AllAuth should skip auth backends without get_user

[dylanmccall]

Our application uses django-rules for permissions, and it has recently added AllAuth for authentication. However, after logging in, we were getting the following error from any code that tries to access request.user...

'ObjectPermissionBackend' object has no attribute 'get_user'"

ObjectPermissionBackend is an auth backend for django-rules that provides per-object authorization, but (by design) does not include a get_user function. There is a related issue report in django-rules: dfunckt/django-rules#46. This was fixed by a change in Django 1.11: https://code.djangoproject.com/ticket/27542. Django's force_login function used to always assign the first auth backend to a user when logging in.

Looks like AllAuth has a very similar mechanism over here, except missing that fix:

https://github.com/pennersr/django-allauth/blame/master/allauth/account/adapter.py#L344

I suspect AllAuth's login function, like Django's, should make sure to select the first auth backend that has a get_user function, rather than always going for the first auth backend.

[pennersr]

True, needs logic similar to this:

django/django@47744a0