From cd7554e5517992d5ca2594ffc936cb193daab26c Mon Sep 17 00:00:00 2001
From: Xinyi Rong <Lizard.rar@gmail.com>
Date: Tue, 19 Aug 2025 02:13:19 -0700
Subject: [PATCH] Fixed #36561 -- Used request.auser() in
 contrib.auth.aupdate_session_auth_hash().

---
 django/contrib/auth/__init__.py | 2 +-
 tests/async/test_async_auth.py  | 6 +++++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/django/contrib/auth/__init__.py b/django/contrib/auth/__init__.py
index b8011c832f..c738a2b07a 100644
--- a/django/contrib/auth/__init__.py
+++ b/django/contrib/auth/__init__.py
@@ -408,5 +408,5 @@ def update_session_auth_hash(request, user):
 async def aupdate_session_auth_hash(request, user):
     """See update_session_auth_hash()."""
     await request.session.acycle_key()
-    if hasattr(user, "get_session_auth_hash") and request.user == user:
+    if hasattr(user, "get_session_auth_hash") and await request.auser() == user:
         await request.session.aset(HASH_SESSION_KEY, user.get_session_auth_hash())
diff --git a/tests/async/test_async_auth.py b/tests/async/test_async_auth.py
index 3d5a6b678d..94c5f2ddb4 100644
--- a/tests/async/test_async_auth.py
+++ b/tests/async/test_async_auth.py
@@ -143,7 +143,11 @@ class AsyncAuthTest(TestCase):
         await self.client.alogin(username="testuser", password="testpw")
         request = HttpRequest()
         request.session = await self.client.asession()
-        request.user = self.test_user
+
+        async def auser():
+            return self.test_user
+
+        request.auser = auser
         await aupdate_session_auth_hash(request, self.test_user)
         user = await aget_user(request)
         self.assertIsInstance(user, User)