Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#17841 closed Cleanup/optimization (fixed)

Clarify authentication backend documentation

Reported by: Jeremy Blanchard Owned by: Luke Granger-Brown
Component: Documentation Version: 1.3
Severity: Normal Keywords:
Cc: django@… Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

The current text for the "NOTE" in this section of the documentation reads:

Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for subsequent authentication attempts for that user. This effectively means that authentication sources are cached, so if you change AUTHENTICATION_BACKENDS, you'll need to clear out session data if you need to force users to re-authenticate using different methods. A simple way to do that is simply to execute Session.objects.all().delete().

It is pretty awkwardly worded in my opinion. It should be improved.

Attachments (1)

17841.patch (959 bytes) - added by Luke Granger-Brown 5 years ago.
Patch for the change suggested by auzigog

Download all attachments as: .zip

Change History (8)

comment:1 Changed 5 years ago by Jeremy Blanchard

After getting clarification from SmileyChris and reading the core code, I would propose this updated text:

NOTE: Once a user has authenticated, Django stores which backend was used to authenticate the user in the user's session, and re-uses the same backend for the duration of that session whenever access to the currently authenticated user is needed. This effectively means that authentication sources are cached, ((continue with previous text that was there))

Version 2, edited 5 years ago by Jeremy Blanchard (previous) (next) (diff)

comment:2 Changed 5 years ago by Jeremy Blanchard

Easy pickings: set

Marking as easy pickings

Changed 5 years ago by Luke Granger-Brown

Attachment: 17841.patch added

Patch for the change suggested by auzigog

comment:3 Changed 5 years ago by Luke Granger-Brown

Has patch: set
Owner: changed from nobody to Luke Granger-Brown

Here's a patch for that. Setting has patch, and assigning to me.

comment:4 Changed 5 years ago by Luke Granger-Brown

Cc: django@… added

Forgot to add to cc.

comment:5 Changed 5 years ago by Julien Phalip

Component: UncategorizedDocumentation
Triage Stage: UnreviewedReady for checkin
Type: UncategorizedCleanup/optimization

comment:6 Changed 5 years ago by Claude Paroz

Resolution: fixed
Status: newclosed

In [17752]:

Fixed #17841 -- Clarified caching note about authentication backends. Thanks auzigog for the proposal and lukegb for the patch.

comment:7 Changed 5 years ago by Claude Paroz

In [17753]:

[1.3.X] Fixed #17841 -- Clarified caching note about authentication backends. Thanks auzigog for the proposal and lukegb for the patch.

Backport of r17752 from trunk.

Note: See TracTickets for help on using tickets.
Back to Top