mirror of
				https://github.com/django/django.git
				synced 2025-10-25 14:46:09 +00:00 
			
		
		
		
	Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser classes. Recommended its use over is_anonymous in the docs. Changed internal Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
		| @@ -20,9 +20,9 @@ | |||||||
|         <div id="branding"> |         <div id="branding"> | ||||||
|         {% block branding %}{% endblock %} |         {% block branding %}{% endblock %} | ||||||
|         </div> |         </div> | ||||||
|         {% if not user.is_anonymous %}{% if user.is_staff %} |         {% if user.is_authenticated and user.is_staff %} | ||||||
|         <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div> |         <div id="user-tools">{% trans 'Welcome,' %} <strong>{% if user.first_name %}{{ user.first_name|escape }}{% else %}{{ user.username }}{% endif %}</strong>. {% block userlinks %}<a href="doc/">{% trans 'Documentation' %}</a> / <a href="password_change/">{% trans 'Change password' %}</a> / <a href="logout/">{% trans 'Log out' %}</a>{% endblock %}</div> | ||||||
|         {% endif %}{% endif %} |         {% endif %} | ||||||
|         {% block nav-global %}{% endblock %} |         {% block nav-global %}{% endblock %} | ||||||
|     </div> |     </div> | ||||||
|     <!-- END Header --> |     <!-- END Header --> | ||||||
|   | |||||||
| @@ -46,7 +46,7 @@ def staff_member_required(view_func): | |||||||
|     member, displaying the login page if necessary. |     member, displaying the login page if necessary. | ||||||
|     """ |     """ | ||||||
|     def _checklogin(request, *args, **kwargs): |     def _checklogin(request, *args, **kwargs): | ||||||
|         if not request.user.is_anonymous() and request.user.is_staff: |         if request.user.is_authenticated() and request.user.is_staff: | ||||||
|             # The user is valid. Continue to the admin page. |             # The user is valid. Continue to the admin page. | ||||||
|             if request.POST.has_key('post_data'): |             if request.POST.has_key('post_data'): | ||||||
|                 # User must have re-authenticated through a different window |                 # User must have re-authenticated through a different window | ||||||
|   | |||||||
| @@ -17,7 +17,7 @@ def user_passes_test(test_func, login_url=LOGIN_URL): | |||||||
|         return _checklogin |         return _checklogin | ||||||
|     return _dec |     return _dec | ||||||
|  |  | ||||||
| login_required = user_passes_test(lambda u: not u.is_anonymous()) | login_required = user_passes_test(lambda u: u.is_authenticated()) | ||||||
| login_required.__doc__ = ( | login_required.__doc__ = ( | ||||||
|     """ |     """ | ||||||
|     Decorator for views that checks that the user is logged in, redirecting |     Decorator for views that checks that the user is logged in, redirecting | ||||||
|   | |||||||
| @@ -126,6 +126,11 @@ class User(models.Model): | |||||||
|         "Always returns False. This is a way of comparing User objects to anonymous users." |         "Always returns False. This is a way of comparing User objects to anonymous users." | ||||||
|         return False |         return False | ||||||
|      |      | ||||||
|  |     def is_authenticated(self): | ||||||
|  |         """Always return True. This is a way to tell if the user has been authenticated in templates. | ||||||
|  |         """ | ||||||
|  |         return True | ||||||
|  |  | ||||||
|     def get_full_name(self): |     def get_full_name(self): | ||||||
|         "Returns the first_name plus the last_name, with a space in between." |         "Returns the first_name plus the last_name, with a space in between." | ||||||
|         full_name = '%s %s' % (self.first_name, self.last_name) |         full_name = '%s %s' % (self.first_name, self.last_name) | ||||||
| @@ -293,3 +298,6 @@ class AnonymousUser(object): | |||||||
|  |  | ||||||
|     def is_anonymous(self): |     def is_anonymous(self): | ||||||
|         return True |         return True | ||||||
|  |      | ||||||
|  |     def is_authenticated(self): | ||||||
|  |         return False | ||||||
|   | |||||||
| @@ -2,10 +2,10 @@ | |||||||
