[Django] #37019: Make sync login() and logout() set request.auser if present
4 views
Skip to first unread message
Django
Apr 2, 2026, 8:59:07 AM (7 days ago) Apr 2
to django-...@googlegroups.com
#37019: Make sync login() and logout() set request.auser if present
-----------------------------+----------------------------------------
Reporter: Jacob Walls | Type: Bug
Status: new | Component: contrib.auth
Version: 5.0 | Severity: Normal
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-----------------------------+----------------------------------------
Analogous to #37017, we should make sync `logout()` clear `request.auser`
if present. If `auser` is not present, I doubt `login()` should set it,
but if it is present, it probably should be set as well.
--
Ticket URL: <https://code.djangoproject.com/ticket/37019>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
-----------------------------+----------------------------------------
Reporter: Jacob Walls | Type: Bug
Status: new | Component: contrib.auth
Version: 5.0 | Severity: Normal
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-----------------------------+----------------------------------------
Analogous to #37017, we should make sync `logout()` clear `request.auser`
if present. If `auser` is not present, I doubt `login()` should set it,
but if it is present, it probably should be set as well.
--
Ticket URL: <https://code.djangoproject.com/ticket/37019>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Apr 3, 2026, 1:56:44 AM (6 days ago) Apr 3
to django-...@googlegroups.com
#37019: Make sync login() and logout() set request.auser if present
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Changes (by Vishy Algo):
* owner: (none) => Vishy Algo
* status: new => assigned
--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:1>
Django
Apr 3, 2026, 4:37:25 AM (6 days ago) Apr 3
to django-...@googlegroups.com
#37019: Make sync login() and logout() set request.auser if present
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
Changes (by Sarah Boyce):
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
* stage: Unreviewed => Accepted
Comment:
Regression tests from the PR discussion if useful
{{{#!diff
--- a/tests/auth_tests/test_middleware.py
+++ b/tests/auth_tests/test_middleware.py
@@ -1,5 +1,7 @@
+from asgiref.sync import sync_to_async
+
from django.conf import settings
-from django.contrib.auth import REDIRECT_FIELD_NAME, alogin, alogout
+from django.contrib.auth import REDIRECT_FIELD_NAME, alogin, alogout,
login, logout
from django.contrib.auth.middleware import (
AuthenticationMiddleware,
LoginRequiredMiddleware,
@@ -68,6 +70,14 @@ class TestAuthenticationMiddleware(TestCase):
auser_second = await self.request.auser()
self.assertEqual(auser_second, self.user2)
+ async def test_auser_after_login(self):
+ self.middleware(self.request)
+ auser = await self.request.auser()
+ self.assertEqual(auser, self.user)
+ await sync_to_async(login)(self.request, self.user2)
+ auser_second = await self.request.auser()
+ self.assertEqual(auser_second, self.user2)
+
async def test_auser_after_alogout(self):
self.middleware(self.request)
auser = await self.request.auser()
@@ -76,6 +86,14 @@ class TestAuthenticationMiddleware(TestCase):
auser_second = await self.request.auser()
self.assertTrue(auser_second.is_anonymous)
+ async def test_auser_after_logout(self):
+ self.middleware(self.request)
+ auser = await self.request.auser()
+ self.assertEqual(auser, self.user)
+ await sync_to_async(logout)(self.request)
+ auser_second = await self.request.auser()
+ self.assertTrue(auser_second.is_anonymous)
+
}}}
I personally think auser may need to be set as using `sync_to_async`
should still be valid and perhaps third-party code may have sync only code
assuming things will work using `sync_to_async`. I understand in your own
project you should use `alogin` instead
--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:2>
Django
Apr 5, 2026, 3:36:04 PM (3 days ago) Apr 5
to django-...@googlegroups.com
#37019: Make sync login() and logout() set request.auser if present
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
------------------------------+--------------------------------------
Reporter: Jacob Walls | Owner: Vishy Algo
Type: Bug | Status: assigned
Component: contrib.auth | Version: 5.0
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
Changes (by Vishy Algo):
Easy pickings: 0 | UI/UX: 0
------------------------------+--------------------------------------
* has_patch: 0 => 1
--
Ticket URL: <https://code.djangoproject.com/ticket/37019#comment:3>
Reply all
Reply to author
Forward
0 new messages