Author: lukeplant
Date: 2009-10-12 10:32:24 -0500 (Mon, 12 Oct 2009)
New Revision: 11618
Modified:
django/trunk/django/contrib/auth/views.py
django/trunk/docs/topics/auth.txt
Log:
Fixed #8274 - allow custom forms for auth 'login' and 'password_change' views
Thanks to julien for the suggestion and patch, and SmileyChris for work on the
patch.
Modified: django/trunk/django/contrib/auth/views.py
===================================================================
--- django/trunk/django/contrib/auth/views.py 2009-10-12 10:16:17 UTC (rev
11617)
+++ django/trunk/django/contrib/auth/views.py 2009-10-12 15:32:24 UTC (rev
11618)
@@ -14,11 +14,13 @@
from django.contrib.auth.models import User
from django.views.decorators.cache import never_cache
-def login(request, template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME):
+def login(request, template_name='registration/login.html',
+ redirect_field_name=REDIRECT_FIELD_NAME,
+ authentication_form=AuthenticationForm):
"Displays the login form and handles the login action."
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
- form = AuthenticationForm(data=request.POST)
+ form = authentication_form(data=request.POST)
if form.is_valid():
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
@@ -29,7 +31,7 @@
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
- form = AuthenticationForm(request)
+ form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
@@ -137,7 +139,7 @@
else:
context_instance['validlink'] = False
form = None
- context_instance['form'] = form
+ context_instance['form'] = form
return render_to_response(template_name, context_instance=context_instance)
def password_reset_complete(request,
template_name='registration/password_reset_complete.html'):
@@ -145,16 +147,16 @@
{'login_url': settings.LOGIN_URL}))
def password_change(request,
template_name='registration/password_change_form.html',
- post_change_redirect=None):
+ post_change_redirect=None,
password_change_form=PasswordChangeForm):
if post_change_redirect is None:
post_change_redirect =
reverse('django.contrib.auth.views.password_change_done')
if request.method == "POST":
- form = PasswordChangeForm(request.user, request.POST)
+ form = password_change_form(user=request.user, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(post_change_redirect)
else:
- form = PasswordChangeForm(request.user)
+ form = password_change_form(user=request.user)
return render_to_response(template_name, {
'form': form,
}, context_instance=RequestContext(request))
Modified: django/trunk/docs/topics/auth.txt
===================================================================
--- django/trunk/docs/topics/auth.txt 2009-10-12 10:16:17 UTC (rev 11617)
+++ django/trunk/docs/topics/auth.txt 2009-10-12 15:32:24 UTC (rev 11618)
@@ -262,8 +262,8 @@
Creates, saves and returns a :class:`~django.contrib.auth.models.User`.
The :attr:`~django.contrib.auth.models.User.username`,
:attr:`~django.contrib.auth.models.User.email` and
- :attr:`~django.contrib.auth.models.User.password` are set as given, and
- the :class:`~django.contrib.auth.models.User` gets ``is_active=True``.
+ :attr:`~django.contrib.auth.models.User.password` are set as given,
and the
+ :class:`~django.contrib.auth.models.User` gets ``is_active=True``.
If no password is provided,
:meth:`~django.contrib.auth.models.User.set_unusable_password()` will
@@ -705,7 +705,7 @@
(r'^accounts/login/$', 'django.contrib.auth.views.login'),
-.. function:: views.login(request, [template_name, redirect_field_name])
+.. function:: views.login(request, [template_name, redirect_field_name,
authentication_form])
Here's what ``django.contrib.auth.views.login`` does:
@@ -785,6 +785,15 @@
{% endblock %}
+ .. versionadded:: 1.2
+
+ If you are using alternate authentication (see
+ :ref:`authentication-backends`) you can pass a custom authentication form
+ to the login view via the ``authentication_form`` parameter. This form must
+ accept a ``request`` keyword argument in its ``__init__`` method, and
+ provide a ``get_user`` argument which returns the authenticated user object
+ (this method is only ever called after successful form validation).
+
.. _forms documentation: ../forms/
.. _site framework docs: ../sites/
@@ -824,7 +833,7 @@
* ``login_url``: The URL of the login page to redirect to. This will
default to :setting:`settings.LOGIN_URL <LOGIN_URL>` if not supplied.
-.. function:: views.password_change(request[, template_name,
post_change_redirect])
+.. function:: views.password_change(request[, template_name,
post_change_redirect, password_change_form])
Allows a user to change their password.
@@ -837,6 +846,13 @@
* ``post_change_redirect``: The URL to redirect to after a successful
password change.
+ * .. versionadded:: 1.2
+
+ ``password_change_form``: A custom "change password" form which must
+ accept a ``user`` keyword argument. The form is responsible for
+ actually changing the user's password.
+
+
**Template context:**
* ``form``: The password change form.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
