Opened 3 weeks ago

Closed 11 days ago

#28751 closed Cleanup/optimization (fixed)

Add an error message for inactive user login in AdminAuthenticationForm

Reported by: SeungWon Kang Owned by: nobody
Component: contrib.admin Version: master
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description (last modified by SeungWon Kang)

In admin login site, I found that ValidationError message for 'inactive' user does not exist. (In AuthenticationForm it exists) I know default BackEnd checks the is_active in user_can_authenticate() method, but I think adding this error message would be helpful if using other BackEnd like AllowAllUsersModelBackEnd.

In AuthenticationForm, it shows inactive error message to the inactive user(user that is_active=False)

    def confirm_login_allowed(self, user):
        ...
        if not user.is_active:
            raise forms.ValidationError(
                self.error_messages['inactive'],
                code='inactive',
            )

but in AdminAuthenticationForm, it shows invalid_login error message to the inactive user(user that is_active=False)

    def confirm_login_allowed(self, user):
        if not user.is_active or not user.is_staff:
            raise forms.ValidationError(
                self.error_messages['invalid_login'],
                code='invalid_login',
                params={'username': self.username_field.verbose_name}
            )

So I suggest to change it like

error_messages = {
        ...
        'inactive': _("This account is inactive."),
    }

    ...
    def confirm_login_allowed(self, user):
        if not user.is_active:
            raise forms.ValidationError(
                self.error_messages['inactive'],
                code='inactive',
            )

        if not user.is_staff:
            raise forms.ValidationError(
                self.error_messages['invalid_login'],
                code='invalid_login',
                params = {'username': self.username_field.verbose_name},
            )
    ....

Change History (8)

comment:1 Changed 3 weeks ago by SeungWon Kang

Description: modified (diff)

comment:2 Changed 3 weeks ago by SeungWon Kang

Description: modified (diff)

comment:3 Changed 3 weeks ago by SeungWon Kang

Description: modified (diff)

comment:4 Changed 3 weeks ago by hui shang

PR

This ticket is related to ticket_28645, so I make the commits for these two tickets in the same PR.

comment:5 Changed 2 weeks ago by Tim Graham

Has patch: set
Triage Stage: UnreviewedAccepted

comment:6 Changed 11 days ago by Tim Graham

Patch needs improvement: set

comment:7 Changed 11 days ago by hui shang

Patch needs improvement: unset

comment:8 Changed 11 days ago by Tim Graham <timograham@…>

Resolution: fixed
Status: newclosed

In ebb99897:

Fixed #28751 -- Corrected the error message for inactive users in AdminAuthenticationForm.

Thanks SeungWon Kang for the report and Tim Graham for the review.

Note: See TracTickets for help on using tickets.
Back to Top