You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our application uses django-rules for permissions, and it has recently added AllAuth for authentication. However, after logging in, we were getting the following error from any code that tries to access request.user...
'ObjectPermissionBackend' object has no attribute 'get_user'"
ObjectPermissionBackend is an auth backend for django-rules that provides per-object authorization, but (by design) does not include a get_user function. There is a related issue report in django-rules: dfunckt/django-rules#46. This was fixed by a change in Django 1.11: https://code.djangoproject.com/ticket/27542. Django's force_login function used to always assign the first auth backend to a user when logging in.
Looks like AllAuth has a very similar mechanism over here, except missing that fix:
I suspect AllAuth's login function, like Django's, should make sure to select the first auth backend that has a get_user function, rather than always going for the first auth backend.
The text was updated successfully, but these errors were encountered:
dylanmccall
changed the title
AllAuth should skip auth bakcends without get_user
AllAuth should skip auth backends without get_user
Feb 3, 2017
Our application uses django-rules for permissions, and it has recently added AllAuth for authentication. However, after logging in, we were getting the following error from any code that tries to access request.user...
ObjectPermissionBackend is an auth backend for django-rules that provides per-object authorization, but (by design) does not include a get_user function. There is a related issue report in django-rules: dfunckt/django-rules#46. This was fixed by a change in Django 1.11: https://code.djangoproject.com/ticket/27542. Django's force_login function used to always assign the first auth backend to a user when logging in.
Looks like AllAuth has a very similar mechanism over here, except missing that fix:
https://github.com/pennersr/django-allauth/blame/master/allauth/account/adapter.py#L344
I suspect AllAuth's login function, like Django's, should make sure to select the first auth backend that has a get_user function, rather than always going for the first auth backend.
The text was updated successfully, but these errors were encountered: