Refs #32508 -- Raised ImproperlyConfigured instead of using "assert" in middlewares.

django/contrib/admindocs/middleware.py

@@ -1,4 +1,5 @@
 from django.conf import settings
+from django.core.exceptions import ImproperlyConfigured
 from django.http import HttpResponse
 from django.utils.deprecation import MiddlewareMixin
 
@@ -16,11 +17,12 @@ class XViewMiddleware(MiddlewareMixin):
         header indicating the view function. This is used to lookup the view
         function for an arbitrary page.
         """
-        assert hasattr(request, 'user'), (
-            "The XView middleware requires authentication middleware to be "
-            "installed. Edit your MIDDLEWARE setting to insert "
-            "'django.contrib.auth.middleware.AuthenticationMiddleware'."
-        )
+        if not hasattr(request, 'user'):
+            raise ImproperlyConfigured(
+                "The XView middleware requires authentication middleware to "
+                "be installed. Edit your MIDDLEWARE setting to insert "
+                "'django.contrib.auth.middleware.AuthenticationMiddleware'."
+            )
         if request.method == 'HEAD' and (request.META.get('REMOTE_ADDR') in settings.INTERNAL_IPS or
                                          (request.user.is_active and request.user.is_staff)):
             response = HttpResponse()

django/contrib/auth/middleware.py

@@ -14,12 +14,14 @@ def get_user(request):
 
 class AuthenticationMiddleware(MiddlewareMixin):
     def process_request(self, request):
-        assert hasattr(request, 'session'), (
-            "The Django authentication middleware requires session middleware "
-            "to be installed. Edit your MIDDLEWARE setting to insert "
-            "'django.contrib.sessions.middleware.SessionMiddleware' before "
-            "'django.contrib.auth.middleware.AuthenticationMiddleware'."
-        )
+        if not hasattr(request, 'session'):
+            raise ImproperlyConfigured(
+                "The Django authentication middleware requires session "
+                "middleware to be installed. Edit your MIDDLEWARE setting to "
+                "insert "
+                "'django.contrib.sessions.middleware.SessionMiddleware' before "
+                "'django.contrib.auth.middleware.AuthenticationMiddleware'."
+            )
         request.user = SimpleLazyObject(lambda: get_user(request))
 
 

tests/admin_docs/test_middleware.py

@@ -1,4 +1,5 @@
 from django.contrib.auth.models import User
+from django.core.exceptions import ImproperlyConfigured
 from django.test import override_settings
 
 from .tests import AdminDocsTestCase, TestDataMixin
@@ -54,5 +55,5 @@ class XViewMiddlewareTest(TestDataMixin, AdminDocsTestCase):
             "installed. Edit your MIDDLEWARE setting to insert "
             "'django.contrib.auth.middleware.AuthenticationMiddleware'."
         )
-        with self.assertRaisesMessage(AssertionError, msg):
+        with self.assertRaisesMessage(ImproperlyConfigured, msg):
             self.client.head('/xview/func/')

tests/auth_tests/test_middleware.py

@@ -1,5 +1,6 @@
 from django.contrib.auth.middleware import AuthenticationMiddleware
 from django.contrib.auth.models import User
+from django.core.exceptions import ImproperlyConfigured
 from django.http import HttpRequest, HttpResponse
 from django.test import TestCase
 
@@ -38,5 +39,5 @@ class TestAuthenticationMiddleware(TestCase):
             "'django.contrib.sessions.middleware.SessionMiddleware' before "
             "'django.contrib.auth.middleware.AuthenticationMiddleware'."
         )
-        with self.assertRaisesMessage(AssertionError, msg):
+        with self.assertRaisesMessage(ImproperlyConfigured, msg):
             self.middleware(HttpRequest())