Opened 10 years ago
Last modified 10 years ago
#23896 closed New feature
set_password — at Initial Version
| Reported by: | Roman | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.auth | Version: | 1.7 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
Recently I've implemented LDAP auth backend by myself and was confused by not being able to add change_password/set_password functionality without adding custom User model. Actually I think it is very common to delegate password validation to some external service, like LDAP, SMTP, HTTP, etc. while keeping User model as is. Also, providing custom user model will force all applications to reference settings.AUTH_USER_MODEL which is definitely correct, but forcing to do even correct thing does not look nice for me.
So, the thing I want to discuss is support of some special methods on auth backends like
""" user is for User model instance here, not username string """ def set_password(user, new_password): pass """ user is for User model instance here, not username string """ def change_password(user, old_password, new_password): pass
User model to call auth backend methods if defined.
So do I miss anything? Is my proposal correct?