id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 15671 hasattr in RemoteUserMiddleware hides true errors and exceptions Matt McDonald "The !RemoteUserMiddleware hides true errors and exceptions that may occur when fetching Session and User data from the db backend. This occurs because the middleware first performs a test to ensure that contrib.auth.middleware.!AuthenticationMiddleware has been installed by calling: {{{ if not hasattr(request, 'user'): raise ImproperlyConfigured(...) }}} However, hasattr dangerously catches all exceptions that occur during the call, which hides any of the multitude of problems that could occur when the !LazyUser attribute attempts to fetch the real User instance from the database. I've proposed a patch which instead uses a try/except on !AttributeError to perform the same logic, while letting other exceptions correctly bubble up." Bug closed contrib.auth dev Normal fixed Matt McDonald Ready for checkin 1 0 0 0 0 0