summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorAdrian Torres <atorresj@redhat.com>2022-03-04 11:04:07 +0100
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2022-03-10 12:57:19 +0100
commitd90e34c61b27fba2527834806639eebbcfab9631 (patch)
treeccabe70ea9bdea8e14b5b878f3608365873ceb46 /docs
parent67b5f506a600a54658405cf821c14ada4080e61f (diff)
Fixed #33561 -- Allowed synchronization of user attributes in RemoteUserBackend.
Diffstat (limited to 'docs')
-rw-r--r--docs/internals/deprecation.txt3
-rw-r--r--docs/ref/contrib/auth.txt20
-rw-r--r--docs/releases/4.1.txt7
3 files changed, 25 insertions, 5 deletions
diff --git a/docs/internals/deprecation.txt b/docs/internals/deprecation.txt
index 11f69b1844..2c85eafc85 100644
--- a/docs/internals/deprecation.txt
+++ b/docs/internals/deprecation.txt
@@ -87,6 +87,9 @@ details on these changes.
* Passing unsaved model instances to related filters will no longer be allowed.
+* ``created=True`` will be required in the signature of
+ ``RemoteUserBackend.configure_user()`` subclasses.
+
.. _deprecation-removed-in-4.1:
4.1
diff --git a/docs/ref/contrib/auth.txt b/docs/ref/contrib/auth.txt
index 40c3c84e75..abcf3905c9 100644
--- a/docs/ref/contrib/auth.txt
+++ b/docs/ref/contrib/auth.txt
@@ -649,17 +649,27 @@ The following backends are available in :mod:`django.contrib.auth.backends`:
information) prior to using it to get or create a user object. Returns
the cleaned username.
- .. method:: configure_user(request, user)
+ .. method:: configure_user(request, user, created=True)
- Configures a newly created user. This method is called immediately
- after a new user is created, and can be used to perform custom setup
- actions, such as setting the user's groups based on attributes in an
- LDAP directory. Returns the user object.
+ Configures the user on each authentication attempt. This method is
+ called immediately after fetching or creating the user being
+ authenticated, and can be used to perform custom setup actions, such as
+ setting the user's groups based on attributes in an LDAP directory.
+ Returns the user object.
+
+ The setup can be performed either once when the user is created
+ (``created`` is ``True``) or on existing users (``created`` is
+ ``False``) as a way of synchronizing attributes between the remote and
+ the local systems.
``request`` is an :class:`~django.http.HttpRequest` and may be ``None``
if it wasn't provided to :func:`~django.contrib.auth.authenticate`
(which passes it on to the backend).
+ .. versionchanged:: 4.1
+
+ The ``created`` argument was added.
+
.. method:: user_can_authenticate()
Returns whether the user is allowed to authenticate. This method
diff --git a/docs/releases/4.1.txt b/docs/releases/4.1.txt
index 72c1c15c7a..9dff4784cb 100644
--- a/docs/releases/4.1.txt
+++ b/docs/releases/4.1.txt
@@ -74,6 +74,9 @@ Minor features
* The default iteration count for the PBKDF2 password hasher is increased from
320,000 to 390,000.
+* The :meth:`.RemoteUserBackend.configure_user` method now allows synchronizing
+ user attributes with attributes in a remote system such as an LDAP directory.
+
:mod:`django.contrib.contenttypes`
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -493,6 +496,10 @@ Miscellaneous
* Passing unsaved model instances to related filters is deprecated. In Django
5.0, the exception will be raised.
+* ``created=True`` is added to the signature of
+ :meth:`.RemoteUserBackend.configure_user`. Support for ``RemoteUserBackend``
+ subclasses that do not accept this argument is deprecated.
+
Features removed in 4.1
=======================