Fixed #26343 -- Sent user_login_failed signal if an auth backend raises PermissionDenied.
This commit is contained in:
parent
b3610f38fa
commit
ab8af342b1
|
@ -74,7 +74,7 @@ def authenticate(**credentials):
|
||||||
user = backend.authenticate(**credentials)
|
user = backend.authenticate(**credentials)
|
||||||
except PermissionDenied:
|
except PermissionDenied:
|
||||||
# This backend says to stop in our tracks - this user should not be allowed in at all.
|
# This backend says to stop in our tracks - this user should not be allowed in at all.
|
||||||
return None
|
break
|
||||||
if user is None:
|
if user is None:
|
||||||
continue
|
continue
|
||||||
# Annotate the user object with the path of the backend.
|
# Annotate the user object with the path of the backend.
|
||||||
|
|
|
@ -3,7 +3,7 @@ from __future__ import unicode_literals
|
||||||
from datetime import date
|
from datetime import date
|
||||||
|
|
||||||
from django.contrib.auth import (
|
from django.contrib.auth import (
|
||||||
BACKEND_SESSION_KEY, SESSION_KEY, authenticate, get_user,
|
BACKEND_SESSION_KEY, SESSION_KEY, authenticate, get_user, signals,
|
||||||
)
|
)
|
||||||
from django.contrib.auth.backends import ModelBackend
|
from django.contrib.auth.backends import ModelBackend
|
||||||
from django.contrib.auth.hashers import MD5PasswordHasher
|
from django.contrib.auth.hashers import MD5PasswordHasher
|
||||||
|
@ -475,12 +475,21 @@ class PermissionDeniedBackendTest(TestCase):
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
self.user1 = User.objects.create_user('test', 'test@example.com', 'test')
|
||||||
self.user1.save()
|
self.user_login_failed = []
|
||||||
|
signals.user_login_failed.connect(self.user_login_failed_listener)
|
||||||
|
|
||||||
|
def tearDown(self):
|
||||||
|
signals.user_login_failed.disconnect(self.user_login_failed_listener)
|
||||||
|
|
||||||
|
def user_login_failed_listener(self, sender, credentials, **kwargs):
|
||||||
|
self.user_login_failed.append(credentials)
|
||||||
|
|
||||||
@modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend})
|
@modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend})
|
||||||
def test_permission_denied(self):
|
def test_permission_denied(self):
|
||||||
"user is not authenticated after a backend raises permission denied #2550"
|
"user is not authenticated after a backend raises permission denied #2550"
|
||||||
self.assertEqual(authenticate(username='test', password='test'), None)
|
self.assertEqual(authenticate(username='test', password='test'), None)
|
||||||
|
# user_login_failed signal is sent.
|
||||||
|
self.assertEqual(self.user_login_failed, [{'password': '********************', 'username': 'test'}])
|
||||||
|
|
||||||
@modify_settings(AUTHENTICATION_BACKENDS={'append': backend})
|
@modify_settings(AUTHENTICATION_BACKENDS={'append': backend})
|
||||||
def test_authenticates(self):
|
def test_authenticates(self):
|
||||||
|
|
Loading…
Reference in New Issue