I suggest adding __bool__() method returning False to the AnonymousUser 
class.

This way it'll be possible to check if the user is authenticated by simply 
writing "if request.user:"

It's a frequent source of bugs (at least for me, but probably I'm not 
alone) that right now this code returns True for anonymous users. If 
unnoticed, such bugs can also lead to security issues.

Related ticket: https://code.djangoproject.com/ticket/28259

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers  (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-developers+unsubscr...@googlegroups.com.
To post to this group, send email to django-developers@googlegroups.com.
Visit this group at https://groups.google.com/group/django-developers.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-developers/065eb9a5-d935-466d-a301-d7de87e6fbb0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to