#2826 closed defect (fixed)
contrib.comments.views.comments.post_comment should check .is_authenticated() before trying to do a login.
| Reported by: | anonymous | Owned by: | Adrian Holovaty |
|---|---|---|---|
| Component: | Contrib apps | Version: | dev |
| Severity: | normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
In django.contrib.comments.views.comments.post_comment there should be a check for not manipulator.get_user().is_authenticated() before trying to do a login(). Otherwise the login fails with:
Traceback (most recent call last): File "c:\django\django\core\handlers\base.py" in get_response 74. response = callback(request, *callback_args, **callback_kwargs) File "c:\django\django\contrib\comments\views\comments.py" in post_comment 222. login(request, manipulator.get_user()) File "c:\django\django\contrib\auth\__init__.py" in login 53. request.session[BACKEND_SESSION_KEY] = user.backend AttributeError at /comments/post/ 'User' object has no attribute 'backend'
# If user gave correct username/password and wasn't already logged in, log them in
# so they don't have to enter a username/password again.
if manipulator.get_user() and not manipulator.get_user().is_authenticated() and new_data.has_key('password') and manipulator.get_user().check_password(new_data['password']):
from django.contrib.auth import login
login(request, manipulator.get_user())
Note:
See TracTickets
for help on using tickets.
(In [3929]) Fixed #2826 -- Added .is_authenticated() check before login() in comments views