From 36dd0126a5a9688530f099ab6cc4f8621d1494b3 Mon Sep 17 00:00:00 2001
From: shanghui <shangdahao@gmail.com>
Date: Wed, 8 Nov 2017 16:32:49 +0800
Subject: [PATCH] [2.0.x] Fixed #28645 -- Reallowed AuthenticationForm to raise
 the inactive user error when using ModelBackend.

Regression in e0a3d937309a82b8beea8f41b17d8b6298da2a86.

Thanks Guilherme Junqueira for the report and Tim Graham for the review.

Backport of 359370a8b8ca0efe99b1d4630b291ec060b69225 from master
---
 django/contrib/auth/forms.py   | 9 +++++++++
 docs/releases/1.11.8.txt       | 3 ++-
 tests/auth_tests/test_forms.py | 5 ++---
 3 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
index a5de5bf6505..5a83110a4b7 100644
--- a/django/contrib/auth/forms.py
+++ b/django/contrib/auth/forms.py
@@ -194,6 +194,15 @@ class AuthenticationForm(forms.Form):
         if username is not None and password:
             self.user_cache = authenticate(self.request, username=username, password=password)
             if self.user_cache is None:
+                # An authentication backend may reject inactive users. Check
+                # if the user exists and is inactive, and raise the 'inactive'
+                # error if so.
+                try:
+                    self.user_cache = UserModel._default_manager.get_by_natural_key(username)
+                except UserModel.DoesNotExist:
+                    pass
+                else:
+                    self.confirm_login_allowed(self.user_cache)
                 raise forms.ValidationError(
                     self.error_messages['invalid_login'],
                     code='invalid_login',
diff --git a/docs/releases/1.11.8.txt b/docs/releases/1.11.8.txt
index dd9d19ae19e..dd9fb0c3cef 100644
--- a/docs/releases/1.11.8.txt
+++ b/docs/releases/1.11.8.txt
@@ -9,4 +9,5 @@ Django 1.11.8 fixes several bugs in 1.11.7.
 Bugfixes
 ========
 
-* ...
+* Reallowed, following a regression in Django 1.10, ``AuthenticationForm`` to
+  raise the inactive user error when using ``ModelBackend`` (:ticket:`28645`).
diff --git a/tests/auth_tests/test_forms.py b/tests/auth_tests/test_forms.py
index e5cd05d0d83..7d8b5f74860 100644
--- a/tests/auth_tests/test_forms.py
+++ b/tests/auth_tests/test_forms.py
@@ -262,9 +262,6 @@ class UserCreationFormTest(TestDataMixin, TestCase):
         )
 
 
-# To verify that the login form rejects inactive users, use an authentication
-# backend that allows them.
-@override_settings(AUTHENTICATION_BACKENDS=['django.contrib.auth.backends.AllowAllUsersModelBackend'])
 class AuthenticationFormTest(TestDataMixin, TestCase):
 
     def test_invalid_username(self):
@@ -323,6 +320,8 @@ class AuthenticationFormTest(TestDataMixin, TestCase):
             self.assertFalse(form.is_valid())
             self.assertEqual(form.non_field_errors(), [str(form.error_messages['inactive'])])
 
+    # Use an authentication backend that allows inactive users.
+    @override_settings(AUTHENTICATION_BACKENDS=['django.contrib.auth.backends.AllowAllUsersModelBackend'])
     def test_custom_login_allowed_policy(self):
         # The user is inactive, but our custom form policy allows them to log in.
         data = {