mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed #35530 -- Deprecated request.user fallback in auth.login and auth.alogin.

Browse Source
This commit is contained in:
Jaap Roes
2024-11-28 14:42:59 +01:00
committed by Sarah Boyce
parent 28b9b8d6d9
commit ceecd518b1
5 changed files with 129 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
django/contrib/auth/__init__.py
View File

@@ -1,11 +1,13 @@
import inspect
import re
import warnings
from django.apps import apps as django_apps
from django.conf import settings
from django.core.exceptions import ImproperlyConfigured, PermissionDenied
from django.middleware.csrf import rotate_token
from django.utils.crypto import constant_time_compare
from django.utils.deprecation import RemovedInDjango61Warning
from django.utils.module_loading import import_string
from django.views.decorators.debug import sensitive_variables
@@ -154,9 +156,19 @@ def login(request, user, backend=None):
have to reauthenticate on every request. Note that data set during
the anonymous session is retained when the user logs in.
"""
# RemovedInDjango61Warning: When the deprecation ends, replace with:
# session_auth_hash = user.get_session_auth_hash()
session_auth_hash = ""
# RemovedInDjango61Warning.
if user is None:
user = request.user
warnings.warn(
"Fallback to request.user when user is None will be removed.",
RemovedInDjango61Warning,
stacklevel=2,
)
# RemovedInDjango61Warning.
if hasattr(user, "get_session_auth_hash"):
session_auth_hash = user.get_session_auth_hash()
@@ -187,9 +199,18 @@ def login(request, user, backend=None):
async def alogin(request, user, backend=None):
"""See login()."""
# RemovedInDjango61Warning: When the deprecation ends, replace with:
# session_auth_hash = user.get_session_auth_hash()
session_auth_hash = ""
# RemovedInDjango61Warning.
if user is None:
warnings.warn(
"Fallback to request.user when user is None will be removed.",
RemovedInDjango61Warning,
stacklevel=2,
)
user = await request.auser()
# RemovedInDjango61Warning.
if hasattr(user, "get_session_auth_hash"):
session_auth_hash = user.get_session_auth_hash()