Ticket #12103: 12103_with_tests.diff

File 12103_with_tests.diff, 3.8 KB (added by ejucovy, 5 years ago)

regenerated patch against trunk@15402; including lasko's tests

  • docs/topics/auth.txt

     
    10451045
    10461046    A form for logging a user in.
    10471047
     1048    The ``AuthenticationForm`` rejects users whose ``is_active`` flag is set to ``False``.
     1049    You may override this behavior with a custom policy to determine which users can log in.
     1050    Do this with a custom form that subclasses ``AuthenticationForm`` and overrides the
     1051    ``confirm_login_allowed(self, user)`` method.  This method will raise a ``forms.ValidationError``
     1052    if the given user may not log in.
     1053
     1054    For example, to allow all users to log in, regardless of activation status::
     1055
     1056    .. code-block:: python
     1057
     1058        class AuthenticationFormWithInactiveUsersOkay(AuthenticationForm):
     1059            def confirm_login_allowed(self, user):
     1060                pass
     1061
     1062    Or to allow only some active users to log in:
     1063
     1064    .. code-block:: python
     1065
     1066        class PickyAuthenticationForm(AuthenticationForm):
     1067            def confirm_login_allowed(self, user):
     1068                if not user.is_active:
     1069                    raise forms.ValidationError(_("This account is inactive."))
     1070                if user.username.startswith('b'):
     1071                    raise forms.ValidationError(_("Sorry, accounts starting with 'b' aren't welcome here."))
     1072
    10481073.. class:: PasswordChangeForm
    10491074
    10501075    A form for allowing a user to change their password.
  • django/contrib/auth/tests/forms.py

     
    105105    def test_success(self):
    106106        # The success case
    107107        data = {
     108# The user is inactive but allowed to login
     109
     110>>> data = {
     111...     'username': 'jsmith',
     112...     'password': 'test123',
     113... }
     114>>> user.is_active = False
     115>>> user.save()
     116>>> class AuthenticationFormWithInactiveUsersOkay(AuthenticationForm):
     117...     def confirm_login_allowed(self, user):
     118...         pass
     119>>> form = AuthenticationFormWithInactiveUsersOkay(None, data)
     120>>> form.is_valid()
     121True
     122
     123>>> user.is_active = True
     124>>> user.save()
     125
    108126            'username': 'testclient',
    109127            'password': 'password',
    110128            }
  • django/contrib/auth/forms.py

     
    8585            self.user_cache = authenticate(username=username, password=password)
    8686            if self.user_cache is None:
    8787                raise forms.ValidationError(_("Please enter a correct username and password. Note that both fields are case-sensitive."))
    88             elif not self.user_cache.is_active:
    89                 raise forms.ValidationError(_("This account is inactive."))
     88            else:
     89                self.confirm_login_allowed(self.user_cache)
    9090        self.check_for_test_cookie()
    9191        return self.cleaned_data
    9292
     
    9696                _("Your Web browser doesn't appear to have cookies enabled. "
    9797                  "Cookies are required for logging in."))
    9898
     99    def confirm_login_allowed(self, user):
     100        """
     101        Controls whether the given ``auth.User`` object may log in. This is a policy setting,
     102        independent of end-user authentication. This default behavior is to allow login by
     103        active users, and reject login by inactive users.
     104
     105        If the given user cannot log in, this method should raise a ``forms.ValidationError``.
     106
     107        If the given user may log in, this method should return None.
     108        """
     109        if not user.is_active:
     110            raise forms.ValidationError(_("This account is inactive."))
     111
    99112    def get_user_id(self):
    100113        if self.user_cache:
    101114            return self.user_cache.id
Back to Top