-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFoBQ9IBEADlL8eE7fAtA5oUtFT/gA7uNxldBx64O3KMz9UYBjPNA8K8DH9l
3xRBlViqoEiOAm42mHmAB/5/SfKdviWigqQbKYUqDpO0KjPsz6TYjzl29vMnP2ih
DNFEYNh1a8V9CE861k6tHZWD7bqzWYQO4fh/6faY0TaOwNI0sDSlUofQNFsn7Imj
kXwOSeSsdJ+t5FK4AXyVFyTft64hOv0ookWmjPMJpVsY+7snghMKubFiJro47Ji5
TO+GfpiOKVnAl1S4KXGpe4IOr8N0GZrlyoi/tIssKpTK8ihb7rftFjqUeZn3KRNZ
Z6z5DmedVTYHnXWnPN0ePFQUivoDjoIh5wGKXL71zr40ABoM+CdtoOS6c67AIqTP
o8H8HOoijKq3NtKEqqtjYtvsjQernNVIqe1LjCphCt3YTE29n95a6gse7W112+Sw
DXPcTz+MHz/DY7EzsAIyiAefjc3rvuSrtl9qorbFaISDxVH8PYS9patOBAl6vYxC
QFAbKk/8ciJFjgYHneChummciPcgtL8CsKIxTjWoN7ZlJr3ks4HBgnbRQSrw9aDa
lZy0h/YUQ0g1yZri6QyePcjLrC2ehhZBo7jA/0J1ZCFYm8G8PH0yQYKHBHcDbWVG
/ELutsjW3cagskAVOjzcxG9vmNa717JWTjls7LOesoyedhIegkvoACTeVwARAQAB
tCRDaHJpc3RpYW4gRnJhbmtlIDxub2JvZHlAbm93aGVyZS53cz6JAlQEEwEIAD4W
IQSvKRrltpWPpGA4ZxQAMLoat7NpgwUCWrKndgIbAwUJA8JnAAULCQgHAgYVCgkI
CwIEFgIDAQIeAQIXgAAKCRAAMLoat7Npg+ORD/wJSPjZdT7Fusi8bwkKfZ/3ksMX
ojFw4KO7Bj/5xxEwCPpRhTO8TiEw8+LKOvQju3cJZqrC1dQrfoBofL5/8Y2Ndtsg
XQxjhw3+IneR1r4IMrI3bR7uBz3z8R+F0AG6y0lSBccm/lnCR+64JI+/Gc/KDu/d
VHU3B4xzH4x2mnHBROvrD3AEtLpXzC6ejqlKmhC/Nb3i3YvwW9RRa7ylY6MESkUh
ZJIrC1gaAiWgJA0md1RaaTYN59P3j+XFpYsMFs3JUmXSkzr1U/tbY1c67s0GYH+T
4bRC22gkYHzyHh4P4wsXfPGc0wVo/g68EfUuPIWx8Zg2rmlWEPGybeYCYe9bp03N
rWLJyeqn1ZRfpfHP8XnsK5kG9y5i1L/b12XLHum+gUPlAcMqnUczQPSi0hGnqIBZ
rRJXlyg7XDQZSIGY4K7NpD3J7gnmwy4dkMlJ4+aLPktLD1NDtwQ6sfdmkbzD2FDr
74PwvJmXgU42sO5pGw+de589cHOYK3wfWji0rErOOqPz2K7IkBA4zU7BphuI9Kv2
uHrgIq2OpnoqlfcziyLQ6Cr47Fj1LShGAaT8ZC/8K4Ocd0wW8dUQoCTyFKjjp9lb
p9LR4yaZ693otaBmzMCXnI9hFZenRkUht+PwxxHcoctm45Y5dlbTIJSC650kNhgi
mMYkj4QaXZceYhRMdokCMwQTAQoAHRYhBDC5M9gPzj2YGi04+wyZtw70/LsHBQJa
s/EUAAoJEAyZtw70/LsHnz4QAJj+PbPTAxkpf51LmfgtAd8DoDPjw6/vnGKMcSEW
SPyCOt0KdrB6XcsYBP+7H4mXHj4x7AQ1w4D/2jD34H7gQu+VJgMyqVa7rifx1g8p
DhkkxbzUBuIsEXhnDftHO3Z6D4G03jCixK/rYscD7mqzWyp+GT5iU0/8Ci6kj7pD
YDpx6T45XapmEElABp6L+WwFYFXpiVloAdMS5nxID2d+NBQhMjlwie41ZoUoyhVs
EXG8EDNCyik7iIZadLGWgKO2RbFvyphG3CYS6gwQOnZrhEY/cDI/4n69g8ts6MLW
3EOZC7VzB+I3HL7KvHjpgJ1Y2ihzpcgqgCVtmTl5zdzNj26IXyYRcmsOH1EVvyKk
5zEHwCxS/Z0JKPoIdFhKQm6VhzzS00GTLxCB6clou8Y36YgWPdL1a/jf/VcSeVJO
