summaryrefslogtreecommitdiff
path: root/docs/authentication.txt
diff options
context:
space:
mode:
authorJustin Bronn <jbronn@gmail.com>2007-08-26 01:10:53 +0000
committerJustin Bronn <jbronn@gmail.com>2007-08-26 01:10:53 +0000
commit2052b508eb92c62fc0678efd4936c5ec1e0e735b (patch)
treee510109b74b28c8ccef5f6955727cb9dce3da655 /docs/authentication.txt
parenta7297a255f4bb86f608ea251e00253d18c31d9d4 (diff)
gis: Made necessary modifications for unicode, manage refactor, backend refactor and merged 5584-6000 via svnmerge from [repos:django/trunk trunk].
git-svn-id: http://code.djangoproject.com/svn/django/branches/gis@6018 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/authentication.txt')
-rw-r--r--docs/authentication.txt33
1 files changed, 24 insertions, 9 deletions
diff --git a/docs/authentication.txt b/docs/authentication.txt
index efe4d47513..7860b59d7d 100644
--- a/docs/authentication.txt
+++ b/docs/authentication.txt
@@ -99,7 +99,7 @@ custom methods:
should prefer using ``is_authenticated()`` to this method.
* ``is_authenticated()`` -- Always returns ``True``. This is a way to
- tell if the user has been authenticated. This does not imply any
+ tell if the user has been authenticated. This does not imply any
permissions, and doesn't check if the user is active - it only indicates
that the user has provided a valid username and password.
@@ -114,6 +114,18 @@ custom methods:
string is the correct password for the user. (This takes care of the
password hashing in making the comparison.)
+ * ``set_unusable_password()`` -- **New in Django development version.**
+ Marks the user as having no password set. This isn't the same as having
+ a blank string for a password. ``check_password()`` for this user will
+ never return ``True``. Doesn't save the ``User`` object.
+
+ You may need this if authentication for your application takes place
+ against an existing external source such as an LDAP directory.
+
+ * ``has_usable_password()`` -- **New in Django development version.**
+ Returns ``False`` if ``set_unusable_password()`` has been called for this
+ user.
+
* ``get_group_permissions()`` -- Returns a list of permission strings that
the user has, through his/her groups.
@@ -126,7 +138,7 @@ custom methods:
* ``has_perms(perm_list)`` -- Returns ``True`` if the user has each of the
specified permissions, where each perm is in the format
- ``"package.codename"``. If the user is inactive, this method will
+ ``"package.codename"``. If the user is inactive, this method will
always return ``False``.
* ``has_module_perms(package_name)`` -- Returns ``True`` if the user has
@@ -152,9 +164,11 @@ Manager functions
The ``User`` model has a custom manager that has the following helper functions:
- * ``create_user(username, email, password)`` -- Creates, saves and returns
- a ``User``. The ``username``, ``email`` and ``password`` are set as
- given, and the ``User`` gets ``is_active=True``.
+ * ``create_user(username, email, password=None)`` -- Creates, saves and
+ returns a ``User``. The ``username``, ``email`` and ``password`` are set
+ as given, and the ``User`` gets ``is_active=True``.
+
+ If no password is provided, ``set_unusable_password()`` will be called.
See _`Creating users` for example usage.
@@ -220,7 +234,7 @@ the setting and checking of these values behind the scenes.
Previous Django versions, such as 0.90, used simple MD5 hashes without password
salts. For backwards compatibility, those are still supported; they'll be
-converted automatically to the new style the first time ``check_password()``
+converted automatically to the new style the first time ``User.check_password()``
works correctly for a given user.
Anonymous users
@@ -422,7 +436,10 @@ template context variables:
* ``next``: The URL to redirect to after successful login. This may contain
a query string, too.
* ``site_name``: The name of the current ``Site``, according to the
- ``SITE_ID`` setting. See the `site framework docs`_.
+ ``SITE_ID`` setting. If you're using the Django development version and
+ you don't have the site framework installed, this will be set to the
+ value of ``request.META['SERVER_NAME']``. For more on sites, see the
+ `site framework docs`_.
If you'd prefer not to call the template ``registration/login.html``, you can
pass the ``template_name`` parameter via the extra arguments to the view in
@@ -661,8 +678,6 @@ Example in Python 2.4 syntax::
The permission_required decorator
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-**New in Django development version**
-
It's a relatively common task to check whether a user has a particular
permission. For that reason, Django provides a shortcut for that case: the
``permission_required()`` decorator. Using this decorator, the earlier example