On 02/23/2012 09:42 AM, Luke Granger-Brown wrote: > It does prove that they've authenticated, in that request.user will > contain an AnonymousUser if they're not logged in, which overrides this > method to always return False. If they are, then they'll get their > actual user, which will return True.
But request.user is far from the only circumstance in which you might have a User instance. And all User instances have this method, not just the one attached to a request by the auth middleware. The method name is only accurate in the latter case. Carl
signature.asc
Description: OpenPGP digital signature
