Ticket #17841: 17841.patch
|File 17841.patch, 959 bytes (added by lukegb, 3 years ago)|
diff --git a/docs/topics/auth.txt b/docs/topics/auth.txt index 7c6b5a1..8cd3f7d 100644
a b processing at the first positive match. 1780 1780 1781 1781 Once a user has authenticated, Django stores which backend was used to 1782 1782 authenticate the user in the user's session, and re-uses the same backend 1783 for subsequent authentication attempts for that user. This effectively means 1784 that authentication sources are cached, so if you change 1783 for the duration of that session whenever access to the currently 1784 authenticated user is needed. This effectively means that authentication 1785 sources are cached on a per-session basis, so if you change 1785 1786 :setting:`AUTHENTICATION_BACKENDS`, you'll need to clear out session data if 1786 1787 you need to force users to re-authenticate using different methods. A simple 1787 1788 way to do that is simply to execute ``Session.objects.all().delete()``.