[Django] #37019: Make sync login() and logout() set request.auser if present

[Django]

#37019: Make sync login() and logout() set request.auser if present
-----------------------------+----------------------------------------
Reporter: Jacob Walls | Type: Bug
Status: new | Component: contrib.auth
Version: 5.0 | Severity: Normal
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-----------------------------+----------------------------------------
Analogous to #37017, we should make sync `logout()` clear `request.auser`
if present. If `auser` is not present, I doubt `login()` should set it,
but if it is present, it probably should be set as well.
--
Ticket URL: <https://code.djangoproject.com/ticket/37019>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

[Django]

#37019: Make sync login() and logout() set request.auser if present

------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:

Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

------------------------------+--------------------------------------
Changes (by Vishy Algo):

* owner: (none) => Vishy Algo
* status: new => assigned

--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:1>

[Django]

#37019: Make sync login() and logout() set request.auser if present
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:

Keywords: | Triage Stage: Accepted

Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------

Changes (by Sarah Boyce):

* stage: Unreviewed => Accepted

Comment:

Regression tests from the PR discussion if useful

{{{#!diff
--- a/tests/auth_tests/test_middleware.py
+++ b/tests/auth_tests/test_middleware.py
@@ -1,5 +1,7 @@
+from asgiref.sync import sync_to_async
+
from django.conf import settings
-from django.contrib.auth import REDIRECT_FIELD_NAME, alogin, alogout
+from django.contrib.auth import REDIRECT_FIELD_NAME, alogin, alogout,
login, logout
from django.contrib.auth.middleware import (
AuthenticationMiddleware,
LoginRequiredMiddleware,
@@ -68,6 +70,14 @@ class TestAuthenticationMiddleware(TestCase):
auser_second = await self.request.auser()
self.assertEqual(auser_second, self.user2)

+ async def test_auser_after_login(self):
+ self.middleware(self.request)
+ auser = await self.request.auser()
+ self.assertEqual(auser, self.user)
+ await sync_to_async(login)(self.request, self.user2)
+ auser_second = await self.request.auser()
+ self.assertEqual(auser_second, self.user2)
+
async def test_auser_after_alogout(self):
self.middleware(self.request)
auser = await self.request.auser()
@@ -76,6 +86,14 @@ class TestAuthenticationMiddleware(TestCase):
auser_second = await self.request.auser()
self.assertTrue(auser_second.is_anonymous)

+ async def test_auser_after_logout(self):
+ self.middleware(self.request)
+ auser = await self.request.auser()
+ self.assertEqual(auser, self.user)
+ await sync_to_async(logout)(self.request)
+ auser_second = await self.request.auser()
+ self.assertTrue(auser_second.is_anonymous)
+
}}}

I personally think auser may need to be set as using `sync_to_async`
should still be valid and perhaps third-party code may have sync only code
assuming things will work using `sync_to_async`. I understand in your own
project you should use `alogin` instead
--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:2>

[Django]

#37019: Make sync login() and logout() set request.auser if present
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------

Changes (by Vishy Algo):

* has_patch: 0 => 1

--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:3>

[Django]

#37019: Make sync login() and logout() set request.auser if present
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 1

Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------

Changes (by Jacob Walls):

* needs_better_patch: 0 => 1

--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:4>

[Django]

#37019: Make sync login() and logout() set request.auser if present

-------------------------------------+-------------------------------------

Reporter: Jacob Walls | Owner: Vishy

Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:

Keywords: | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0

Easy pickings: 0 | UI/UX: 0

-------------------------------------+-------------------------------------
Changes (by Jacob Walls):

* needs_better_patch: 1 => 0
* stage: Accepted => Ready for checkin

--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:5>

[Django]

#37019: Make sync login() and logout() set request.auser if present
-------------------------------------+-------------------------------------
Reporter: Jacob Walls | Owner: Vishy

Type: Bug | Status: closed
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution: fixed

Keywords: | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Changes (by Jacob Walls <jacobtylerwalls@…>):

* resolution: => fixed
* status: assigned => closed

Comment:

In [changeset:"8f84f269353e242e72eea55aa58df92d87df0453" 8f84f26]:
{{{#!CommitTicketReference repository=""
revision="8f84f269353e242e72eea55aa58df92d87df0453"
Fixed #37019 -- Updated login() and logout() to set request.auser.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:6>

[Django]

#37019: Make sync login() and logout() set request.auser if present
-------------------------------------+-------------------------------------
Reporter: Jacob Walls | Owner: Vishy
Type: Bug | Status: closed
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Comment (by Jacob Walls <jacobtylerwalls@…>):

In [changeset:"13322bb31a522f94b1ae6825019b13ff8b7dffa5" 13322bb]:
{{{#!CommitTicketReference repository=""
revision="13322bb31a522f94b1ae6825019b13ff8b7dffa5"
[6.1.x] Fixed #37019 -- Updated login() and logout() to set request.auser.

Backport of 8f84f269353e242e72eea55aa58df92d87df0453 from main.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:7>