diff options
| author | Justin Bronn <jbronn@gmail.com> | 2007-08-26 01:10:53 +0000 |
|---|---|---|
| committer | Justin Bronn <jbronn@gmail.com> | 2007-08-26 01:10:53 +0000 |
| commit | 2052b508eb92c62fc0678efd4936c5ec1e0e735b (patch) | |
| tree | e510109b74b28c8ccef5f6955727cb9dce3da655 /docs/authentication.txt | |
| parent | a7297a255f4bb86f608ea251e00253d18c31d9d4 (diff) | |
gis: Made necessary modifications for unicode, manage refactor, backend refactor and merged 5584-6000 via svnmerge from [repos:django/trunk trunk].
git-svn-id: http://code.djangoproject.com/svn/django/branches/gis@6018 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/authentication.txt')
| -rw-r--r-- | docs/authentication.txt | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/docs/authentication.txt b/docs/authentication.txt index efe4d47513..7860b59d7d 100644 --- a/docs/authentication.txt +++ b/docs/authentication.txt @@ -99,7 +99,7 @@ custom methods: should prefer using ``is_authenticated()`` to this method. * ``is_authenticated()`` -- Always returns ``True``. This is a way to - tell if the user has been authenticated. This does not imply any + tell if the user has been authenticated. This does not imply any permissions, and doesn't check if the user is active - it only indicates that the user has provided a valid username and password. @@ -114,6 +114,18 @@ custom methods: string is the correct password for the user. (This takes care of the password hashing in making the comparison.) + * ``set_unusable_password()`` -- **New in Django development version.** + Marks the user as having no password set. This isn't the same as having + a blank string for a password. ``check_password()`` for this user will + never return ``True``. Doesn't save the ``User`` object. + + You may need this if authentication for your application takes place + against an existing external source such as an LDAP directory. + + * ``has_usable_password()`` -- **New in Django development version.** + Returns ``False`` if ``set_unusable_password()`` has been called for this + user. + * ``get_group_permissions()`` -- Returns a list of permission strings that the user has, through his/her groups. @@ -126,7 +138,7 @@ custom methods: * ``has_perms(perm_list)`` -- Returns ``True`` if the user has each of the specified permissions, where each perm is in the format - ``"package.codename"``. If the user is inactive, this method will + ``"package.codename"``. If the user is inactive, this method will always return ``False``. * ``has_module_perms(package_name)`` -- Returns ``True`` if the user has @@ -152,9 +164,11 @@ Manager functions The ``User`` model has a custom manager that has the following helper functions: - * ``create_user(username, email, password)`` -- Creates, saves and returns - a ``User``. The ``username``, ``email`` and ``password`` are set as - given, and the ``User`` gets ``is_active=True``. + * ``create_user(username, email, password=None)`` -- Creates, saves and + returns a ``User``. The ``username``, ``email`` and ``password`` are set + as given, and the ``User`` gets ``is_active=True``. + + If no password is provided, ``set_unusable_password()`` will be called. See _`Creating users` for example usage. @@ -220,7 +234,7 @@ the setting and checking of these values behind the scenes. Previous Django versions, such as 0.90, used simple MD5 hashes without password salts. For backwards compatibility, those are still supported; they'll be -converted automatically to the new style the first time ``check_password()`` +converted automatically to the new style the first time ``User.check_password()`` works correctly for a given user. Anonymous users @@ -422,7 +436,10 @@ template context variables: * ``next``: The URL to redirect to after successful login. This may contain a query string, too. * ``site_name``: The name of the current ``Site``, according to the - ``SITE_ID`` setting. See the `site framework docs`_. + ``SITE_ID`` setting. If you're using the Django development version and + you don't have the site framework installed, this will be set to the + value of ``request.META['SERVER_NAME']``. For more on sites, see the + `site framework docs`_. If you'd prefer not to call the template ``registration/login.html``, you can pass the ``template_name`` parameter via the extra arguments to the view in @@ -661,8 +678,6 @@ Example in Python 2.4 syntax:: The permission_required decorator ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -**New in Django development version** - It's a relatively common task to check whether a user has a particular permission. For that reason, Django provides a shortcut for that case: the ``permission_required()`` decorator. Using this decorator, the earlier example |