| {% if display_form %} | {% if display_form %} | ||||||
| <form {% if photos_optional or photos_required %}enctype="multipart/form-data" {% endif %}action="/comments/post/" method="post"> | <form {% if photos_optional or photos_required %}enctype="multipart/form-data" {% endif %}action="/comments/post/" method="post"> | ||||||
|  |  | ||||||
| {% if user.is_anonymous %} | {% if user.is_authenticated %} | ||||||
| <p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p> |  | ||||||
| {% else %} |  | ||||||
| <p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="/accounts/logout/">{% trans "Log out" %}</a>)</p> | <p>{% trans "Username:" %} <strong>{{ user.username }}</strong> (<a href="/accounts/logout/">{% trans "Log out" %}</a>)</p> | ||||||
|  | {% else %} | ||||||
|  | <p><label for="id_username">{% trans "Username:" %}</label> <input type="text" name="username" id="id_username" /><br />{% trans "Password:" %} <input type="password" name="password" id="id_password" /> (<a href="/accounts/password_reset/">{% trans "Forgotten your password?" %}</a>)</p> | ||||||
| {% endif %} | {% endif %} | ||||||
|  |  | ||||||
| {% if ratings_optional or ratings_required %} | {% if ratings_optional or ratings_required %} | ||||||
|   | |||||||
| @@ -114,7 +114,7 @@ class CommentListNode(template.Node): | |||||||
|         comment_list = get_list_function(**kwargs).order_by(self.ordering + 'submit_date').select_related() |         comment_list = get_list_function(**kwargs).order_by(self.ordering + 'submit_date').select_related() | ||||||
|  |  | ||||||
|         if not self.free: |         if not self.free: | ||||||
|             if context.has_key('user') and not context['user'].is_anonymous(): |             if context.has_key('user') and context['user'].is_authenticated(): | ||||||
|                 user_id = context['user'].id |                 user_id = context['user'].id | ||||||
|                 context['user_can_moderate_comments'] = Comment.objects.user_is_moderator(context['user']) |                 context['user_can_moderate_comments'] = Comment.objects.user_is_moderator(context['user']) | ||||||
|             else: |             else: | ||||||
|   | |||||||
| @@ -63,7 +63,7 @@ class PublicCommentManipulator(AuthenticationForm): | |||||||
|                 validator_list=get_validator_list(8), |                 validator_list=get_validator_list(8), | ||||||
|             ), |             ), | ||||||
|         ]) |         ]) | ||||||
|         if not user.is_anonymous(): |         if user.is_authenticated(): | ||||||
|             self["username"].is_required = False |             self["username"].is_required = False | ||||||
|             self["username"].validator_list = [] |             self["username"].validator_list = [] | ||||||
|             self["password"].is_required = False |             self["password"].is_required = False | ||||||
|   | |||||||
| @@ -15,7 +15,7 @@ def vote(request, comment_id, vote): | |||||||
|     rating = {'up': 1, 'down': -1}.get(vote, False) |     rating = {'up': 1, 'down': -1}.get(vote, False) | ||||||
|     if not rating: |     if not rating: | ||||||
|         raise Http404, "Invalid vote" |         raise Http404, "Invalid vote" | ||||||
|     if request.user.is_anonymous(): |     if not request.user.is_authenticated(): | ||||||
|         raise Http404, _("Anonymous users cannot vote") |         raise Http404, _("Anonymous users cannot vote") | ||||||
|     try: |     try: | ||||||
|         comment = Comment.objects.get(pk=comment_id) |         comment = Comment.objects.get(pk=comment_id) | ||||||
|   | |||||||
| @@ -22,7 +22,7 @@ def flatpage(request, url): | |||||||
|     f = get_object_or_404(FlatPage, url__exact=url, sites__id__exact=settings.SITE_ID) |     f = get_object_or_404(FlatPage, url__exact=url, sites__id__exact=settings.SITE_ID) | ||||||
|     # If registration is required for accessing this page, and the user isn't |     # If registration is required for accessing this page, and the user isn't | ||||||
|     # logged in, redirect to the login page. |     # logged in, redirect to the login page. | ||||||