qTDPh+iWXOfWhAnYrw4+GXQRQV6F0T/jl3pCb5EBYevtBbmKYvXa+i/yrvhWQ3qq
3Xd3jS9/vDWTcNApwo41NFuM3ZyeV4Ri4dOCHneGHRI48npXMCb1VXVzlZEozfes
MchRqOWPnUZa+9Lr2YqTaR62vsHhrT3aWyrP6TQUU4ObRtPBvlEgr6YWvGG0VQUL
2Vhu/HBvsJPSvIjjtdjalFKkFfMyswgLkh2R3W1t0mTbhqNnwBY1JT8M1Iv7RE5b
UXDviHUEExYKAB0WIQScDCLV4+zCjGNYJITz3gQA4UFO6QUCWrPxJAAKCRDz3gQA
4UFO6ZX9AQD1g/Ah4acJ0PKN6A90ca/R5aTkKniAvo1UFbvfNAgf5AD/fH5NkAvR
PvNNjpxJCj71WXBTQOrSB1rKABwbG/56tgm0LkNocmlzdGlhbiBGcmFua2UgPGNo
cmlzQG9wZW5zb3VyY2Vyb3V0aW5nLm9yZz6JAlQEEwEIAD4WIQSvKRrltpWPpGA4
ZxQAMLoat7NpgwUCW1TFDAIbAwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIX
gAAKCRAAMLoat7Npg7NNEAClceCNGDAzojvdhHL8rWLYIjf/Gl+LyVon8nv13BLI
VhEBqIDFZScnXfFOAu8HqfY8YeTv8AehBxR206jCPPbQ1XJpBCJ6/ZmqGGDlv+1m
8HqBu+JFzbmRNdFQHzm6pbbrb7831splwx0ZemVuS/MsUaEYAU2EGqhaCC7+XilG
+qRzhsxezyvBcPM5iH++VaVf/MQRPeWrCLn2WReend4GgMr0PquOYlgaoRPG1V82
Y+Qxof9F4LhLrWeO/jyWIcyrMTwzToGi/LmUNvMwaeaCvvBOt/XmK7zVbzglyVCk
9qh5N723+BZzl63VARxpbMPFNXkaVwSJGzoUfms+d5x6CdMS9i56DK83PKpRa/h9
30M/5ex9naVUYgb8SSXhl7Bb0MIk7MrftgimFXySoWrzZ25efpSxDNaCnSRYTbhG
2ph5qRcZhU7EYV5ZTw6iiTpK6hq/HlniHY9VajEnvtDDrH7UScja60p7/umAuiKx
q+LodQiGSBzMIkXcz5iBpKNeEoKbFnwyGUN74pAodgzQBD70NtKosXsVa2mUj4cx
xfsfC7G42l0sRQMeMRyY8TcYhBxRJcqioctLW+5VnekcOkIUsqak3kQga8H3/Nje
s+xMT1+A18BIk2YXR4f4s8Frz8fZAtDeNsEv/D96IdHBo4AUaAfljhFiJL8gdbkf
t7QgTmllbWFuZCBIaWVyIDxub2JvZHlAbm93aGVyZS53cz6JAlQEEwEIAD4WIQSv
KRrltpWPpGA4ZxQAMLoat7NpgwUCWgFD0gIbAwUJA8JnAAULCQgHAgYVCAkKCwIE
FgIDAQIeAQIXgAAKCRAAMLoat7Npgw19EAC1yEN50D+BOJNZWcUObuigGsGSfYjJ
sSx8yOBydFDWUtjMLvIx2aI+Evy7abWFEPKob3xT9MJfrNAQgFSguzhNnX98E0Rm
L/keVpTLsrVyt3L589K2KJaCGLAbrnI6Xv9S3jvqpXj9UlcJDowdHzgq2H6c0IBk
+O9kE48w4ZHLP2RC86dh7MZ8yekGebbuXfiZhfp9BM8O6RAy9Y075QFM4ldmQGQQ
eL1Z2Oh0wIjBd2JX050Q5UblHeNi4Gi8u+7LPrfezgh+q7RSnrtPk/kf8hY1+dDc
nCeMjmLHu7hvihrV3voXa+ICHWaj7xaYsnRZVjY+LKm6kv8OUwT97uhvcArUIHWF
nsGMXI6oTG1MLFBTMIJHX1CDqUGxEgYHkNyqmTFK/yq0no+4ay8c+gFCNKBk9hiJ
Os6ZqVMqqT7L4mxxTqz8MHtgFUjdi4U5/nnTT/Q6uZ6i72Q091eQINpYZ2fBQTy2
/jSFz0Ylrwpug1FpNv03oy118RMaVAF8QbW8mwQfXd88kcqG/cUY0wlNF1HrYJiL
J7VTRemQTsdB0r3Ehc/ta2ACUzu8UJq9smOjhIPjCr3atlqqlpOsilelgr40XDZe
