id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
33231	authenticate() doesn't raise ImproperlyConfigured for incorrect authentication backends.	JunKi Yoon	JunKi Yoon	"def authenticate doesn't raise ImproperlyConfigured for incorrect AUTHENTICATION_BACKENDS (with custom backends)

In my opinion, if an TypeError occurs, there is a problem with AUTHENTICATION_BACKENDS configure, 
so raise ImproperlyConfigured should be performed.

Let's say you have a custom authentication backend like this:

{{{
AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.ModelBackend', 'myapp.backends.CustomAuth']
}}}

{{{
# myapp.backends.py
class CustomAuth(BaseBackend):
    def authenticate(self, username=None, password=None):
        # blahblah..
}}}

In this case, if request is not included as a parameter in the def authenticate function of the CustomAuth class, a TypeError occurs.

Both ModelBackend and CustomAuth fail authentication, and you can't even guess that the settings(custom backend) are wrong. So I think raise ImproperlyConfigured is necessary.


{{{

@sensitive_variables('credentials')
def authenticate(request=None, **credentials):
    """"""
    If the given credentials are valid, return a User object.
    """"""
    for backend, backend_path in _get_backends(return_tuples=True):
        backend_signature = inspect.signature(backend.authenticate)
        try:
            backend_signature.bind(request, **credentials)
        except TypeError:
            # This backend doesn't accept these credentials as arguments. Try the next one.
            continue 
        try:
            user = backend.authenticate(request, **credentials)
        except PermissionDenied:
            # This backend says to stop in our tracks - this user should not be allowed in at all.
            break
        if user is None:
            continue
        # Annotate the user object with the path of the backend.
        user.backend = backend_path
        return user

    # The credentials supplied are invalid to all backends, fire signal
    user_login_failed.send(sender=__name__, credentials=_clean_credentials(credentials), request=request)
}}}

"	New feature	closed	contrib.auth	3.2	Normal	wontfix	authenticate, AUTHENTICATION_BACKENDS		Unreviewed	0	0	0	0	0	0