#25030: The /admin/login/ should observe external authentication even when it appears in POST ------------------------------+------------------------------------ Reporter: adelton | Owner: nobody Type: New feature | Status: new Component: contrib.auth | Version: master Severity: Normal | Resolution: Keywords: | Triage Stage: Accepted Has patch: 1 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 1 Easy pickings: 0 | UI/UX: 0 ------------------------------+------------------------------------
Comment (by carljm): It looks to me like this could also be addressed by using a custom AdminSite, overriding the login method, and doing a non-method-specific check for if the user is authenticated in the wrapper. I don't think the method check should be removed from the default implementation. An incoming POST should be treated as a login attempt, not redirected if the user is already authenticated. The current implementation handles the by far most common case correctly out of the box, and makes it possible to meet unusual requirements with a bit of custom code. That's the most that can be asked of a framework. I think this ticket should be closed with no changes to Django. -- Ticket URL: <https://code.djangoproject.com/ticket/25030#comment:8> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-updates+unsubscr...@googlegroups.com. To post to this group, send email to django-updates@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-updates/065.c43a7f11e9416c667a344ae040decd92%40djangoproject.com. For more options, visit https://groups.google.com/d/optout.