RENiZLUTrJlhzD4f3CfSf5REddrnBydDnEo+OQGiklQmzKULmoiVcZUX4hZla2pb
RB/BNo559+wBnbkCDQRaAUPSARAAlmtYf/GPUfzZ3484vwS8di6jlc/TpqY0cv9L
6KEM/eNtb8UZwwAdAtz6PB8KhMi5AyjIp/rw0DKMnLq1+BUo4lBQReJMg9BYcmB8
ZAHDglBKcY9Pl4yn/nKRCKWsXH8tW4krQFdJ4PE4+UDcaX5+ung4plmjFOhqZnEH
OQZOSdhELyk9H7WKtCcAHGro8M9amdS9ht17L41WRLazTQEoTzjzYKmHBhWlrSvb
FLWWFhC/pT0iuTLDPWHbg6Ge1uSiEworpwM8H6XTCxtuinc0NIYwc3KKVznZNuCi
VNs29Spzhn8xTzPhCVkS3Z/TjNomEZUJ6jJXGEgAGbFM+j5i2xShDLUktzwVBd18
bwppe9R7z9d4yv+zaPymFJCpWmSF3jJdqvIM1GqQvkW/hPXcAE/CYzoWwunPmrBl
WxVJvx/TmB4qst9jewf57H1b78srMe1gG1vwamABN3/HIiPyWDQZ6tAeBgJ+z93g
XnokvSm28IkZgw+Yt4OFbuUfmTvd0j1NLQvIporzVMwY+p21vZVsq8LZPZxEkfTX
PzVNlrf102FPsvAnSN3sxsbzheRBXfQ7EBcyX9ldBg37bxa+IDavugLV8GqwPcj+
oLs640oC+XLJ/nuK1Mpwh5jCHE0ppUSOqZlH62/dTccTEiTuBwZjaj4g1dVADXvT
iN6SeAsAEQEAAYkCPAQYAQgAJhYhBK8pGuW2lY+kYDhnFAAwuhq3s2mDBQJaAUPS
AhsMBQkDwmcAAAoJEAAwuhq3s2mDi3gP/0GRa7DpMeyN5bOTtQknC7rqzIyyu5LM
YoWW5EcGtfilECPgv78a3SW5BPtuVujGk00qf/OI8DHMOsbsRlqZheRxe6h5gL+f
0zQyKDKtNlwhT/WIN+Vc9L1SSjFgZNYUuABXtJqNBaSme5LtpWVzD8Cs4cNyxEVx
NKgPn8dd9Oo9oInf8ZeZ8rlb/nuttIrCvEaaLK8+B0RW5BtLhnmFO2d6crHFkSTW
50FBbB/CvWXUw598mgdhdYgNmM+ZZVADDJu/rIsnpqloAEfLO3DKjJwmHyMQjFRx
HQfKkI+BBVZf/s02D/T2wm67CiyvFYAIqHRRbtizVMddlZxe3hxew2kLdIzg63aX
m+LK1iz1o2bEQnKHqcpv2thWfiAdcs/Aenp3vwvJ5DAusv/FYDQ1/thQ7ZbnxsKb
bv9MBPJvpyvqTxhsAYje87d2+C0EHKz4OTZC8yNMUgY5yJxEqW5XrvF8L0bNba78
HV8j1RWa0xWsPYrjHnzQGR1jKBzvWUYgHihiZmNmDGVD5X+UQ3PgG6Yb4SzrM25p
tVK1oSWSbV5Lp+H3rI9MjzlVs1mL5g8dBLGZ6N4mA7+em/KNU9z1R3ydBZgjSQkb
CKi9UN0i8I02NDKuUTWKI0j6rDPtkCI9NsCezEKTo7nrp6Hgxgm4afvLNoN2pJG6
Rzg3ewQRnjal
=7jTS
-----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEryka5baVj6RgOGcUADC6GrezaYMFAl2KKpYACgkQADC6Grez
aYPLEBAAopehiJMRLEcilrHZ22RONyahcpt8qEunRmURe3Si0DE+mdA0eWb3VepM
8WEiNDYQE9/+1APhuuR+UGgckw2me6fy0tikOGQv9p25wWzjEu1/g+ZJNH/db3LG
kKGSNssuC428hl4Comu2YNh2wDO5UGovcF5BGevZvgq7LaDOZH/9LNX2Bmf3ueZl
qgRq/EQ098SmWmPl+DGrZjehY4/7S2d1V9KRQhytIAT2GcRBBdiVLCU17DAAgFTW
6Gbv9JSkKdYXaDTNzY65C6/fry5GQVd2PKG/0QUgZiIT2Z5SgwOyX18M0A8S2WHn
Qpw4rHqLsMJbpFNKjmNMusdJma/PSjjIvsJjcYNnxIvcbeRMms5fRnQXwAaPiuDe
zjRIxIEhc8a+8mYwjydBdxeB3qf7k8Sj50tBLCixf66RJIB75gJjpbeuFPEY+2XJ
