Opened 5 years ago

Closed 5 years ago

#15755 closed New feature (wontfix)

Admin should allow for configurable login handling support

Reported by: metzen Owned by: nobody
Component: contrib.admin Version: master
Severity: Normal Keywords:
Cc: metzen Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


In its current implementation, the contrib.admin application attempts to handle user authentication by displaying a login form for any request where the user does not have permission to view (either because they are unauthenticated, or their user account fails the is_active and is_staff test).

In cases where authentication is being handled by an external system (e.g., Apache .htaccess or Google Accounts auth on App Engine), it can be confusing for users to see this login form when their account does not have permission to access the admin, as in some cases, the credentials they use might not correspond to what is stored in the Django auth table.

I'd like to propose a configuration knob to allow the choice for whether the admin app attempts to perform user authentication at all, and instead just relies on all users to be pre-authenticated.

Attachments (1)

admin.diff (1.5 KB) - added by metzen 5 years ago.

Download all attachments as: .zip

Change History (5)

Changed 5 years ago by metzen

comment:1 Changed 5 years ago by metzen

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Summary changed from Admin should allow for configurable support login handling to Admin should allow for configurable login handling support

comment:2 Changed 5 years ago by lrekucki

A global settings is not an option (you can have more then one admin instance). You can achieve exactly the same by overriding login() and/or admin_view() methods using a subclass of AdminSite.

comment:3 Changed 5 years ago by metzen

This is actually the approach I'm currently taking in my project, but was interested in achieving the result in a bit of simpler way. In the common case of using the default admin site, it would be nice to just be able to change 1 configuration without worrying about subclassing.

Since the current patch preserves backward compatibility, I viewed the fact that it applies globally to all admin site instances as a desired effect. Selectively choosing individual admin site instance to have login handling enabled could then be achieved through sub-classing.

However, I do understand if there is resistance to this idea.

comment:4 Changed 5 years ago by jezdez

  • Resolution set to wontfix
  • Status changed from new to closed

This is already possible, closing as wontfix.

Note: See TracTickets for help on using tickets.
Back to Top