no_request_backend
)
@override_settings(AUTHENTICATION_BACKENDS=[request_not_positional_with_used_kwarg_backend])
def test_handles_backend_in_kwargs(self):
with warnings.catch_warnings(record=True) as warns:
warnings.simplefilter('always')
authenticate(username='username', password='pass', request=mock_request, backend=mock_backend)
self.assertEqual(len(warns), 1)
self.assertEqual(
str(warns[0].message),
"In %s.authenticate(), move the `request` keyword argument to the "
"first positional argument." % self.request_not_positional_with_used_kwarg_backend
)