mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
Fixed #26480 -- Fixed crash of contrib.auth.authenticate() on decorated authenticate() methods of authentication backends.
The Signature API (PEP 362) has better support for decorated functions (by default, it follows the __wrapped__ attribute set by functools.wraps for example).
This commit is contained in:
parent
23af086665
commit
3df3c5e670
@ -63,8 +63,9 @@ def authenticate(request=None, **credentials):
|
||||
If the given credentials are valid, return a User object.
|
||||
"""
|
||||
for backend, backend_path in _get_backends(return_tuples=True):
|
||||
backend_signature = inspect.signature(backend.authenticate)
|
||||
try:
|
||||
inspect.getcallargs(backend.authenticate, request, **credentials)
|
||||
backend_signature.bind(request, **credentials)
|
||||
except TypeError:
|
||||
# This backend doesn't accept these credentials as arguments. Try the next one.
|
||||
continue
|
||||
|
@ -13,6 +13,7 @@ from django.http import HttpRequest
|
||||
from django.test import (
|
||||
SimpleTestCase, TestCase, modify_settings, override_settings,
|
||||
)
|
||||
from django.views.decorators.debug import sensitive_variables
|
||||
|
||||
from .models import (
|
||||
CustomPermissionsUser, CustomUser, CustomUserWithoutIsActiveField,
|
||||
@ -642,6 +643,12 @@ class SkippedBackend:
|
||||
pass
|
||||
|
||||
|
||||
class SkippedBackendWithDecoratedMethod:
|
||||
@sensitive_variables()
|
||||
def authenticate(self):
|
||||
pass
|
||||
|
||||
|
||||
class AuthenticateTests(TestCase):
|
||||
@classmethod
|
||||
def setUpTestData(cls):
|
||||
@ -664,6 +671,13 @@ class AuthenticateTests(TestCase):
|
||||
"""
|
||||
self.assertEqual(authenticate(username='test', password='test'), self.user1)
|
||||
|
||||
@override_settings(AUTHENTICATION_BACKENDS=(
|
||||
'auth_tests.test_auth_backends.SkippedBackendWithDecoratedMethod',
|
||||
'django.contrib.auth.backends.ModelBackend',
|
||||
))
|
||||
def test_skips_backends_with_decorated_method(self):
|
||||
self.assertEqual(authenticate(username='test', password='test'), self.user1)
|
||||
|
||||
|
||||
class ImproperlyConfiguredUserModelTest(TestCase):
|
||||
"""
|
||||
|
Loading…
Reference in New Issue
Block a user