Fixed #28207 -- Fixed contrib.auth.authenticate() if multiple auth backends don't accept a request.
This commit is contained in:
parent
a7975260b5
commit
3008f30f19
|
@ -66,6 +66,22 @@ def authenticate(request=None, **credentials):
|
||||||
If the given credentials are valid, return a User object.
|
If the given credentials are valid, return a User object.
|
||||||
"""
|
"""
|
||||||
for backend, backend_path in _get_backends(return_tuples=True):
|
for backend, backend_path in _get_backends(return_tuples=True):
|
||||||
|
try:
|
||||||
|
user = _authenticate_with_backend(backend, backend_path, request, **credentials)
|
||||||
|
except PermissionDenied:
|
||||||
|
# This backend says to stop in our tracks - this user should not be allowed in at all.
|
||||||
|
break
|
||||||
|
if user is None:
|
||||||
|
continue
|
||||||
|
# Annotate the user object with the path of the backend.
|
||||||
|
user.backend = backend_path
|
||||||
|
return user
|
||||||
|
|
||||||
|
# The credentials supplied are invalid to all backends, fire signal
|
||||||
|
user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request)
|
||||||
|
|
||||||
|
|
||||||
|
def _authenticate_with_backend(backend, backend_path, request, **credentials):
|
||||||
args = (request,)
|
args = (request,)
|
||||||
# Does the backend accept a request argument?
|
# Does the backend accept a request argument?
|
||||||
try:
|
try:
|
||||||
|
@ -81,7 +97,7 @@ def authenticate(request=None, **credentials):
|
||||||
inspect.getcallargs(backend.authenticate, **credentials)
|
inspect.getcallargs(backend.authenticate, **credentials)
|
||||||
except TypeError:
|
except TypeError:
|
||||||
# This backend doesn't accept these credentials as arguments. Try the next one.
|
# This backend doesn't accept these credentials as arguments. Try the next one.
|
||||||
continue
|
return None
|
||||||
else:
|
else:
|
||||||
warnings.warn(
|
warnings.warn(
|
||||||
"Update %s.authenticate() to accept a positional "
|
"Update %s.authenticate() to accept a positional "
|
||||||
|
@ -95,20 +111,7 @@ def authenticate(request=None, **credentials):
|
||||||
"to the first positional argument." % backend_path,
|
"to the first positional argument." % backend_path,
|
||||||
RemovedInDjango21Warning
|
RemovedInDjango21Warning
|
||||||
)
|
)
|
||||||
|
return backend.authenticate(*args, **credentials)
|
||||||
try:
|
|
||||||
user = backend.authenticate(*args, **credentials)
|
|
||||||
except PermissionDenied:
|
|
||||||
# This backend says to stop in our tracks - this user should not be allowed in at all.
|
|
||||||
break
|
|
||||||
if user is None:
|
|
||||||
continue
|
|
||||||
# Annotate the user object with the path of the backend.
|
|
||||||
user.backend = backend_path
|
|
||||||
return user
|
|
||||||
|
|
||||||
# The credentials supplied are invalid to all backends, fire signal
|
|
||||||
user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request)
|
|
||||||
|
|
||||||
|
|
||||||
def login(request, user, backend=None):
|
def login(request, user, backend=None):
|
||||||
|
|
|
@ -20,3 +20,6 @@ Bugfixes
|
||||||
(:ticket:`28142`).
|
(:ticket:`28142`).
|
||||||
|
|
||||||
* Fixed regression causing pickling of model fields to crash (:ticket:`28188`).
|
* Fixed regression causing pickling of model fields to crash (:ticket:`28188`).
|
||||||
|
|
||||||
|
* Fixed ``django.contrib.auth.authenticate()`` when multiple authentication
|
||||||
|
backends don't accept a positional ``request`` argument (:ticket:`28207`).
|
||||||
|
|
|
@ -50,3 +50,21 @@ class AcceptsRequestBackendTest(SimpleTestCase):
|
||||||
"In %s.authenticate(), move the `request` keyword argument to the "
|
"In %s.authenticate(), move the `request` keyword argument to the "
|
||||||
"first positional argument." % self.request_not_positional_backend
|
"first positional argument." % self.request_not_positional_backend
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@override_settings(AUTHENTICATION_BACKENDS=[request_not_positional_backend, no_request_backend])
|
||||||
|
def test_both_types_of_deprecation_warning(self):
|
||||||
|
with warnings.catch_warnings(record=True) as warns:
|
||||||
|
warnings.simplefilter('always')
|
||||||
|
authenticate(mock_request, username='username', password='pass')
|
||||||
|
|
||||||
|
self.assertEqual(len(warns), 2)
|
||||||
|
self.assertEqual(
|
||||||
|
str(warns[0].message),
|
||||||
|
"In %s.authenticate(), move the `request` keyword argument to the "
|
||||||
|
"first positional argument." % self.request_not_positional_backend
|
||||||
|
)
|
||||||
|
self.assertEqual(
|
||||||
|
str(warns[1].message),
|
||||||
|
"Update %s.authenticate() to accept a positional `request` "
|
||||||
|
"argument." % self.no_request_backend
|
||||||
|
)
|
||||||
|
|
Loading…
Reference in New Issue