On Feb 12, 5:03 pm, pbzRPA <[email protected]> wrote:
> The middleware looks good. Is your browser maybe not blocking cookies?
> I have really though hard about it, but without code it's really
> difficult to get a picture of where the problem may lie. You also said
> you do custom authentication, then why is it that you printing out the
> request in the django.contrib,auth.views.login?
In settings.py, I also have:
AUTHENTICATION_BACKENDS = ('auth.backends.ldap_backend',)
The following code represents the backend that authenticates against a
LDAP directory. It is working correctly (if the supplied username and
password match, it returns a User -- I've verified this. I'm trying
to not overflow this message with code, hopefully I'm including enough
code to be informative. So basically my understanding is that if I
want to use a different authentication backend, I just specify it
under AUTHENTICATION BACKENDS, and Django will abstract the
authentication and login process as long as my authentication backend
returns a User instance if an entered username and password are
validated. Please see the following code, I'll add some more comments
after it:
class ldap_backend(ModelBackend):
def authenticate(self, username=None, password=None):
if username is not None and password is not None:
<SNIPPED OUT validating username & password in LDAP>
if valid: # valid = True if username & password matched
the LDAP entry
return self.get_user(username)
def get_user(self, username):
try:
return User.objects.get(username=username)
except User.DoesNotExist:
return None
The following is a portion of the django.contrib.auth.login function.
If I supply the correct username and password, the function executes
all the way to returning HttpResponseRedirect. I am showing where I
put in a print statement to show request.user.is_authenticated().
This prints "True".
def login(request, template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME):
"Displays the login form and handles the login action."
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
<SNIP>
print "end %s" % request.user.is_authenticated() # will
be True if username & pw are validated
return HttpResponseRedirect(redirect_to)
Now, here is the code of the view that handles redirect_to:
view.py
def home(request):
context = {'title_prefix' : 'Account Home'}
template = 'accounts/home.html'
rc = RequestContext(request)
return render_to_response(template, context, context_instance=rc)
In this code, if I check request.user.is_authenticated, it returns
False. request.user is actually AnonymousUser. However, if I look at
request.session.items, I see the correct _auth_user_id for the user
that just logged in.
I hope that my code might be helpful. I'm quite perplexed about
what's wrong.
thanks again,
Paul
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
