summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPreston Holmes <preston@ptone.com>2013-02-23 15:25:05 -0800
committerPreston Holmes <preston@ptone.com>2013-02-23 15:28:49 -0800
commit22d82a7742c3b091857fda8612273360459110ee (patch)
treea88ac23e47bcf9aeca2dd3546ccec3a7dd13e246
parent9d2c0a0ae6ce931699daa87735d5b8b2afaa20f9 (diff)
Fixed #15198 -- pass request to AuthenticationForm
Thanks to Ciantic for the report, claudep and slurms for initial work
-rw-r--r--django/contrib/auth/forms.py6
-rw-r--r--django/contrib/auth/tests/urls.py14
-rw-r--r--django/contrib/auth/tests/views.py8
-rw-r--r--django/contrib/auth/views.py2
4 files changed, 23 insertions, 7 deletions
diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py
index f3ad655c65..42abde2f19 100644
--- a/django/contrib/auth/forms.py
+++ b/django/contrib/auth/forms.py
@@ -160,10 +160,8 @@ class AuthenticationForm(forms.Form):
def __init__(self, request=None, *args, **kwargs):
"""
- If request is passed in, the form will validate that cookies are
- enabled. Note that the request (a HttpRequest object) must have set a
- cookie with the key TEST_COOKIE_NAME and value TEST_COOKIE_VALUE before
- running this validation.
+ The 'request' parameter is set for custom auth use by subclasses.
+ The form data comes in via the standard 'data' kwarg.
"""
self.request = request
self.user_cache = None
diff --git a/django/contrib/auth/tests/urls.py b/django/contrib/auth/tests/urls.py
index 4b498ceaf0..51b05be648 100644
--- a/django/contrib/auth/tests/urls.py
+++ b/django/contrib/auth/tests/urls.py
@@ -1,14 +1,20 @@
from django.conf.urls import patterns, url
from django.contrib.auth import context_processors
+from django.contrib.auth.forms import AuthenticationForm
from django.contrib.auth.urls import urlpatterns
-from django.contrib.auth.views import password_reset
+from django.contrib.auth.views import password_reset, login
from django.contrib.auth.decorators import login_required
from django.contrib.messages.api import info
-from django.http import HttpResponse
+from django.http import HttpResponse, HttpRequest
from django.shortcuts import render_to_response
from django.template import Template, RequestContext
from django.views.decorators.cache import never_cache
+class CustomRequestAuthenticationForm(AuthenticationForm):
+ def __init__(self, request, *args, **kwargs):
+ assert isinstance(request, HttpRequest)
+ super(CustomRequestAuthenticationForm, self).__init__(request, *args, **kwargs)
+
@never_cache
def remote_user_auth_view(request):
"Dummy view for remote user tests"
@@ -49,6 +55,9 @@ def auth_processor_messages(request):
def userpage(request):
pass
+def custom_request_auth_login(request):
+ return login(request, authentication_form=CustomRequestAuthenticationForm)
+
# special urls for auth test cases
urlpatterns = urlpatterns + patterns('',
(r'^logout/custom_query/$', 'django.contrib.auth.views.logout', dict(redirect_field_name='follow')),
@@ -65,6 +74,7 @@ urlpatterns = urlpatterns + patterns('',
(r'^auth_processor_perms/$', auth_processor_perms),
(r'^auth_processor_perm_in_perms/$', auth_processor_perm_in_perms),
(r'^auth_processor_messages/$', auth_processor_messages),
+ (r'^custom_request_auth_login/$', custom_request_auth_login),
url(r'^userpage/(.+)/$', userpage, name="userpage"),
)
diff --git a/django/contrib/auth/tests/views.py b/django/contrib/auth/tests/views.py
index b41c7198f5..ee1b18d038 100644
--- a/django/contrib/auth/tests/views.py
+++ b/django/contrib/auth/tests/views.py
@@ -365,6 +365,14 @@ class LoginTest(AuthViewsTestCase):
self.assertTrue(good_url in response.url,
"%s should be allowed" % good_url)
+ def test_login_form_contains_request(self):
+ # 15198
+ response = self.client.post('/custom_requestauth_login/', {
+ 'username': 'testclient',
+ 'password': 'password',
+ }, follow=True)
+ # the custom authentication form used by this login asserts
+ # that a request is passed to the form successfully.
@skipIfCustomUser
class LoginURLSettings(AuthViewsTestCase):
diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
index c9f53f1956..8a554b0ad8 100644
--- a/django/contrib/auth/views.py
+++ b/django/contrib/auth/views.py
@@ -35,7 +35,7 @@ def login(request, template_name='registration/login.html',
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
- form = authentication_form(data=request.POST)
+ form = authentication_form(request, data=request.POST)
if form.is_valid():
# Ensure the user-originating redirection url is safe.