Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

[1.5.x] Fixed #19662 -- alter auth modelbackend to accept custom user…

…name fields

Thanks to Aymeric and Carl for the review.
  • Loading branch information...
commit 660f80c3d60083ecba26c83c0670ccca7fc56e09 1 parent 833ccd4
@ptone ptone authored
View
8 django/contrib/auth/backends.py
@@ -8,11 +8,11 @@ class ModelBackend(object):
Authenticates against django.contrib.auth.models.User.
"""
- # TODO: Model, login attribute name and password attribute name should be
- # configurable.
- def authenticate(self, username=None, password=None):
+ def authenticate(self, username=None, password=None, **kwargs):
+ UserModel = get_user_model()
+ if username is None:
+ username = kwargs.get(UserModel.USERNAME_FIELD)
try:
- UserModel = get_user_model()
user = UserModel._default_manager.get_by_natural_key(username)
if user.check_password(password):
return user
View
20 django/contrib/auth/tests/auth_backends.py
@@ -4,7 +4,7 @@
from django.conf import settings
from django.contrib.auth.models import User, Group, Permission, AnonymousUser
from django.contrib.auth.tests.utils import skipIfCustomUser
-from django.contrib.auth.tests.custom_user import ExtensionUser, CustomPermissionsUser
+from django.contrib.auth.tests.custom_user import ExtensionUser, CustomPermissionsUser, CustomUser
from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import ImproperlyConfigured
from django.test import TestCase
@@ -189,6 +189,24 @@ def create_users(self):
)
+@override_settings(AUTH_USER_MODEL='auth.CustomUser')
+class CustomUserModelBackendAuthenticateTest(TestCase):
+ """
+ Tests that the model backend can accept a credentials kwarg labeled with
+ custom user model's USERNAME_FIELD.
+ """
+
+ def test_authenticate(self):
+ test_user = CustomUser._default_manager.create_user(
+ email='test@example.com',
+ password='test',
+ date_of_birth=date(2006, 4, 25)
+ )
+ authenticated_user = authenticate(email='test@example.com', password='test')
+ self.assertEqual(test_user, authenticated_user)
+
+
+
class TestObj(object):
pass
View
12 docs/ref/contrib/auth.txt
@@ -417,9 +417,15 @@ The following backends are available in :mod:`django.contrib.auth.backends`:
.. class:: ModelBackend
This is the default authentication backend used by Django. It
- authenticates using usernames and passwords stored in the
- :class:`~django.contrib.auth.models.User` model.
-
+ authenticates using credentials consisting of a user identifier and
+ password. For Django's default user model, the user identifier is the
+ username, for custom user models it is the field specified by
+ USERNAME_FIELD (see :doc:`Customizing Users and authentication
+ </topics/auth/customizing>`).
+
+ It also handles the default permissions model as defined for
+ :class:`~django.contrib.auth.models.User` and
+ :class:`~django.contrib.auth.models.PermissionsMixin`.
.. class:: RemoteUserBackend
Please sign in to comment.
Something went wrong with that request. Please try again.