Ticket #8274: authentication_form.diff

File authentication_form.diff, 8.8 KB (added by SmileyChris, 7 years ago)
  • django/contrib/auth/views.py

     
    1414from django.contrib.auth.models import User
    1515from django.views.decorators.cache import never_cache
    1616
    17 def login(request, template_name='registration/login.html', redirect_field_name=REDIRECT_FIELD_NAME):
     17def login(request, template_name='registration/login.html',
     18          redirect_field_name=REDIRECT_FIELD_NAME,
     19          authentication_form=AuthenticationForm):
    1820    "Displays the login form and handles the login action."
    1921    redirect_to = request.REQUEST.get(redirect_field_name, '')
    2022    if request.method == "POST":
    21         form = AuthenticationForm(data=request.POST)
     23        form = authentication_form(data=request.POST)
    2224        if form.is_valid():
    2325            # Light security check -- make sure redirect_to isn't garbage.
    2426            if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
     
    2931                request.session.delete_test_cookie()
    3032            return HttpResponseRedirect(redirect_to)
    3133    else:
    32         form = AuthenticationForm(request)
     34        form = authentication_form(request)
    3335    request.session.set_test_cookie()
    3436    if Site._meta.installed:
    3537        current_site = Site.objects.get_current()
     
    6769# 4 views for password reset:
    6870# - password_reset sends the mail
    6971# - password_reset_done shows a success message for the above
    70 # - password_reset_confirm checks the link the user clicked and 
     72# - password_reset_confirm checks the link the user clicked and
    7173#   prompts for a new password
    7274# - password_reset_complete shows a success message for the above
    7375
     
    130132    else:
    131133        context_instance['validlink'] = False
    132134        form = None
    133     context_instance['form'] = form   
     135    context_instance['form'] = form
    134136    return render_to_response(template_name, context_instance=context_instance)
    135137
    136138def password_reset_complete(request, template_name='registration/password_reset_complete.html'):
     
    138140                                                                             {'login_url': settings.LOGIN_URL}))
    139141
    140142def password_change(request, template_name='registration/password_change_form.html',
    141                     post_change_redirect=None):
     143                    post_change_redirect=None, password_change_form=PasswordChangeForm):
    142144    if post_change_redirect is None:
    143145        post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
    144146    if request.method == "POST":
    145         form = PasswordChangeForm(request.user, request.POST)
     147        form = password_change_form(user=request.user, data=request.POST)
    146148        if form.is_valid():
    147149            form.save()
    148150            return HttpResponseRedirect(post_change_redirect)
    149151    else:
    150         form = PasswordChangeForm(request.user)
     152        form = password_change_form(user=request.user)
    151153    return render_to_response(template_name, {
    152154        'form': form,
    153155    }, context_instance=RequestContext(request))
  • docs/topics/auth.txt

     
    246246    .. method:: models.UserManager.create_user(username, email, password=None)
    247247
    248248        Creates, saves and returns a :class:`~django.contrib.auth.models.User`.
    249         The :attr:`~django.contrib.auth.models.User.username`, 
    250         :attr:`~django.contrib.auth.models.User.email` and 
     249        The :attr:`~django.contrib.auth.models.User.username`,
     250        :attr:`~django.contrib.auth.models.User.email` and
    251251        :attr:`~django.contrib.auth.models.User.password` are set as given, and the
    252252        :class:`~django.contrib.auth.models.User` gets ``is_active=True``.
    253253
     
    351351      ``False`` instead of ``True``.
    352352    * :meth:`~django.contrib.auth.models.User.has_perm()` always returns ``False``.
    353353    * :meth:`~django.contrib.auth.models.User.set_password()`,
    354       :meth:`~django.contrib.auth.models.User.check_password()`, 
    355       :meth:`~django.contrib.auth.models.User.save()`, 
     354      :meth:`~django.contrib.auth.models.User.check_password()`,
     355      :meth:`~django.contrib.auth.models.User.save()`,
    356356      :meth:`~django.contrib.auth.models.User.delete()`,
    357       :meth:`~django.contrib.auth.models.User.set_groups()` and 
    358       :meth:`~django.contrib.auth.models.User.set_permissions()` raise 
     357      :meth:`~django.contrib.auth.models.User.set_groups()` and
     358      :meth:`~django.contrib.auth.models.User.set_permissions()` raise
    359359      :exc:`NotImplementedError`.
    360360
    361361In practice, you probably won't need to use
     
