Fixed #36561 -- Used request.auser() in contrib.auth.aupdate_session_auth_hash().

2025-10-24 22:26:08 +00:00 · 2025-08-19 02:13:19 -07:00
parent bcddf641ae
commit cd7554e551
2 changed files with 6 additions and 2 deletions
--- a/django/contrib/auth/init.py
+++ b/django/contrib/auth/init.py
@@ -408,5 +408,5 @@ def update_session_auth_hash(request, user):
 async def aupdate_session_auth_hash(request, user):
    """See update_session_auth_hash()."""
    await request.session.acycle_key()
-    if hasattr(user, "get_session_auth_hash") and request.user == user:
+    if hasattr(user, "get_session_auth_hash") and await request.auser() == user:
        await request.session.aset(HASH_SESSION_KEY, user.get_session_auth_hash())
--- a/tests/async/test_async_auth.py
+++ b/tests/async/test_async_auth.py
@@ -143,7 +143,11 @@ class AsyncAuthTest(TestCase):
        await self.client.alogin(username="testuser", password="testpw")
        request = HttpRequest()
        request.session = await self.client.asession()
-        request.user = self.test_user
+
+        async def auser():
+            return self.test_user
+
+        request.auser = auser
        await aupdate_session_auth_hash(request, self.test_user)
        user = await aget_user(request)
        self.assertIsInstance(user, User)