Skip to content

Provide django.contrib.auth.authenticate() with a request for compatibiity with more backends. #949

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Mar 22, 2021
Merged

Provide django.contrib.auth.authenticate() with a request for compatibiity with more backends. #949

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b12a0f7
Provide django.contrib.auth.authenticate() with a request for
ShaheedHaque Mar 22, 2021
eccad46
Update CHANGELOG.md and AUTHORS.
ShaheedHaque Mar 22, 2021
2989685
Avoid reduction in code coverage using inline code.
ShaheedHaque Mar 22, 2021
c2580d3
Update CHANGELOG.md
n2ygk Mar 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions AUTHORS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,3 +50,4 @@ Rustem Saiargaliev
Jadiel Teófilo
pySilver
Łukasz Skarżyński
Shaheed Haque
11 changes: 9 additions & 2 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Security
-->

## [1.5.0] 2021-03-18
## [unreleased]

### Added
* #915 Add optional OpenID Connect support.
* #712, #636, #808. Calls to `django.contrib.auth.authenticate()` now pass a `request`
to provide compatibility with backends that need one.

### Fixed
* #524 Restrict usage of timezone aware expire dates to Django projects with USE_TZ set to True.

## [1.5.0] 2021-03-18

### Added
* #915 Add optional OpenID Connect support.

### Changed
* #942 Help via defunct Google group replaced with using GitHub issues

Expand Down
11 changes: 10 additions & 1 deletion oauth2_provider/oauth2_validators.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
from django.core.exceptions import ObjectDoesNotExist
from django.db import transaction
from django.db.models import Q
from django.http import HttpRequest
from django.utils import dateformat, timezone
from django.utils.timezone import make_aware
from django.utils.translation import gettext_lazy as _
Expand Down Expand Up @@ -664,7 +665,15 @@ def validate_user(self, username, password, client, request, *args, **kwargs):
"""
Check username and password correspond to a valid and active User
"""
u = authenticate(username=username, password=password)
# Passing the optional HttpRequest adds compatibility for backends
# which depend on its presence. Create one with attributes likely
# to be used.
http_request = HttpRequest()
http_request.path = request.uri
http_request.method = request.http_method
getattr(http_request, request.http_method).update(dict(request.decoded_body))
http_request.META = request.headers
u = authenticate(http_request, username=username, password=password)
if u is not None and u.is_active:
request.user = u
return True
Expand Down