    523523    :func:`~django.contrib.auth.authenticate()`
    524524    sets an attribute on the :class:`~django.contrib.auth.models.User` noting
    525525    which authentication backend successfully authenticated that user (see
    526     the `backends documentation`_ for details), and this information is
    527     needed later during the login process.
     526    :ref:`authentication-backends` for details), and this information is needed
     527    later during the login process.
    528528
    529 .. _backends documentation: #other-authentication-sources
    530 
    531529Manually checking a user's password
    532530-----------------------------------
    533531
     
    683681          :class:`~django.contrib.sites.models.Site``, according to the
    684682          :setting:`SITE_ID` setting. If you're using the Django development version
    685683          and you don't have the site framework installed, this will be set to the
    686           value of ``request.META['SERVER_NAME']``. For more on sites, see 
     684          value of ``request.META['SERVER_NAME']``. For more on sites, see
    687685          :ref:`ref-contrib-sites`.
    688686
    689687    If you'd prefer not to call the template :file:`registration/login.html`,
     
    717715
    718716        {% endblock %}
    719717
     718    **New in Django development version**
     719
     720    If you are using alternate authentication (see
     721    :ref:`authentication-backends`) you can pass a custom authentication form
     722    to the login view via the ``authentication_form`` parameter. This form must
     723    accept a ``request`` keyword argument in its ``__init__`` method, and
     724    provide a ``get_user`` argument which returns the authenticated user object
     725    (this method is only ever called after successful form validation).
     726
    720727    .. _forms documentation: ../forms/
    721728    .. _site framework docs: ../sites/
    722729
     
    760767          displaying the password change form. This will default to
    761768          :file:`registration/password_change_form.html` if not supplied.
    762769
     770        * ``post_change_redirect``: The URL which the user will be redirected
     771          to after a successful password change (defaults to the reverse of the
     772          :func:`django.contrib.auth.views.password_change_done` view).
     773
     774        * ``password_change_form``: A custom "change password" form which must
     775          accept a ``user`` keyword argument. The form is responsible for
     776          actually changing the user's password.
     777          (**New in Django development version**)
     778
    763779    **Template context:**
    764780
    765781        * ``form``: The password change form.
     
    10291045fields:
    10301046
    10311047.. attribute:: models.Permission.name
    1032    
     1048
    10331049    Required. 50 characters or fewer. Example: ``'Can vote'``.
    10341050
    10351051.. attribute:: models.Permission.content_type
     
    10381054    which contains a record for each installed Django model.
    10391055
    10401056.. attribute:: models.Permission.codename
    1041    
     1057
    10421058    Required. 100 characters or fewer. Example: ``'can_vote'``.
    10431059
    10441060Methods
     
    10611077   :setting:`TEMPLATE_CONTEXT_PROCESSORS` setting contains
    10621078   ``"django.core.context_processors.auth"``, which is default. For more, see
    10631079   the :ref:`RequestContext docs <subclassing-context-requestcontext>`.
    1064    
     1080
    10651081Users
    10661082-----
    10671083
     
    10911107
    10921108    {{ perms.foo }}
    10931109
    1094 Two-level-attribute lookup is a proxy to 
     1110Two-level-attribute lookup is a proxy to
    10951111:meth:`User.has_perm <django.contrib.auth.models.User.has_perm>`. This example
    10961112would display ``True`` if the logged-in user had the permission
    10971113``foo.can_vote``::
     
    11451161
    11461162    To create a new message, use
    11471163    ``user_obj.message_set.create(message='message_text')``.
    1148    
     1164
    11491165    To retrieve/delete messages, use
    11501166    :meth:`user_obj.get_and_delete_messages() <django.contrib.auth.models.User.get_and_delete_messages>`,
    11511167    which returns a list of ``Message`` objects in the user's queue (if any)
     
    13051321
    13061322The user model will delegate permission lookup functions
    13071323(:meth:`~django.contrib.auth.models.User.get_group_permissions()`,
    1308 :meth:`~django.contrib.auth.models.User.get_all_permissions()`, 
     1324:meth:`~django.contrib.auth.models.User.get_all_permissions()`,
    13091325:meth:`~django.contrib.auth.models.User.has_perm()`, and
    13101326:meth:`~django.contrib.auth.models.User.has_module_perms()`) to any
    13111327authentication backend that implements these functions.
Back to Top