mirror of
				https://github.com/django/django.git
				synced 2025-10-25 22:56:12 +00:00 
			
		
		
		
	Fixed #26343 -- Sent user_login_failed signal if an auth backend raises PermissionDenied.
This commit is contained in:
		| @@ -74,7 +74,7 @@ def authenticate(**credentials): | |||||||
|             user = backend.authenticate(**credentials) |             user = backend.authenticate(**credentials) | ||||||
|         except PermissionDenied: |         except PermissionDenied: | ||||||
|             # This backend says to stop in our tracks - this user should not be allowed in at all. |             # This backend says to stop in our tracks - this user should not be allowed in at all. | ||||||
|             return None |             break | ||||||
|         if user is None: |         if user is None: | ||||||
|             continue |             continue | ||||||
|         # Annotate the user object with the path of the backend. |         # Annotate the user object with the path of the backend. | ||||||
|   | |||||||
| @@ -3,7 +3,7 @@ from __future__ import unicode_literals | |||||||
| from datetime import date | from datetime import date | ||||||
|  |  | ||||||
| from django.contrib.auth import ( | from django.contrib.auth import ( | ||||||
|     BACKEND_SESSION_KEY, SESSION_KEY, authenticate, get_user, |     BACKEND_SESSION_KEY, SESSION_KEY, authenticate, get_user, signals, | ||||||
| ) | ) | ||||||
| from django.contrib.auth.backends import ModelBackend | from django.contrib.auth.backends import ModelBackend | ||||||
| from django.contrib.auth.hashers import MD5PasswordHasher | from django.contrib.auth.hashers import MD5PasswordHasher | ||||||
| @@ -475,12 +475,21 @@ class PermissionDeniedBackendTest(TestCase): | |||||||
|  |  | ||||||
|     def setUp(self): |     def setUp(self): | ||||||
|         self.user1 = User.objects.create_user('test', 'test@example.com', 'test') |         self.user1 = User.objects.create_user('test', 'test@example.com', 'test') | ||||||
|         self.user1.save() |         self.user_login_failed = [] | ||||||
|  |         signals.user_login_failed.connect(self.user_login_failed_listener) | ||||||
|  |  | ||||||
|  |     def tearDown(self): | ||||||
|  |         signals.user_login_failed.disconnect(self.user_login_failed_listener) | ||||||
|  |  | ||||||
|  |     def user_login_failed_listener(self, sender, credentials, **kwargs): | ||||||
|  |         self.user_login_failed.append(credentials) | ||||||
|  |  | ||||||
|     @modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend}) |     @modify_settings(AUTHENTICATION_BACKENDS={'prepend': backend}) | ||||||
|     def test_permission_denied(self): |     def test_permission_denied(self): | ||||||
|         "user is not authenticated after a backend raises permission denied #2550" |         "user is not authenticated after a backend raises permission denied #2550" | ||||||
|         self.assertEqual(authenticate(username='test', password='test'), None) |         self.assertEqual(authenticate(username='test', password='test'), None) | ||||||
|  |         # user_login_failed signal is sent. | ||||||
|  |         self.assertEqual(self.user_login_failed, [{'password': '********************', 'username': 'test'}]) | ||||||
|  |  | ||||||
|     @modify_settings(AUTHENTICATION_BACKENDS={'append': backend}) |     @modify_settings(AUTHENTICATION_BACKENDS={'append': backend}) | ||||||
|     def test_authenticates(self): |     def test_authenticates(self): | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user