Opened 19 years ago

Closed 19 years ago

Last modified 19 years ago

#2332 closed enhancement (fixed)

[patch] is_loggedin method for User and AnonymousUser models.

Reported by: Chris Beaven Owned by: Adrian Holovaty
Component: Contrib apps Version:
Severity: normal Keywords: auth user
Cc: gary.wilson@… Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

This is_loggedin method replaces the is_anonymous method.

Discussion from the django-developers group follows (see thread).

Templates treat non-existing variables as False; therefore; a
request.user somehow failing to get assigned would result in the
template treating the user as they are authenticated (is_anonymous
evaluates False). An is_loggedin would be a more secure option because
if request.user failed to get assigned, the template would treat the
user as anonymous.

I would much rather mistakenly treat an authenticated user as anonymous
than mistakenly treat an anonymous user as authenticated.

Attachments (4)

is_loggedin.patch (8.8 KB ) - added by Chris Beaven 19 years ago.
is_loggedin implementation - also replaces all is_anonymous references with negative is_loggedin
is_logged_in.diff (13.3 KB ) - added by Gary Wilson <gary.wilson@…> 19 years ago.
is_logged_in implementation with doc changes and deprecation warnings in is_anonymous
is_authenticated.diff (13.5 KB ) - added by Gary Wilson <gary.wilson@…> 19 years ago.
is_authenticated implementation with doc changes and NO deprecation warnings in is_anonymous
is_authenticated.2.diff (13.5 KB ) - added by Gary Wilson <gary.wilson@…> 19 years ago.
is_authenticated implementation with doc changes and NO deprecation warnings in is_anonymous, slight change in documentation wording

Download all attachments as: .zip

Change History (8)

by Chris Beaven, 19 years ago

Attachment: is_loggedin.patch added

is_loggedin implementation - also replaces all is_anonymous references with negative is_loggedin

comment:1 by Malcolm Tredinnick, 19 years ago

I don't like the name. Either is_authenticated or is_logged_in seem better.

Although using "login" as a single word verb is becoming common and even acceptable in some style guides (when I rule the universe, there are going to be changes made, let me tell you), I don't think we should encourage "loggedin" to be its past tense. :-) That can be fixed when we apply this.

There are some docs changes required as well that are not in this patch.

by Gary Wilson <gary.wilson@…>, 19 years ago

Attachment: is_logged_in.diff added

is_logged_in implementation with doc changes and deprecation warnings in is_anonymous

by Gary Wilson <gary.wilson@…>, 19 years ago

Attachment: is_authenticated.diff added

is_authenticated implementation with doc changes and NO deprecation warnings in is_anonymous

by Gary Wilson <gary.wilson@…>, 19 years ago

Attachment: is_authenticated.2.diff added

is_authenticated implementation with doc changes and NO deprecation warnings in is_anonymous, slight change in documentation wording

comment:3 by Gary Wilson <gary.wilson@…>, 19 years ago

Summary: is_loggedin method for User and AnonymousUser models.[patch] is_loggedin method for User and AnonymousUser models.

comment:4 by Malcolm Tredinnick, 19 years ago

Resolution: fixed
Status: newclosed

(In [3360]) Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser classes. Recommended its use over is_anonymous in the docs. Changed internal Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson for the patch.

Note: See TracTickets for help on using tickets.
Back to Top