Opened 21 months ago

Last modified 21 months ago

#34408 closed Bug

Authorization in Custom Authentication Backend does not work — at Initial Version

Reported by: Vivek Kumar Singh Owned by: nobody
Component: contrib.auth Version: 4.1
Severity: Normal Keywords: authentication, authorization
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

I was experimenting with has_perm and user_can_authenticate functions in my custom authentication backend when I found out these function aren't even executing during the Authentication process. I tries putting print statements but there was no output in the log screen. I also tried using example suggested in Django Documentation (https://docs.djangoproject.com/en/4.1/topics/auth/customizing/#handling-authorization-in-custom-backends) but it still didn't work.

Here is my code:

backends.py

`
class EmailBackend(BaseBackend):

def authenticate(self, request, username=None, password=None):

try:

user = User.objects.get(email=username)
if user.check_password(password):

return user

return None

except User.DoesNotExist:

return None


def get_user(self, user_id):

try:

return User.objects.get(pk=user_id)

except User.DoesNotExist:

return None

def has_perm(self, user_obj, perm, obj=None):

print("hello")
return True

`

and logs

`
[12/Mar/2023 00:01:05] "GET /login HTTP/1.1" 200 861
[12/Mar/2023 00:01:16] "POST /login HTTP/1.1" 302 0
[12/Mar/2023 00:01:16] "GET / HTTP/1.1" 200 370
`

as you can see there was no output saying "hello".
please explain what is the use of has_perm and other authorization functions in django anyway.

Change History (0)

Note: See TracTickets for help on using tickets.
Back to Top