#17841 closed Cleanup/optimization (fixed)
Clarify authentication backend documentation
| Reported by: | Jeremy Blanchard | Owned by: | Luke Granger-Brown |
|---|---|---|---|
| Component: | Documentation | Version: | 1.3 |
| Severity: | Normal | Keywords: | |
| Cc: | django@… | Triage Stage: | Ready for checkin |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | yes | UI/UX: | no |
Description
The current text for the "NOTE" in this section of the documentation reads:
Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for subsequent authentication attempts for that user. This effectively means that authentication sources are cached, so if you change AUTHENTICATION_BACKENDS, you'll need to clear out session data if you need to force users to re-authenticate using different methods. A simple way to do that is simply to execute Session.objects.all().delete().
It is pretty awkwardly worded in my opinion. It should be improved.
Attachments (1)
Change History (8)
comment:3 by , 13 years ago
| Has patch: | set |
|---|---|
| Owner: | changed from to |
Here's a patch for that. Setting has patch, and assigning to me.
comment:5 by , 13 years ago
| Component: | Uncategorized → Documentation |
|---|---|
| Triage Stage: | Unreviewed → Ready for checkin |
| Type: | Uncategorized → Cleanup/optimization |
comment:6 by , 13 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
In [17752]:
(The changeset message doesn't reference this ticket)
After getting clarification from SmileyChris and reading the core code, I would propose this updated text:
NOTE: Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for the duration of that session whenever access to the currently authenticated user is needed. This effectively means that authentication sources are cached, ((continue with previous text that was there))