Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Small cleanups to docs/authentication.txt, but still not properly rew…

…orded/proofread

git-svn-id: http://code.djangoproject.com/svn/django/trunk@3255 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit b3debd80ed02a0f6e4c055ca4e0989655831fece 1 parent 08cac47
Adrian Holovaty authored

Showing 1 changed file with 38 additions and 35 deletions. Show diff stats Hide diff stats

  1. 73  docs/authentication.txt
73  docs/authentication.txt
@@ -267,9 +267,9 @@ previous section). You can tell them apart with ``is_anonymous()``, like so::
267 267
 How to log a user in
268 268
 --------------------
269 269
 
270  
-Depending on your task, you'll probably want to make sure to validate the 
271  
-user's username and password before you log them in. The easiest way to do so 
272  
-is to use the built-in ``authenticate`` and ``login`` functions from within a 
  270
+Depending on your task, you'll probably want to make sure to validate the
  271
+user's username and password before you log them in. The easiest way to do so
  272
+is to use the built-in ``authenticate`` and ``login`` functions from within a
273 273
 view::
274 274
 
275 275
     from django.contrib.auth import authenticate, login
@@ -279,11 +279,11 @@ view::
279 279
     if user is not None:
280 280
         login(request, user)
281 281
 
282  
-``authenticate`` checks the username and password. If they are valid it 
283  
-returns a user object, otherwise it returns ``None``. ``login`` makes it so 
284  
-your users don't have send a username and password for every request. Because 
285  
-the ``login`` function uses sessions, you'll need to make sure you have 
286  
-``SessionMiddleware`` enabled. See the `session documentation`_ for 
  282
+``authenticate`` checks the username and password. If they are valid it
  283
+returns a user object, otherwise it returns ``None``. ``login`` makes it so
  284
+your users don't have send a username and password for every request. Because
  285
+the ``login`` function uses sessions, you'll need to make sure you have
  286
+``SessionMiddleware`` enabled. See the `session documentation`_ for
287 287
 more information.
288 288
 
289 289
 
@@ -681,60 +681,62 @@ database. To send messages to anonymous users, use the `session framework`_.
681 681
 
682 682
 .. _session framework: http://www.djangoproject.com/documentation/sessions/
683 683
 
684  
-Other Authentication Sources
  684
+Other authentication sources
685 685
 ============================
686 686
 
687  
-Django supports other authentication sources as well. You can even use 
  687
+Django supports other authentication sources, as well. You can even use
688 688
 multiple sources at the same time.
689 689
 
690 690
 Using multiple backends
691 691
 -----------------------
692 692
 
693  
-The list of backends to use is controlled by the ``AUTHENTICATION_BACKENDS`` 
694  
-setting. This should be a tuple of python path names. It defaults to 
695  
-``('django.contrib.auth.backends.ModelBackend',)``. To add additional backends
  693
+The list of backends to use is controlled by the ``AUTHENTICATION_BACKENDS``
  694
+setting. This should be a tuple of Python path names. It defaults to
  695
+``('django.contrib.auth.backends.ModelBackend',)``. To add additional backends,
696 696
 just add them to your settings.py file. Ordering matters, so if the same
697 697
 username and password is valid in multiple backends, the first one in the
698  
-list will return a user object, and the remaining ones won't even get a chance.
  698
+list will return a ``User`` object, and the remaining ones won't even get a
  699
+chance.
699 700
 
700 701
 Writing an authentication backend
701 702
 ---------------------------------
702 703
 
703  
-An authentication backend is a class that implements 2 methods: 
704  
-``get_user(id)`` and ``authenticate(**credentials)``. The ``get_user`` method 
705  
-takes an id, which could be a username, and database id, whatever, and returns 
706  
-a user object. The  ``authenticate`` method takes credentials as keyword 
707  
-arguments. Many times it will just look like this::
  704
+An authentication backend is a class that implements two methods:
  705
+``get_user(id)`` and ``authenticate(**credentials)``. The ``get_user`` method
  706
+takes an ``id`` -- which could be a username, database ID or whatever -- and
  707
+returns a ``User`` object. The  ``authenticate`` method takes credentials as
  708
+keyword arguments. Many times it will just look like this::
708 709
 
709 710
     class MyBackend:
710 711
         def authenticate(username=None, password=None):
711  
-            # check the username/password and return a user
  712
+            # check the username/password and return a User
712 713
 
713  
-but it could also authenticate a token like so::
  714
+But it could also authenticate a token, like so::
714 715
 
715 716
     class MyBackend:
716 717
         def authenticate(token=None):
717 718
             # check the token and return a user
718 719
 
719  
-Regardless, ``authenticate`` should check the credentials it gets, and if they 
720  
-are valid, it should return a user object that matches those credentials.
  720
+Regardless, ``authenticate`` should check the credentials it gets, and if they
  721
+are valid, it should return a ``User`` object that matches those credentials.
721 722
 
722  
-The Django admin system is tightly coupled to the Django User object described 
723  
-at the beginning of this document. For now, the best way to deal with this is 
724  
-to create a Django User object for each user that exists for your backend 
725  
-(i.e. in your LDAP directory, your external SQL database, etc.) You can either 
726  
-write a script to do this in advance, or your ``authenticate`` method can do 
727  
-it the first time a user logs in.  Here's an example backend that 
728  
-authenticates against a username and password variable defined in your 
729  
-``settings.py`` file and creates a Django user object the first time they 
730  
-authenticate::
  723
+The Django admin system is tightly coupled to the Django ``User`` object
  724
+described at the beginning of this document. For now, the best way to deal with
  725
+this is to create a Django ``User`` object for each user that exists for your
  726
+backend (i.e. in your LDAP directory, your external SQL database, etc.) You can
  727
+either write a script to do this in advance, or your ``authenticate`` method
  728
+can do it the first time a user logs in.
  729
+
  730
+Here's an example backend that authenticates against a username and password
  731
+variable defined in your ``settings.py`` file and creates a Django ``User``
  732
+object the first time a user authenticates::
731 733
 
732 734
     from django.conf import settings
733 735
     from django.contrib.auth.models import User, check_password
734 736
 
735 737
     class SettingsBackend:
736 738
         """
737  
-        Authenticate against vars in settings.py Use the login name, and a hash 
  739
+        Authenticate against vars in settings.py Use the login name, and a hash
738 740
         of the password. For example:
739 741
 
740 742
         ADMIN_LOGIN = 'admin'
@@ -747,8 +749,9 @@ authenticate::
747 749
                 try:
748 750
                     user = User.objects.get(username=username)
749 751
                 except User.DoesNotExist:
750  
-                    # Create a new user. Note that we can set password to anything
751  
-                    # as it won't be checked, the password from settings.py will.
  752
+                    # Create a new user. Note that we can set password
  753
+                    # to anything, because it won't be checked; the password
  754
+                    # from settings.py will.
752 755
                     user = User(username=username, password='get from settings.py')
753 756
                     user.is_staff = True
754 757
                     user.is_superuser = True

0 notes on commit b3debd8

Please sign in to comment.
Something went wrong with that request. Please try again.