|     if f.registration_required and request.user.is_anonymous(): |     if f.registration_required and not request.user.is_authenticated(): | ||||||
|         from django.contrib.auth.views import redirect_to_login |         from django.contrib.auth.views import redirect_to_login | ||||||
|         return redirect_to_login(request.path) |         return redirect_to_login(request.path) | ||||||
|     if f.template_name: |     if f.template_name: | ||||||
|   | |||||||
| @@ -20,7 +20,7 @@ def create_object(request, model, template_name=None, | |||||||
|             the form wrapper for the object |             the form wrapper for the object | ||||||
|     """ |     """ | ||||||
|     if extra_context is None: extra_context = {} |     if extra_context is None: extra_context = {} | ||||||
|     if login_required and request.user.is_anonymous(): |     if login_required and not request.user.is_authenticated(): | ||||||
|         return redirect_to_login(request.path) |         return redirect_to_login(request.path) | ||||||
|  |  | ||||||
|     manipulator = model.AddManipulator(follow=follow) |     manipulator = model.AddManipulator(follow=follow) | ||||||
| @@ -39,7 +39,7 @@ def create_object(request, model, template_name=None, | |||||||
|             # No errors -- this means we can save the data! |             # No errors -- this means we can save the data! | ||||||
|             new_object = manipulator.save(new_data) |             new_object = manipulator.save(new_data) | ||||||
|  |  | ||||||
|             if not request.user.is_anonymous(): |             if request.user.is_authenticated(): | ||||||
|                 request.user.message_set.create(message="The %s was created successfully." % model._meta.verbose_name) |                 request.user.message_set.create(message="The %s was created successfully." % model._meta.verbose_name) | ||||||
|  |  | ||||||
|             # Redirect to the new object: first by trying post_save_redirect, |             # Redirect to the new object: first by trying post_save_redirect, | ||||||
| @@ -86,7 +86,7 @@ def update_object(request, model, object_id=None, slug=None, | |||||||
|             the original object being edited |             the original object being edited | ||||||
|     """ |     """ | ||||||
|     if extra_context is None: extra_context = {} |     if extra_context is None: extra_context = {} | ||||||
|     if login_required and request.user.is_anonymous(): |     if login_required and not request.user.is_authenticated(): | ||||||
|         return redirect_to_login(request.path) |         return redirect_to_login(request.path) | ||||||
|  |  | ||||||
|     # Look up the object to be edited |     # Look up the object to be edited | ||||||
| @@ -113,7 +113,7 @@ def update_object(request, model, object_id=None, slug=None, | |||||||
|         if not errors: |         if not errors: | ||||||
|             object = manipulator.save(new_data) |             object = manipulator.save(new_data) | ||||||
|  |  | ||||||
|             if not request.user.is_anonymous(): |             if request.user.is_authenticated(): | ||||||
|                 request.user.message_set.create(message="The %s was updated successfully." % model._meta.verbose_name) |                 request.user.message_set.create(message="The %s was updated successfully." % model._meta.verbose_name) | ||||||
|  |  | ||||||
|             # Do a post-after-redirect so that reload works, etc. |             # Do a post-after-redirect so that reload works, etc. | ||||||
| @@ -162,7 +162,7 @@ def delete_object(request, model, post_delete_redirect, | |||||||
|             the original object being deleted |             the original object being deleted | ||||||
|     """ |     """ | ||||||
|     if extra_context is None: extra_context = {} |     if extra_context is None: extra_context = {} | ||||||
|     if login_required and request.user.is_anonymous(): |     if login_required and not request.user.is_authenticated(): | ||||||
|         return redirect_to_login(request.path) |         return redirect_to_login(request.path) | ||||||
|  |  | ||||||
|     # Look up the object to be edited |     # Look up the object to be edited | ||||||
| @@ -180,7 +180,7 @@ def delete_object(request, model, post_delete_redirect, | |||||||
