diff --git a/django/contrib/auth/backends.py b/django/contrib/auth/backends.py index bc3db2f663..3b46b65b0a 100644 --- a/django/contrib/auth/backends.py +++ b/django/contrib/auth/backends.py @@ -1,35 +1,5 @@ -from django.conf import settings from django.contrib.auth.models import User, check_password -class SettingsBackend: - """ - Authenticate against vars in settings.py Use the login name, and a hash - of the password. - - ADMIN_LOGIN = 'admin' - ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' - """ - def authenticate(self, username=None, password=None): - login_valid = (settings.ADMIN_LOGIN == username) - pwd_valid = check_password(password, settings.ADMIN_PASSWORD) - if login_valid and pwd_valid: - # TODO: This should be abstracted out someplace else. - try: - user = User.objects.get(username=username) - except User.DoesNotExist: - user = User(username=username, password='') - user.is_staff = True - user.is_superuser = True - user.save() - return user - return None - - def get_user(self, user_id): - try: - return User.objects.get(pk=user_id) - except User.DoesNotExist: - return None - class ModelBackend: """ Authenticate against django.contrib.auth.models.User diff --git a/docs/authentication.txt b/docs/authentication.txt index 668ca10247..8cedeefedf 100644 --- a/docs/authentication.txt +++ b/docs/authentication.txt @@ -661,12 +661,44 @@ are valid, it should return a user object that matches those credentials. The Django admin system is tightly coupled to the Django User object described at the beginning of this document. For now, the best way to deal with this is to create a Django User object for each user that exists for your backend -(i.e. in your ldap directory, your external sql database, etc.) You can either +(i.e. in your LDAP directory, your external SQL database, etc.) You can either write a script to do this in advance, or your ``authenticate`` method can do -it the first time a user logs in. -`django.contrib.auth.backends.SettingsBackend`_ is an example of the latter -approach. Note that you don't have to save a user's password in the Django -User object. Your backend can still check the password against an external -source, and return a Django User object. +it the first time a user logs in. Here's an example backend that +authenticates against a username and password variable defined in your +``settings.py`` file and creates a Django user object the first time they +authenticate:: + +from django.conf import settings +from django.contrib.auth.models import User, check_password + +class SettingsBackend: + """ + Authenticate against vars in settings.py Use the login name, and a hash + of the password. For example: + + ADMIN_LOGIN = 'admin' + ADMIN_PASSWORD = 'sha1$4e987$afbcf42e21bd417fb71db8c66b321e9fc33051de' + """ + def authenticate(self, username=None, password=None): + login_valid = (settings.ADMIN_LOGIN == username) + pwd_valid = check_password(password, settings.ADMIN_PASSWORD) + if login_valid and pwd_valid: + try: + user = User.objects.get(username=username) + except User.DoesNotExist: + # Create a new user. Note that we can set password to anything + # as it won't be checked, the password from settings.py will. + user = User(username=username, password='get from settings.py') + user.is_staff = True + user.is_superuser = True + user.save() + return user + return None + + def get_user(self, user_id): + try: + return User.objects.get(pk=user_id) + except User.DoesNotExist: + return None .. _django.contrib.auth.backends.SettingsBackend: http://code.djangoproject.com/browser/django/branches/magic-removal/django/contrib/auth/backends.py