TestCase.client.logout fails when using custom authentication backend not based on AUTH_USER_MODEL
|Reported by:||xafer||Owned by:||nobody|
|Severity:||Normal||Keywords:||logout test AUTH_USER_MODEL|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I'm not sure if it's a bug or a new feature:
TestCase.client.login calls django.contrib.auth.login(request, user)
which stores the user id and its backend in the request's session:
request.session[SESSION_KEY] = user.pk
request.session[BACKEND_SESSION_KEY] = user.backend
But in TestCase.client.logout calls, Django tries to get the authenticated user with:
uid = self.session.get(SESSION_KEY)
request.user = UserModel._default_manager.get(pk=uid)
assuming user is a AUTH_USER_MODEL and without checking its BACKEND_SESSION_KEY...
It would seem cleaner to actually rly on django.contrib.auth.get_user to find the correct user (whatever its type) and allow the concurrent use of multiple user models (typically user model and customer model...).
See https://github.com/xavfernandez/django_test_client_bugreport for a failing example.