Ticket #12103: 12103_at_r17205.diff

File 12103_at_r17205.diff, 5.0 KB (added by Ethan Jucovy, 13 years ago)

updated patch for code-drift

  • docs/topics/auth.txt

     
    12101210
    12111211    A form for logging a user in.
    12121212
     1213    The ``AuthenticationForm`` rejects users whose ``is_active`` flag is set to ``False``.
     1214    You may override this behavior with a custom policy to determine which users can log in.
     1215    Do this with a custom form that subclasses ``AuthenticationForm`` and overrides the
     1216    ``confirm_login_allowed(self, user)`` method.  This method will raise a ``forms.ValidationError``
     1217    if the given user may not log in.
     1218
     1219    For example, to allow all users to log in, regardless of activation status::
     1220
     1221    .. code-block:: python
     1222
     1223        class AuthenticationFormWithInactiveUsersOkay(AuthenticationForm):
     1224            def confirm_login_allowed(self, user):
     1225                pass
     1226
     1227    Or to allow only some active users to log in:
     1228
     1229    .. code-block:: python
     1230
     1231        class PickyAuthenticationForm(AuthenticationForm):
     1232            def confirm_login_allowed(self, user):
     1233                if not user.is_active:
     1234                    raise forms.ValidationError(_("This account is inactive."))
     1235                if user.username.startswith('b'):
     1236                    raise forms.ValidationError(_("Sorry, accounts starting with 'b' aren't welcome here."))
     1237
    12131238.. class:: PasswordChangeForm
    12141239
    12151240    A form for allowing a user to change their password.
  • django/contrib/auth/tests/forms.py

     
    115115                self.assertEqual(form.non_field_errors(),
    116116                                 [force_unicode(form.error_messages['inactive'])])
    117117
     118    def test_custom_login_allowed_policy(self):
     119        # The user is inactive, but our custom form policy allows him to log in.
     120        data = {
     121            'username': 'inactive',
     122            'password': 'password',
     123            }
     124
     125        class AuthenticationFormWithInactiveUsersOkay(AuthenticationForm):
     126            def confirm_login_allowed(self, user):
     127                pass
     128
     129        form = AuthenticationFormWithInactiveUsersOkay(None, data)
     130        self.assertTrue(form.is_valid())
     131
     132        # If we want to disallow some logins according to custom logic,
     133        # we should raise a django.forms.ValidationError in the form.
     134        from django.forms import ValidationError
     135        from django.utils.translation import ugettext_lazy as _
     136        class PickyAuthenticationForm(AuthenticationForm):
     137            def confirm_login_allowed(self, user):
     138                if user.username == "inactive":
     139                    raise ValidationError(_("This user is disallowed."))
     140                raise ValidationError(_("Sorry, nobody's allowed in."))
     141       
     142        form = PickyAuthenticationForm(None, data)
     143        self.assertFalse(form.is_valid())
     144        self.assertEqual(form.non_field_errors(),
     145                         [u'This user is disallowed.'])
     146       
     147        data = {
     148            'username': 'testclient',
     149            'password': 'password',
     150            }
     151        form = PickyAuthenticationForm(None, data)
     152        self.assertFalse(form.is_valid())
     153        self.assertEqual(form.non_field_errors(),
     154                         [u"Sorry, nobody's allowed in."])
     155       
    118156    def test_success(self):
    119157        # The success case
    120158        data = {
  • django/contrib/auth/forms.py

     
    145145            self.user_cache = authenticate(username=username, password=password)
    146146            if self.user_cache is None:
    147147                raise forms.ValidationError(self.error_messages['invalid_login'])
    148             elif not self.user_cache.is_active:
    149                 raise forms.ValidationError(self.error_messages['inactive'])
     148            else:
     149                self.confirm_login_allowed(self.user_cache)
    150150        self.check_for_test_cookie()
    151151        return self.cleaned_data
    152152
     
    154154        if self.request and not self.request.session.test_cookie_worked():
    155155            raise forms.ValidationError(self.error_messages['no_cookies'])
    156156
     157    def confirm_login_allowed(self, user):
     158        """
     159        Controls whether the given ``auth.User`` object may log in. This is a policy setting,
     160        independent of end-user authentication. This default behavior is to allow login by
     161        active users, and reject login by inactive users.
     162
     163        If the given user cannot log in, this method should raise a ``forms.ValidationError``.
     164
     165        If the given user may log in, this method should return None.
     166        """
     167        if not user.is_active:
     168            raise forms.ValidationError(self.error_messages['inactive'])
     169
    157170    def get_user_id(self):
    158171        if self.user_cache:
    159172            return self.user_cache.id
Back to Top