[Django] #34408: Authorization in Custom Authentication Backend does not work

6 views
Skip to first unread message

Django

unread,
Mar 11, 2023, 1:40:25 PM3/11/23
to django-...@googlegroups.com
#34408: Authorization in Custom Authentication Backend does not work
-------------------------------------+-------------------------------------
Reporter: | Owner: nobody
vivekthedev |
Type: Bug | Status: new
Component: | Version: 4.1
contrib.auth | Keywords: authentication,
Severity: Normal | authorization
Triage Stage: | Has patch: 0
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 1
UI/UX: 0 |
-------------------------------------+-------------------------------------
I was experimenting with `has_perm` and `user_can_authenticate` functions
in my custom authentication backend when I found out these function aren't
even executing during the Authentication process. I tries putting print
statements but there was no output in the log screen. I also tried using
example suggested in Django Documentation
(https://docs.djangoproject.com/en/4.1/topics/auth/customizing/#handling-
authorization-in-custom-backends) but it still didn't work.

Here is my code:

backends.py
```
class EmailBackend(BaseBackend):
def authenticate(self, request, username=None, password=None):
try:
user = User.objects.get(email=username)
if user.check_password(password):
return user
return None
except User.DoesNotExist:
return None


def get_user(self, user_id):
try:
return User.objects.get(pk=user_id)

except User.DoesNotExist:
return None

def has_perm(self, user_obj, perm, obj=None):
print("hello")
return True

```

and logs

```
[12/Mar/2023 00:01:05] "GET /login HTTP/1.1" 200 861
[12/Mar/2023 00:01:16] "POST /login HTTP/1.1" 302 0
[12/Mar/2023 00:01:16] "GET / HTTP/1.1" 200 370
```

as you can see there was no output saying "hello".
please explain what is the use of has_perm and other authorization
functions in django anyway.

--
Ticket URL: <https://code.djangoproject.com/ticket/34408>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

Django

unread,
Mar 11, 2023, 3:27:20 PM3/11/23
to django-...@googlegroups.com
#34408: Authorization in Custom Authentication Backend does not work
-------------------------------------+-------------------------------------
Reporter: Vivek Kumar Singh | Owner: nobody
Type: Bug | Status: closed
Component: contrib.auth | Version: 4.1
Severity: Normal | Resolution: invalid
Keywords: authentication, | Triage Stage:
authorization | Unreviewed
Has patch: 0 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 1 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Tim Graham):

* status: new => closed
* resolution: => invalid


Old description:

New description:

I was experimenting with `has_perm` and `user_can_authenticate` functions
in my custom authentication backend when I found out these function aren't
even executing during the Authentication process. I tries putting print
statements but there was no output in the log screen. I also tried using
example suggested in Django Documentation
(https://docs.djangoproject.com/en/4.1/topics/auth/customizing/#handling-
authorization-in-custom-backends) but it still didn't work.

Here is my code:

{{{#!python

except User.DoesNotExist:
return None

and logs

--

Comment:

This looks like a lack of understanding rather than a bug report. Please
spend more time reading the code and documentation to understand how it
works. After that, if you have a specific documentation enhancement
proposal, feel free to offer it.

--
Ticket URL: <https://code.djangoproject.com/ticket/34408#comment:1>

Reply all
Reply to author
Forward
0 new messages