|  |  | ||||||
|     if request.method == 'POST': |     if request.method == 'POST': | ||||||
|         object.delete() |         object.delete() | ||||||
|         if not request.user.is_anonymous(): |         if request.user.is_authenticated(): | ||||||
|             request.user.message_set.create(message="The %s was deleted." % model._meta.verbose_name) |             request.user.message_set.create(message="The %s was deleted." % model._meta.verbose_name) | ||||||
|         return HttpResponseRedirect(post_delete_redirect) |         return HttpResponseRedirect(post_delete_redirect) | ||||||
|     else: |     else: | ||||||
|   | |||||||
| @@ -95,7 +95,11 @@ In addition to those automatic API methods, ``User`` objects have the following | |||||||
| custom methods: | custom methods: | ||||||
|  |  | ||||||
|     * ``is_anonymous()`` -- Always returns ``False``. This is a way of |     * ``is_anonymous()`` -- Always returns ``False``. This is a way of | ||||||
|       comparing ``User`` objects to anonymous users. |       differentiating ``User`` and ``AnonymousUser`` objects. Generally, you | ||||||
|  |       should prefer using ``is_authenticated()`` to this method. | ||||||
|  |  | ||||||
|  |     * ``is_authenticated()`` -- Always returns ``True``. This is a way to | ||||||
|  |       tell if the user has been authenticated. | ||||||
|  |  | ||||||
|     * ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``, |     * ``get_full_name()`` -- Returns the ``first_name`` plus the ``last_name``, | ||||||
|       with a space in between. |       with a space in between. | ||||||
| @@ -219,6 +223,7 @@ the ``django.contrib.auth.models.User`` interface, with these differences: | |||||||
|  |  | ||||||
|     * ``id`` is always ``None``. |     * ``id`` is always ``None``. | ||||||
|     * ``is_anonymous()`` returns ``True`` instead of ``False``. |     * ``is_anonymous()`` returns ``True`` instead of ``False``. | ||||||
|  |     * ``is_authenticated()`` returns ``False`` instead of ``True``. | ||||||
|     * ``has_perm()`` always returns ``False``. |     * ``has_perm()`` always returns ``False``. | ||||||
|     * ``set_password()``, ``check_password()``, ``save()``, ``delete()``, |     * ``set_password()``, ``check_password()``, ``save()``, ``delete()``, | ||||||
|       ``set_groups()`` and ``set_permissions()`` raise ``NotImplementedError``. |       ``set_groups()`` and ``set_permissions()`` raise ``NotImplementedError``. | ||||||
| @@ -254,12 +259,12 @@ Once you have those middlewares installed, you'll be able to access | |||||||
| ``request.user`` in views. ``request.user`` will give you a ``User`` object | ``request.user`` in views. ``request.user`` will give you a ``User`` object | ||||||
| representing the currently logged-in user. If a user isn't currently logged in, | representing the currently logged-in user. If a user isn't currently logged in, | ||||||
| ``request.user`` will be set to an instance of ``AnonymousUser`` (see the | ``request.user`` will be set to an instance of ``AnonymousUser`` (see the | ||||||
| previous section). You can tell them apart with ``is_anonymous()``, like so:: | previous section). You can tell them apart with ``is_authenticated()``, like so:: | ||||||
|  |  | ||||||
|     if request.user.is_anonymous(): |     if request.user.is_authenticated(): | ||||||
|         # Do something for anonymous users. |         # Do something for authenticated users. | ||||||
|     else: |     else: | ||||||
|         # Do something for logged-in users. |         # Do something for anonymous users. | ||||||
|  |  | ||||||
| .. _request objects: http://www.djangoproject.com/documentation/request_response/#httprequest-objects | .. _request objects: http://www.djangoproject.com/documentation/request_response/#httprequest-objects | ||||||
| .. _session documentation: http://www.djangoproject.com/documentation/sessions/ | .. _session documentation: http://www.djangoproject.com/documentation/sessions/ | ||||||
| @@ -323,19 +328,19 @@ The raw way | |||||||
| ~~~~~~~~~~~ | ~~~~~~~~~~~ | ||||||
|  |  | ||||||
| The simple, raw way to limit access to pages is to check | The simple, raw way to limit access to pages is to check | ||||||
