[patch] is_loggedin method for User and AnonymousUser models.
|Reported by:||SmileyChris||Owned by:||adrian|
|Has patch:||yes||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
This is_loggedin method replaces the is_anonymous method.
Discussion from the django-developers group follows (see thread).
Templates treat non-existing variables as False; therefore; a
request.user somehow failing to get assigned would result in the
template treating the user as they are authenticated (is_anonymous
evaluates False). An is_loggedin would be a more secure option because
if request.user failed to get assigned, the template would treat the
user as anonymous.
I would much rather mistakenly treat an authenticated user as anonymous
than mistakenly treat an anonymous user as authenticated.
Change History (8)
Changed 8 years ago by SmileyChris
comment:3 Changed 8 years ago by Gary Wilson <gary.wilson@…>
- Summary changed from is_loggedin method for User and AnonymousUser models. to [patch] is_loggedin method for User and AnonymousUser models.