Opened 13 years ago

Closed 13 years ago

Last modified 13 years ago

#17841 closed Cleanup/optimization (fixed)

Clarify authentication backend documentation

Reported by: Jeremy Blanchard Owned by: Luke Granger-Brown
Component: Documentation Version: 1.3
Severity: Normal Keywords:
Cc: django@… Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

The current text for the "NOTE" in this section of the documentation reads:

Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for subsequent authentication attempts for that user. This effectively means that authentication sources are cached, so if you change AUTHENTICATION_BACKENDS, you'll need to clear out session data if you need to force users to re-authenticate using different methods. A simple way to do that is simply to execute Session.objects.all().delete().

It is pretty awkwardly worded in my opinion. It should be improved.

Attachments (1)

17841.patch (959 bytes ) - added by Luke Granger-Brown 13 years ago.
Patch for the change suggested by auzigog

Download all attachments as: .zip

Change History (8)

comment:1 by Jeremy Blanchard, 13 years ago

After getting clarification from SmileyChris and reading the core code, I would propose this updated text:

NOTE: Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for the duration of that session whenever access to the currently authenticated user is needed. This effectively means that authentication sources are cached, continue with previous text that was there

Version 1, edited 13 years ago by Jeremy Blanchard (previous) (next) (diff)

comment:2 by Jeremy Blanchard, 13 years ago

Easy pickings: set

Marking as easy pickings

by Luke Granger-Brown, 13 years ago

Attachment: 17841.patch added

Patch for the change suggested by auzigog

comment:3 by Luke Granger-Brown, 13 years ago

Has patch: set
Owner: changed from nobody to Luke Granger-Brown

Here's a patch for that. Setting has patch, and assigning to me.

comment:4 by Luke Granger-Brown, 13 years ago

Cc: django@… added

Forgot to add to cc.

comment:5 by Julien Phalip, 13 years ago

Component: UncategorizedDocumentation
Triage Stage: UnreviewedReady for checkin
Type: UncategorizedCleanup/optimization

comment:6 by Claude Paroz, 13 years ago

Resolution: fixed
Status: newclosed

In [17752]:

(The changeset message doesn't reference this ticket)

comment:7 by Claude Paroz, 13 years ago

In [17753]:

[1.3.X] Fixed #17841 -- Clarified caching note about authentication backends. Thanks auzigog for the proposal and lukegb for the patch.

Backport of r17752 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top