rWkimxoJBijV0jCYcHc+SYhebwUGMY/qhe9xz2e9zrXiP7eIQDqXYcnnpH3BPHxn
ESMnsfXPWbNcWjV1cobFhXQ0wsHgtF4Eo6OVB7dIq/sFtbirszFPp6v9htmjif0K
7aWIU01fg+L7Jo1yJsAQcY0FCdLPN10HrxRKDg9I15lwtnim6e3NTxGujRJyXwWu
xvqfeZwypmrUQCHcODTylISBLD+yJMk+hooRa84VCNhtptS3kBM=
=t9hC
-----END PGP SIGNATURE-----
Hello,
I am a bit confused about the relation and separation of
responsibilities between `AuthenticationForm.confirm_login_allowed` and
`ModelBackend.user_can_authenticate`.
When `AuthenticationForm` is used together with `ModelBackend`, we will
never call `AuthenticationForm.confirm_login_allowed` for an inactive
account, because `ModelBackend.authenticate` will never return an
inactive user, as `ModelBackend.user_can_authenticate` will return
`False` for inactive users. So the error message "This account is
inactive." is never shown for this combination of Form and Backend, and
the error message will always be about an incorrect password.
When `AuthenticationForm` is combined with `AllowAllUsersModelBackend`,
`AuthenticationForm.confirm_login_allowed` will be called and raise a
validation error for inactive accounts, because they are returned from
the backend, leading to the error message "This account is inactive."
Given that `AuthenticationForm.confirm_login_allowed` exists the way
that it does, it seems like there are valid configurations in which the
form has the responsibility to determine the user's authorization to log in.
However, it seems quite dangerous to me to leave it up to the form to
deny login to users, e.g. because there might be other ways of
authentication that are not using AuthenticationForm.
So my question would be: Under which circumstances is it a good idea to
leave such authorization decisions up to the form/what setup did the
original authors have in mind when writing `confirm_login_allowed`?
All Best,
Chris
--
I like PGP. How about:
curl -slf https://nowhere.ws/nowhere.asc | gpg --import -
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/63909bc7-221a-f269-5b5d-eed461b0c9fe%40nowhere.ws.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment