On Thursday, January 15, 2015 at 6:03:40 AM UTC-3, Nic West wrote:
>
> Authenticated returns a user instance assumably with the correct hash why
> not do some thing like:
>
> authenticated_user.count = 0
> authenticated_user.save()
Yes, I implemented that fix last night, but I really like the
Yeap. Removing the save() done in solved the issue.
And some component is doing and update() - not a save(). I see in the
Postgresql logs an UPDATE of the hash with the new increment, that includes
only the "password" field.
I thought that autenticate() produced a read operation on the DB... n
I do something like.
# get the user to check tries
user = User.object.get(username=username)
assert user.count <= 3
# authenticate
authenticated_user = authenticate(...)
# auth failed
if not authenticated_user:
user.count++
user.save()
raise
As part of the authentication process, I increment/reset authentication
tries of the user. And to check this, I get the user from the DB before
doing the authentication. I think this is causing me the issue. I reset the
countre of login attempts in an instance of user that is different than the
r value
> Login at /admin/
> Confirm at /admin/auth/user/#/ that the password of the user I logged in
> as reflects the new iteration count.
>
> Maybe there is something different in your setup?
>
> On Wednesday, January 14, 2015 at 4:57:13 PM UTC-5, Horacio G. de Oro
>
d
changed.
Regards!
Horacio
--
Horacio G. de Oro
Email: hgde...@gmail.com
Web: http://www.data-tsunami.com
LinkedIn: https://www.linkedin.com/in/hgdeoro
--
You received this message because you are subscribed to the Google Groups
"Django developers (Contributions to Django itself)" group.
