#25030: The /admin/login/ should observe external authentication even when it
appears in POST
------------------------------+------------------------------------
Reporter: adelton | Owner: nobody
Type: New feature | Status: new
Component: contrib.auth | Version: master
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Easy pickings: 0 | UI/UX: 0
------------------------------+------------------------------------
Comment (by carljm):
It looks to me like this could also be addressed by using a custom
AdminSite, overriding the login method, and doing a non-method-specific
check for if the user is authenticated in the wrapper.
I don't think the method check should be removed from the default
implementation. An incoming POST should be treated as a login attempt, not
redirected if the user is already authenticated.
The current implementation handles the by far most common case correctly
out of the box, and makes it possible to meet unusual requirements with a
bit of custom code. That's the most that can be asked of a framework.
I think this ticket should be closed with no changes to Django.
--
Ticket URL: <https://code.djangoproject.com/ticket/25030#comment:8>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/065.c43a7f11e9416c667a344ae040decd92%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
