Opened 5 years ago

Closed 5 years ago

#15755 closed New feature (wontfix)

Admin should allow for configurable login handling support

Reported by: Matt McDonald Owned by: nobody
Component: contrib.admin Version: master
Severity: Normal Keywords:
Cc: Matt McDonald Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

In its current implementation, the contrib.admin application attempts to handle user authentication by displaying a login form for any request where the user does not have permission to view (either because they are unauthenticated, or their user account fails the is_active and is_staff test).

In cases where authentication is being handled by an external system (e.g., Apache .htaccess or Google Accounts auth on App Engine), it can be confusing for users to see this login form when their account does not have permission to access the admin, as in some cases, the credentials they use might not correspond to what is stored in the Django auth table.

I'd like to propose a configuration knob to allow the choice for whether the admin app attempts to perform user authentication at all, and instead just relies on all users to be pre-authenticated.

Attachments (1)

admin.diff (1.5 KB) - added by Matt McDonald 5 years ago.

Download all attachments as: .zip

Change History (5)

Changed 5 years ago by Matt McDonald

Attachment: admin.diff added

comment:1 Changed 5 years ago by Matt McDonald

Needs documentation: unset
Needs tests: unset
Patch needs improvement: unset
Summary: Admin should allow for configurable support login handlingAdmin should allow for configurable login handling support

comment:2 Changed 5 years ago by Łukasz Rekucki

A global settings is not an option (you can have more then one admin instance). You can achieve exactly the same by overriding login() and/or admin_view() methods using a subclass of AdminSite.

comment:3 Changed 5 years ago by Matt McDonald

This is actually the approach I'm currently taking in my project, but was interested in achieving the result in a bit of simpler way. In the common case of using the default admin site, it would be nice to just be able to change 1 settings.py configuration without worrying about subclassing.

Since the current patch preserves backward compatibility, I viewed the fact that it applies globally to all admin site instances as a desired effect. Selectively choosing individual admin site instance to have login handling enabled could then be achieved through sub-classing.

However, I do understand if there is resistance to this idea.

comment:4 Changed 5 years ago by Jannis Leidel

Resolution: wontfix
Status: newclosed

This is already possible, closing as wontfix.

Note: See TracTickets for help on using tickets.
Back to Top