Ticket #12113: 12113.diff

File 12113.diff, 1.4 KB (added by timo, 6 years ago)

minor edits to existing patch

  • docs/topics/auth.txt

     
    9999        This doesn't control whether or not the user can log in. Nothing in the
    100100        authentication path checks the ``is_active`` flag, so if you want to
    101101        reject a login based on ``is_active`` being ``False``, it is up to you
    102         to check that in your own login view. However, permission checking
    103         using the methods like :meth:`~models.User.has_perm` does check this
    104         flag and will always return ``False`` for inactive users.
     102        to check that in your own login view. The
     103        :class:`~django.contrib.auth.forms.AuthenticationForm` used by the
     104        by the :func:`~django.contrib.auth.views.login` view *does* perform this
     105        check and therefore rejects inactive users from logging in. Permission
     106        checking using the methods like :meth:`~models.User.has_perm` also
     107        checks this flag and will always return ``False`` for inactive users.
    105108
    106109    .. attribute:: models.User.is_superuser
    107110
     
    970973
    971974    A form for logging a user in.
    972975
     976    The ``AuthenticationForm`` rejects users whose
     977    :attr:`~django.contrib.auth.models.User.is_active` flag is set to ``False``.
     978
    973979.. class:: PasswordChangeForm
    974980
    975981    A form for allowing a user to change their password.
Back to Top