Ticket #18171: can_authenticate.patch

django/contrib/auth/__init__.py

@@ -41 +41 @@
     If the given credentials are valid, return a User object.
     """
     for backend in get_backends():
-        try:
+        if hasattr(backend, 'can_authenticate'):
+            if not backend.can_authenticate(credentials):
+                continue
             user = backend.authenticate(**credentials)
-        except TypeError:
-            # This backend doesn't accept these credentials as arguments. Try the next one.
-            continue
+        else:
+            # fall back to the old method
+            try:
+                user = backend.authenticate(**credentials)
+            except TypeError:
+                # This backend doesn't accept these credentials as arguments. Try the next one.
+                continue
         if user is None:
             continue
         # Annotate the user object with the path of the backend.

django/contrib/auth/backends.py

@@ -7 +7 @@
     """
     supports_inactive_user = True
 
+    def can_authenticate(self, credentials):
+        # we don't check anything here for backwards compatibility
+        # for any classes that subclass us.
+        #
+        #return 'username' in credentials and 'password' in credentials
+        return True
+
     # TODO: Model, login attribute name and password attribute name should be
     # configurable.
     def authenticate(self, username=None, password=None):
@@ -79 +86 @@
     # Create a User object if not already in the database?
     create_unknown_user = True
 
+    def can_authenticate(self, credentials):
+        # we don't check anything here for backwards compatibility
+        # for any classes that subclass us.
+        #
+        #return 'remote_user' in credentials
+        return True
+
     def authenticate(self, remote_user):
         """
         The username passed as ``remote_user`` is considered trusted.  This