| ``request.user.is_anonymous()`` and either redirect to a login page:: | ``request.user.is_authenticated()`` and either redirect to a login page:: | ||||||
|  |  | ||||||
|     from django.http import HttpResponseRedirect |     from django.http import HttpResponseRedirect | ||||||
|  |  | ||||||
|     def my_view(request): |     def my_view(request): | ||||||
|         if request.user.is_anonymous(): |         if not request.user.is_authenticated(): | ||||||
|             return HttpResponseRedirect('/login/?next=%s' % request.path) |             return HttpResponseRedirect('/login/?next=%s' % request.path) | ||||||
|         # ... |         # ... | ||||||
|  |  | ||||||
| ...or display an error message:: | ...or display an error message:: | ||||||
|  |  | ||||||
|     def my_view(request): |     def my_view(request): | ||||||
|         if request.user.is_anonymous(): |         if not request.user.is_authenticated(): | ||||||
|             return render_to_response('myapp/login_error.html') |             return render_to_response('myapp/login_error.html') | ||||||
|         # ... |         # ... | ||||||
|  |  | ||||||
| @@ -439,7 +444,7 @@ For example, this view checks to make sure the user is logged in and has the | |||||||
| permission ``polls.can_vote``:: | permission ``polls.can_vote``:: | ||||||
|  |  | ||||||
|     def my_view(request): |     def my_view(request): | ||||||
|         if request.user.is_anonymous() or not request.user.has_perm('polls.can_vote'): |         if not (request.user.is_authenticated() and request.user.has_perm('polls.can_vote')): | ||||||
|             return HttpResponse("You can't vote in this poll.") |             return HttpResponse("You can't vote in this poll.") | ||||||
|         # ... |         # ... | ||||||
|  |  | ||||||
| @@ -605,10 +610,10 @@ Users | |||||||
| The currently logged-in user, either a ``User`` instance or an``AnonymousUser`` | The currently logged-in user, either a ``User`` instance or an``AnonymousUser`` | ||||||
| instance, is stored in the template variable ``{{ user }}``:: | instance, is stored in the template variable ``{{ user }}``:: | ||||||
|  |  | ||||||
|     {% if user.is_anonymous %} |     {% if user.is_authenticated %} | ||||||
|         <p>Welcome, new user. Please log in.</p> |  | ||||||
|     {% else %} |  | ||||||
|         <p>Welcome, {{ user.username }}. Thanks for logging in.</p>     |         <p>Welcome, {{ user.username }}. Thanks for logging in.</p>     | ||||||
|  |     {% else %} | ||||||
|  |         <p>Welcome, new user. Please log in.</p> | ||||||
|     {% endif %} |     {% endif %} | ||||||
|  |  | ||||||
| Permissions | Permissions | ||||||
|   | |||||||
| @@ -106,12 +106,12 @@ All attributes except ``session`` should be considered read-only. | |||||||
|     A ``django.contrib.auth.models.User`` object representing the currently |     A ``django.contrib.auth.models.User`` object representing the currently | ||||||
|     logged-in user. If the user isn't currently logged in, ``user`` will be set |     logged-in user. If the user isn't currently logged in, ``user`` will be set | ||||||
|     to an instance of ``django.contrib.auth.models.AnonymousUser``. You |     to an instance of ``django.contrib.auth.models.AnonymousUser``. You | ||||||
|     can tell them apart with ``is_anonymous()``, like so:: |     can tell them apart with ``is_authenticated()``, like so:: | ||||||
|  |  | ||||||
|         if request.user.is_anonymous(): |         if request.user.is_authenticated(): | ||||||
|             # Do something for anonymous users. |  | ||||||
|         else: |  | ||||||
|             # Do something for logged-in users. |             # Do something for logged-in users. | ||||||
|  |         else: | ||||||
|  |             # Do something for anonymous users. | ||||||
|  |  | ||||||
|     ``user`` is only available if your Django installation has the |     ``user`` is only available if your Django installation has the | ||||||
|     ``AuthenticationMiddleware`` activated. For more, see |     ``AuthenticationMiddleware`` activated. For more, see | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user