test.Client.login_user(user_instance)

[Thomas Güttler <hv@…>]

I don't want to use a password in the unittests. This patch adds the method login_user() to
test.Client.

The patch contains updates for the documentation and for the regression tests.

[MichaelBishop]

The patch appears complete with documentation. Decision needs to be made if this should be included.

[Russell Keith-Magee]

If you have a test user, you can set up the test password to be whatever you want, so the problem isn't putting passwords in plain text. The login() interface isn't that difficult to use, so you can't make a 'shortcut/ease of use argument' either.

Unless someone can provide a particularly compelling reason for adding this method, I'm marking it wontfix.

[Thomas Güttler]

I still think this patch is useful. I have a bunch of read only tests which I run against the production system.
And I don't want to store the password in my code.

Since I try to not modify django code I found this dirty solution:

def fake_authenticate(user):
    assert isinstance(user, User), user
    if not hasattr(user, "backend"): 
        backend=get_backends()[0] 
        user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) 
    return user

def client_login_user(client, user):
    # Change to django code base was rejected (http://code.djangoproject.com/ticket/5938). 
    # Dirty hack to login user-object without knowing his password.
    # Not threadsafe.
    assert isinstance(user, User), user
    assert isinstance(client, Client), client
    from django.test import client as client_module
    orig_authenticate=client_module.authenticate
    try:
        client_module.authenticate=fake_authenticate
        client.login(user=user)
    finally:
        client_module.authenticate=orig_authenticate
    return user

[Thomas Güttler]

New ticket #14350