Fixed #19662 -- alter auth modelbackend to accept custom username fields

Thanks to Aymeric and Carl for the review.
This commit is contained in:
Preston Holmes 2013-02-06 14:25:51 -08:00
parent 112c6e987d
commit c44d748272
3 changed files with 31 additions and 7 deletions

View File

@ -8,11 +8,11 @@ class ModelBackend(object):
Authenticates against django.contrib.auth.models.User. Authenticates against django.contrib.auth.models.User.
""" """
# TODO: Model, login attribute name and password attribute name should be def authenticate(self, username=None, password=None, **kwargs):
# configurable. UserModel = get_user_model()
def authenticate(self, username=None, password=None): if username is None:
username = kwargs.get(UserModel.USERNAME_FIELD)
try: try:
UserModel = get_user_model()
user = UserModel._default_manager.get_by_natural_key(username) user = UserModel._default_manager.get_by_natural_key(username)
if user.check_password(password): if user.check_password(password):
return user return user

View File

@ -4,7 +4,7 @@ from datetime import date
from django.conf import settings from django.conf import settings
from django.contrib.auth.models import User, Group, Permission, AnonymousUser from django.contrib.auth.models import User, Group, Permission, AnonymousUser
from django.contrib.auth.tests.utils import skipIfCustomUser from django.contrib.auth.tests.utils import skipIfCustomUser
from django.contrib.auth.tests.custom_user import ExtensionUser, CustomPermissionsUser from django.contrib.auth.tests.custom_user import ExtensionUser, CustomPermissionsUser, CustomUser
from django.contrib.contenttypes.models import ContentType from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import ImproperlyConfigured, PermissionDenied from django.core.exceptions import ImproperlyConfigured, PermissionDenied
from django.contrib.auth import authenticate from django.contrib.auth import authenticate
@ -190,6 +190,24 @@ class CustomPermissionsUserModelBackendTest(BaseModelBackendTest, TestCase):
) )
@override_settings(AUTH_USER_MODEL='auth.CustomUser')
class CustomUserModelBackendAuthenticateTest(TestCase):
"""
Tests that the model backend can accept a credentials kwarg labeled with
custom user model's USERNAME_FIELD.
"""
def test_authenticate(self):
test_user = CustomUser._default_manager.create_user(
email='test@example.com',
password='test',
date_of_birth=date(2006, 4, 25)
)
authenticated_user = authenticate(email='test@example.com', password='test')
self.assertEqual(test_user, authenticated_user)
class TestObj(object): class TestObj(object):
pass pass

View File

@ -412,9 +412,15 @@ The following backends are available in :mod:`django.contrib.auth.backends`:
.. class:: ModelBackend .. class:: ModelBackend
This is the default authentication backend used by Django. It This is the default authentication backend used by Django. It
authenticates using usernames and passwords stored in the authenticates using credentials consisting of a user identifier and
:class:`~django.contrib.auth.models.User` model. password. For Django's default user model, the user identifier is the
username, for custom user models it is the field specified by
USERNAME_FIELD (see :doc:`Customizing Users and authentication
</topics/auth/customizing>`).
It also handles the default permissions model as defined for
:class:`~django.contrib.auth.models.User` and
:class:`~django.contrib.auth.models.PermissionsMixin`.
.. class:: RemoteUserBackend .. class:: RemoteUserBackend