From 16a07fe95b7bc23c8dddd7ffbf85a150a2a57d9d Mon Sep 17 00:00:00 2001 From: Adrian Holovaty Date: Fri, 2 Jun 2006 04:42:10 +0000 Subject: [PATCH] Fixed #1991 -- Changed AuthenticationForm to disallow users with is_active=False from logging in. Thanks, dave@rightround.com and germish@gmail.com git-svn-id: http://code.djangoproject.com/svn/django/trunk@3058 bcc190cf-cafb-0310-a4f2-bffc1f526a37 --- django/contrib/auth/forms.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py index 6c0c8abe97..800c14375b 100644 --- a/django/contrib/auth/forms.py +++ b/django/contrib/auth/forms.py @@ -36,9 +36,13 @@ class AuthenticationForm(forms.Manipulator): raise validators.ValidationError, _("Please enter a correct username and password. Note that both fields are case-sensitive.") def isValidPasswordForUser(self, field_data, all_data): - if self.user_cache is not None and not self.user_cache.check_password(field_data): + if self.user_cache is None: + return + if not self.user_cache.check_password(field_data): self.user_cache = None raise validators.ValidationError, _("Please enter a correct username and password. Note that both fields are case-sensitive.") + elif not self.user_cache.is_active: + raise validators.ValidationError, _("This account is inactive.") def get_user_id(self): if self.user_cache: