Opened 5 months ago
Last modified 5 months ago
#35555 closed Cleanup/optimization
Add additional middleware checks for django.contrib.auth — at Initial Version
| Reported by: | Jaap Roes | Owned by: | nobody |
|---|---|---|---|
| Component: | contrib.auth | Version: | dev |
| Severity: | Normal | Keywords: | auth session middleware checks |
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
The django.contrib.auth.checks module defines a check_middleware function. This function currently checks if LoginRequiredMiddleware is enabled, if so it checks if AuthenticationMiddleware is also enabled, and is placed before it.
This is nice, and something than happens at runtime for other middlewares in contrib.auth, for example:
RemoveUserMiddleware raises a ImproperlyConfigured error if it's enabled but AuthenticationMiddleware isn't enabled, or is placed after it.
AuthenticationMiddleware itself also raises a ImproperlyConfigured error if it's enabled but SessionMiddleware is not (or isn't executed before reaching it).
I can contribute a patch, unless there's any reason not to do this.