#27542: Testclients force_login should be smarter about which authentication
backend is used
---------------------------------------------+------------------------
Reporter: Tom | Owner: nobody
Type: New feature | Status: new
Component: Testing framework | Version: 1.10
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
---------------------------------------------+------------------------
In the current code if no `backend` is passed to the
TestClient.force_login it simply uses the first one:
https://github.com/django/django/blob/master/django/test/client.py#L635
I think this could be improved. Libraries like `django-rules` are
implemented as an authentication backend but don't implement a `get_user`
method. This leads to confusing errors, as described in this ticket:
https://github.com/dfunckt/django-rules/issues/46
Perhaps rather than doing `backend = settings.AUTHENTICATION_BACKENDS[0]`
it could filter out backends that don't implement a `get_user` method, or
follow the usual chain of authentication backends (i.e skipping ones that
return None)?
--
Ticket URL: <https://code.djangoproject.com/ticket/27542>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/046.26267016952909b44cbba502609a016f%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.
